To this question yes people are running many different analyses. The most common are larger companies who are building products and worry about larger liabilities. Unfortunately, by the terms of most of these tools, the results are not allowed to be shared publicly. Though they are not prevented from filing very, specific, tickets, if there’s something that they might want to be cleaned up or clarified. Or directly messaging developers to ask to improve or add clarification to the codebase. And some are more straight forward: ROS GNU GPL v1.2 issue
There have also been some discussions in the past about aggregating results like this. A few good starting points.
ROS-I 2016 Training and Conference slides on " “Understanding License Compatibility and Compliance Risks & Processes in Free and Open Source Software” Catharina Maracke - Software Compliance Academy" from this thread: ROS2 and DDS IPR issues - #9 by gbiggs
There’s been discussions of this in the QA working group: How to link license (clearing) information to ROS packages? - #7 by ArneF
Which has evolved into the previously mentioned: