Tootfinder

Maybe we should establish a "maintenance.md" practice just like "readme.md" or "LICENSE" where you just clearly outline the amount of maintenance the project/development team are planning to put into the code base and under which conditions.
I have seen that a few times but maybe it should be more of a standard.

We were trying to import and add as source the vulnerability database of GitLab into vulnerability-lookup as a new feed.
But we discovered the license terms
https://gitlab.com/gitlab-org/security-products/gemnasium-db/-/blob/master/LICENSE.md

LICENSE.md · master · GitLab.org / security-products / advisory-database · GitLab
The GitLab Advisory Database, used in GitLab Ultimate Dependency Scanning and Container Scanning.