New license: TOMORROW OPEN SOURCE TECHNOLOGY LICENSE 1.0

[hesa]

Found a (to me) new license:

• name: TOMORROW OPEN SOURCE TECHNOLOGY LICENSE 1.0
• URL: https://disneystreaming.github.io/TOST-1.0.txt

This license is very much close to Apache-2.0.

• TOST license states: The Tomorrow Open Source Technology License 1.0 differs from the original Apache License 2.0 in the following manner. The scope of the trademark grant in section 6 is different.
• The first rows differ between the licenses
• The indentation differ between the licenses
• Apache-2.0 contains information (after END OF TERMS AND CONDITIONS) about how to apply the license to your work.

Apache-2.0, section 6

6. Trademarks. This License does not grant permission to use the trade
names, trademarks, service marks, or product names of the Licensor,
except as required for reasonable and customary use in describing the
origin of the Work and reproducing the content of the NOTICE file.

TOST-1.0, section 6

6. Trademarks. This License does not grant permission to use the trade
names, trademarks, service marks, or product names of the Licensor and
its affiliates, except as required to comply with Section 4(c) of the
License and to reproduce the content of the NOTICE file.

Apache-2.0, text about applying the license to your work

APPENDIX: How to apply the Apache License to your work.

To apply the Apache License to your work, attach the following boilerplate notice, with the f\
ields enclosed by brackets "[]" replaced with your own identifying information. (Don't includ\
e the brackets!)  The text should be enclosed in the appropriate comment syntax for the file \
format. We also recommend that a file or class name and description of purpose be included on\
 the same "printed page" as the copyright notice for easier identification within third-party\
 archives.

Copyright [yyyy] [name of copyright owner]

Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at

http://www.apache.org/licenses/LICENSE-2.0

Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.

[DennisClark]

@hesa thank you for logging this issue. The license with the modified trademarks clause was originally identified at
https://scancode-licensedb.aboutcode.org/pixar.html and has an SPDX ID of Pixar.
It is also mentioned as part of this issue:
#4173 (comment)

[hesa]

Oh, nice. I really should have looked closer at the results and noticed that "my" URL (https://disneystreaming.github.io/TOST-1.0.txt) above indeed is identified as pixar.

However, scancode also identifies the following unknown-license-reference AND apache-2.0.

To reproduce:

pip install scarfer
mkdir to-scan
curl https://raw.githubusercontent.com/PixarAnimationStudios/OpenSubdiv/v3_5_0/LICENSE.txt -LJ -o to-scan/pixar.txt
curl https://disneystreaming.github.io/TOST-1.0.txt  -LJ -o to-scan/disney.txt
scancode -clipe  --license-text --license-text-diagnostics --classify --license-clarity-score --json-pp to-scan/license-scan.json to-scan/
scarfer -dde to-scan/license-scan.json  -l

Which outputs

Files:
----------------------------
to-scan/disney.txt: ['pixar AND (unknown-license-reference AND apache-2.0)']
to-scan/pixar.txt: ['pixar']

[DennisClark]

Hi @hesa Please open a new issue in https://github.com/aboutcode-org/scancode-toolkit/issues for the license detection problem that you discovered, thanks.

[DennisClark]

@AyanSinhaMahapatra It appears that SCTK is detecting too many licenses because of the references to Apache 2.0 in the TOSL notice. Please investigate to see if refinements to the Rules are needed.