REUSE compliance of fosslight/fosslight_source_scanner

Unfortunately, github.com/fosslight/fosslight_source_scanner is not REUSE compliant and does not fully adopt the recommendations to make software licensing easy for humans and machines alike. Have a look at our tutorial to learn about the three simple steps to become REUSE compliant.

Badge

To add the badge to your project's README.md file, use the following snippet: 

[![REUSE status](https://api.reuse.software/badge/github.com/fosslight/fosslight_source_scanner)](https://api.reuse.software/info/github.com/fosslight/fosslight_source_scanner)

Machine-readable information

The API provides machine-readable artifacts for automatic analysis.

  • All information about the latest compliance check can also be accessed via a machine-parsable JSON file.
  • You can gather the automatically generated SPDX SBOM in Tag:Value format, based on the reuse spdx command.

Last lint output

Commit 5ea3d72811123468bf277cf4d580a2f8059f746f was checked on 24 Oct 2025 08:59:28 UTC with the following result: 

/opt/venv/lib/python3.11/site-packages/reuse/project.py:332: PendingDeprecationWarning: '.reuse/dep5' is deprecated. You are recommended to instead use REUSE.toml. Use `reuse convert-dep5` to convert.
  warnings.warn(
/opt/venv/lib/python3.11/site-packages/reuse/project.py:332: PendingDeprecationWarning: '.reuse/dep5' is deprecated. You are recommended to instead use REUSE.toml. Use `reuse convert-dep5` to convert.
  warnings.warn(
# MISSING LICENSES

'Apache-2.0"' found in:
* tests/scancode_raw.json
'LicenseRef-MIT-like"' found in:
* tests/scancode_raw.json

# INVALID SPDX LICENSE EXPRESSIONS

'tests/scancode_raw.json' contains invalid SPDX License Expressions:
* Apache-2.0"
* LicenseRef-MIT-like"

# SUMMARY

* Bad licenses: 0
* Deprecated licenses: 0
* Licenses without file extension: 0
* Missing licenses: Apache-2.0", LicenseRef-MIT-like"
* Unused licenses: 0
* Used licenses: Apache-2.0, Apache-2.0", LicenseRef-MIT-like, LicenseRef-MIT-like", MIT
* Read errors: 0
* Invalid SPDX License Expressions: 2
* Files with copyright information: 43 / 43
* Files with license information: 43 / 43

Unfortunately, your project is not compliant with version 3.3 of the REUSE Specification :-(


# RECOMMENDATIONS

* Fix missing licenses: For at least one of the license identifiers provided by
  the 'SPDX-License-Identifier' tags, there is no corresponding license text
  file in the 'LICENSES' directory. For SPDX license identifiers, you can simply
  run 'reuse download --all' to get any missing ones. For custom licenses
  (starting with 'LicenseRef-'), you need to add these files yourself.
* Fix invalid SPDX License Expressions: In one or more files there are SPDX
  License Expressions which cannot be parse. Check whether the value that
  follows 'SPDX-License-Identifier:' is correct. If the detected expression is
  not meant to be valid, put it between 'REUSE-IgnoreStart' and 'REUSE-
  IgnoreEnd' comments.