LicenseRef-Proprietary or LicenseRef-proprietary?

[pwithnall]

The specification uses different case in its prose and examples, for the LicenseRef-[pP]roprietary tag.

Which is correct?

See also: https://gitlab.gnome.org/GNOME/gnome-software/-/issues/1161

[hughsie]

If it helps, fwupd and the LVFS uses LicenseRef-proprietary

[ximion]

Interesting. SPDX itself says LicenseRef should be matched case-sensitive, while the license-id part should be matched case-insensitive. I do thing AppStream should give a recommendation here though, especially since libappstream itself actually performs case-sensitive SPDX-ID matching... (in fact, it matches operators (AND/OR/...) case-insensitively, while IDs are case-sensitive, the exact opposite of what SPDX recommends :-P)
It's weird to match this thing case-insensitive while everything else is case-sensitive though, so I thing the AppStream spec should definitely give a recommendation here (or possible just mandate something, the less moving parts we have, the better).

The odd situation we have here is that we kind of need to diverge from the current SPDX specification a bit, as we can't use their recommendation for specifying external license texts (that was added after AppStream already supported a different syntax).
A quick search yielded that free and proprietary are the most common spellings for this, so to not break too much stuff, I think we should just encode that capitalization as default.
I would also like to add this algorithm to determine freeness and details about a custom license:

• If no LicenseRef is present, run as_license_is_free_license on the license, if that returns TRUE assume free license, otherwise assume proprietary license.
• If LicenseRef is present, split the license-ID part from it.
• If the ID is proprietary, assume proprietary and split the license-URL from it (after the = sign, e.g. LicenseRef-proprietary=https://example.com/my-license.html) and link to that for license info.
• If the ID is free, assume a free license, split the URL from the expression again and link it
• If the ID is neither equal to free nor proprietary, check the ID with as_license_is_free_license. If that returns TRUE, treat the license as verbatim free license and link it to the SPDX license page. If the check returns FALSE, assume a non-free license and proceed just as if the ID had been proprietary.

Would that make sense to you? Note that LicenseRef-proprietary=<url> is actually already in use. To help with getting information from a LicenseRef, AppStream could add a helper method that does the steps mentioned above to get information about a license (that way, not every software center would have to duplicate this and possibly implement it slightly differently).

[ximion]

Actually, it looks like AppStream already implements this this way, and does ignore case-sensitivity of proprietary by simple not checking it explicitly.
So, if you run as_license_is_free_license against any SPDX license expression, this function should tell you whether the license is free as considered by OSI or FSF.
If you run as_get_license_url against a license-ID it will give you the URL to link to.
I think this could be refined further with some better API, and I also think the casing should be specified explicitly, but when using the functions libappstream provides you should already get the desired result today (unless there's bugs ^^).

[pwithnall]

I’ve opened #310 to make the casing consistent in the spec, which should fix the immediate issue. I don’t plan to work on any further cleanups, additional examples, clarifications, etc. in the spec or libappstream code.

[ximion]

I don't expect anyone to work on anything unless they explicitly stated so.
@pwithnall Thanks for the patch - I will add a sentence to the spec explicitly stating that parsing for this is case-sensitive, to remove any ambiguity that may still exist.
That should likely be enough to address this issue (as_license_is_free_license can still be improved a bit, I think, but that's a separate task).

[ximion]

With this being explicitly mentioned in the spec now, and GNOME Software using as_license_is_free_license, I think we can close this issue and handle any future issues in dedicated issue reports.
Thank you very much for raising this! (getting rid of papercuts and confusion like this from the spec is very important to me)