Skip files that describe licenses for other content
Scancode detects license expressions in all files without considering any semantic meaning of the files.
In our experience, the following files tend to contain license information about other content and have found that they can just be skipped during analysis.
- META-INF/DEPENDENCIES
- META-INF/DEPENDENCIES.txt
- META-INF/NOTICE
- META-INF/NOTICE.txt
- package-lock.json
That is, our experience is that these files do not describe licenses of the content that contains them.
Note that we do periodically update this list. It is currently hard-coded in the Dash License Tool Backend scanner.