SPDX license matching is incorrectly case-sensitive #7039

DaveRandom · 2018-01-25T10:38:28Z

My composer.json:

{
  "name": "vendor/package",
  "license": "mit"
}

Output of composer diagnose:

Checking composer.json: WARNING
License "mit" is not a valid SPDX license identifier, see https://spdx.org/licenses/ if you use an open license.
/** stuff */

According to section 4 of the SPDX license matching guidelines:

All upper case and lower case letters should be treated as lower case letters

This issue is also causing packagist to fail updating from webhooks and manually, for example when I press "Update" here I get an error message stating:

Skipped branch master, Invalid package information:
License "mit" is not a valid SPDX license identifier, see https://spdx.org/licenses/ if you use an open license.
If the software is closed-source, you may use "proprietary" as license.

The text was updated successfully, but these errors were encountered:

phadej · 2018-07-13T16:11:27Z

Note: spdx/spdx-spec#63 The issue is still open.

DaveRandom mentioned this issue Jan 25, 2018

Make license ID comparisons case-insensitive composer/spdx-licenses#19

Merged

alcohol added the Bug label Jan 25, 2018

Seldaek added this to the 1.6 milestone Jan 30, 2018

Seldaek closed this as completed in 9b3ab48 Jan 31, 2018

sol mentioned this issue Jul 13, 2018

Ignore case when matching SPDX identifiers haskell/cabal#5432

Closed

4 tasks

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

SPDX license matching is incorrectly case-sensitive #7039

SPDX license matching is incorrectly case-sensitive #7039

DaveRandom commented Jan 25, 2018 •

edited

phadej commented Jul 13, 2018

SPDX license matching is incorrectly case-sensitive #7039

SPDX license matching is incorrectly case-sensitive #7039

Comments

DaveRandom commented Jan 25, 2018 • edited

phadej commented Jul 13, 2018

DaveRandom commented Jan 25, 2018 •

edited