New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
project_license and SPDX #122
Comments
|
This really should say SPDX expression, because that's what we support. The parser is AFAIR reading both upper- and lowercase and/or, but that's an implementation thing that shouldn't be in the spec. So yeah, the text should be clarified there. |
|
Awesome. I've read a bit more and as it turns out one needs to support both upper case and lower case for SPDX anyway. Which seems to be the case from a quick look at as-spdx.c. So it's just a matter of tweaking the docs then, I'll prep a commit. |
Previously the doc was a bit ambiguous about the actual format employed for licenses. The format expectation is the actual SPDX license expression format as described in the SPDX specification. Clearly state this and point to the specification URL for reference on the format. Additionally, while SPDX must be parsed as case-insensitive it's considered best practice to use strict-casing in examples, so change to that. Closes ximion#122
Previously the doc was a bit ambiguous about the actual format employed for licenses. The format expectation is the actual SPDX license expression format as described in the SPDX specification. Clearly state this and point to the specification URL for reference on the format. Additionally, while SPDX must be parsed as case-insensitive it's considered best practice to use strict-casing in examples, so change to that. Closes #122
I have a bit of a question regarding the SPDX usage for appstream.
The appstream documentation says about
project_license:That seems a bit ambiguous to me. "SPDX format" would be the SPDX license expression format as the identifiers themselves aren't actually following a specified rule from what I can see. That does however not seem to be what is actually expected by appstream here.
A SPDX license expression would be this:
(LGPL2.1+ AND (GPL2.0+ WITH Bisonexception2.2)) OR GPL3.0The example in the appstream documentation goes on to contract this with
LGPL-3.0+ and GPL-3.0+Which is an expression containing SPDX license identifiers but not a valid SPDX expression (SPDX expression requires upcased AND/OR), so I am guessing the intention is a custom combination syntax with SPDX license identifiers.
If so, I think the documentation ought to say
That being said, however. I would like to make a case that
project_licenseshould, in fact, be changed to SPDX expression syntax. The current format with and/or is deficient in that it doesn't define how to combine an exception with a license. i.e. you cannot defineGPL2.0+ WITH Bisonexception2.2.Now, one could add that but then you might as well just go implement the expression syntax as the only other difference is bracketing, which isn't too exciting but still has its uses.
Deferring to the SPDX license expression syntax would allow passing SPDX license information verbatim from other sources. Such as auto-generating appstream data from other metadata sources (which is what we do, for example, for Plasma applets as they already have different metadata). In addition to that it would fully standardize the license expressions. So, a common SPDX parser implementation could be used to parse appstream license info etc.
The text was updated successfully, but these errors were encountered: