Comments (2)
@AyanSinhaMahapatra Please add the following license and associated rules:
key: nist-nvd-api-tou
name: NIST NVD API Terms of Use
shortname: NIST NVD API TOU
owner: NIST
category: Permissive
url: https://nvd.nist.gov/developers/request-an-api-key
spdx: LicenseRef-scancode-nist-nvd-api-tou
notes:
Services which utilize or access the NVD API are asked to display the following notice prominently within the application: "This product uses the NVD API but is not endorsed or certified by the NVD." If you modify the content accessed through the API, you may not attribute the source as the NVD.
text:
Terms of Use
The National Vulnerability Database (NVD) was created by the National Institute of Standards and Technology (NIST) and is being made available as a public service. The NVD offers some of its public data in machine-readable format via an Application Programming Interface ("API"). This service is offered subject to this Terms of Use and NIST Website Policies (collectively, the "Terms of Use" or "TOU").
Use
The NVD API is intended to be used to develop a service or services to search, display, analyze, retrieve, view and otherwise "get" information from NVD data.
Examples of specific use cases are described in the guidance on the NVD’s website. Enterprise scale development that uses the NVD should consult this guidance.
Attribution
Services which utilize or access the NVD API are asked to display the following notice prominently within the application: "This product uses the NVD API but is not endorsed or certified by the NVD."
You may use the NVD name in order to identify the source of API content subject to these rules. You may not use the NVD name, to imply endorsement of any product, service, or entity, not-for-profit, commercial or otherwise.
Modification or False Representation of Content
If you modify the content accessed through the API, you may not attribute the source as the NVD.
Use Limitations
Your use of the API may be subject to certain limitations on access, calls, or use as set forth within these Agreements or otherwise provided by the NVD. If the NVD’s administrators believe that you have attempted to exceed or circumvent these limits, or misuse access to this system, your ability to access the API and/or the NVD may be temporarily or permanently blocked. The NVD may monitor your use of the API to improve the service or to ensure access limitations are not exceeded.
Without an API key, you may make a number of queries equal to the public rate limits posted at nvd.nist.gov/developers. More than the public rate limit requires that you register for an API key. The key will become part of your data request. Keys should not be used by, or shared with, individuals or organizations other than the original requestor.
Queries from a business or organization having multiple requestors might employ a proxy service or firewall. This may make all of the users of that business or organization to appear to have the same IP address. If multiple employees were making queries, the rate limits are for the user’s proxy server/firewall, not the individual user.
A unique API key is suggested for any mobile or web application that makes a number of requests based on dynamically changing information. Rate limits may be reached by the total number of requests from all instances when the application queries the NVD API, even if multiple users access your application through different IP addresses.
Disclaimer of Warranties
The API is provided "as is" and on an "as-available" basis. The NVD hereby disclaim all warranties of any kind, express or implied, including without limitation the warranties of merchantability, fitness for a particular purpose, and non-infringement. The NVD makes no warranty that the API will be error free or that access thereto will be continuous or uninterrupted.
No Waiver
The NVD’s failure to exercise or enforce any right or provision of these Terms of Use shall not constitute waiver of such right or provision.
from scancode-toolkit.
Added this, closing!
from scancode-toolkit.
Related Issues (20)
- Verify license detections in kernel `/Documentation/process/license-rules`
- Add new incorrect SPDX license ids from typos in Fedora and elsewhere: GPL-3.0-or-only and LGPL-3.0-or-only HOT 1
- Improve license detection for wrong SPDX license identifiers HOT 3
- ScanCode times out on scanning a file with very long lines
- SCTK detects gpl-1.0-plus with insufficient evidence HOT 1
- Have ScanCode output conformant to OpenChain Telco SBOM Guide HOT 4
- Improve splitting lists of copyright holders
- Improve detection of pypi packages
- Use full medata of PyPI packages for license detection
- Consider package context and default licenses to resolve unknown licenses and license versions (like for the GPL)
- Slow index creation on Python 3.13 under some circumstances HOT 2
- LicenseRef-scancode-proprietary-license is reported for correct BSD3-Clause HOT 2
- SCTK detecting mongodb-sspl-1.0 in the OpenSearch README incorrectly
- Compatibility with pathlib
- Custom rules are not detected or applied without custom license HOT 3
- Add Oracle oracle-free-2021 license
- Ignored dotdirs are included in output file HOT 1
- incorrect license detected
- Incorrect extracted requirement when parsing yarn.lock
- Add test for False positive GPL3 license (not a bug)
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from scancode-toolkit.