Dennis Clark

@pombredanne we should definitely simplify these license expressions by removing duplicates when possible.

or maybe the link should be part of floatover help for the `Score` column in the table. See attached image.

I think we have two closely-related issues then: * what does Severity mean and how should we explain/present it, and * a bug, I think, that we do not return...

Discussion item: it is probably time to focus on CVSS v3 scoring and to drop (completely) CVSS v2 scoring.

More comments. Following the various links in the VULCOID-6P7 example, it seems to me that we should always try to return the calculated CVSS3 number, followed by its Label, and...

Here is some pertinent input from @mjherzog CVSS is owned and managed by [FIRST.Org](http://first.org/), Inc. (FIRST), a US-based non-profit organization, whose mission is to help computer security incident response teams...

basically we are talking about applying a category to a license_expression, so that the category of the Exception influences the category of the expression, thus simplifying and improving the review...

see https://scancode-licensedb.aboutcode.org/dos32a-extender.html

consider as a general principle that the category of the exception overrides the category of the license to which it is applied

however, that assumes that the categories of the exceptions are correct -- should be reviewed. and we need to consider that a License Expression has its own Category; in other...