Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Fix license specification, to support cargo deny and cargo about #240

Closed
cbeck88 opened this issue Mar 26, 2023 · 1 comment
Closed

Fix license specification, to support cargo deny and cargo about #240

cbeck88 opened this issue Mar 26, 2023 · 1 comment

Comments

@cbeck88
Copy link

cbeck88 commented Mar 26, 2023
edited
Loading

Many people are now using cargo deny to keep track of what licenses are in their dependency tree:

Currently, mbedtls crate has Apache-2.0/GPL-2.0+ listed as its license in Cargo.toml.

However, this is not a valid SPDX expression anymore -- GPL-2.0+ was deprecated in favor of GPL-2.0-or-later, in the latest versions of the spec.

https://spdx.org/licenses/

This results in errors with cargo deny:

error[unlicensed]: mbedtls = 0.8.1 is unlicensed
  ┌─ mbedtls 0.8.1
  │
2 │ name = "mbedtls"
  │         ^^^^^^^ a valid license expression could not be retrieved for the crate
3 │ version = "0.8.1"
4 │ license = "Apache-2.0 OR GPL-2.0+"
  │                                 - a GNU license was followed by a `+`

Suggestion: Change this to Apache-2.0/GPL-2.0-or-later to be help automated tools and downstream users
@cbeck88 cbeck88 mentioned this issue Mar 26, 2023
Closed
@Taowyoo
Copy link
Collaborator

Taowyoo commented May 10, 2023

Fixed by #263

@Taowyoo Taowyoo closed this as completed May 10, 2023
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@cbeck88 @Taowyoo