Invalid SPDX license identifier used in file #31938
Labels
area: Modules
bug
The issue is a bug, or the PR is fixing a bug
Licensing
The PR has licensing issues => licensing expert to review
platform: nRF
Nordic nRFx
priority: high
High impact/importance bug
Milestone
Describe the bug
An invalid SPDX license identifier is being specified in
https://github.com/zephyrproject-rtos/openthread/blob/zephyr/third_party/NordicSemiconductor/libraries/nrf_security/config/nrf-config.h
SPDX-License-Identifier: BSD-3-Clause OR Arm’s non-OSI source license
The phrase "Arm's non-OSI source license" is not a valid SPDX license identifier.
To Reproduce
The problem is in the source files, and needs to be addressed there.
Expected behavior
Valid SPDX license identifier from https://spdx.org/licenses/ should be used, or
a "LicenseRef-" identifier should be created and used. Details on the "LicenseRef-" syntax can be found in https://spdx.github.io/spdx-spec/6-other-licensing-information-detected/#61-license-identifier should be used in the expression
Impact
Serious - this breaks tooling working to summarize the licenses for the sources and generate SPDX documents.
Logs and console output
Environment (please complete the following information):
The problem can be seen in the source file.
Additional context
This same problem can also be seen in:
FileName: ./modules/lib/openthread/third_party/NordicSemiconductor/libraries/nrf_security/include/mbedtls/ccm_alt.h
FileName: ./modules/lib/openthread/third_party/NordicSemiconductor/libraries/nrf_security/include/mbedtls/chacha20_alt.h
FileName: ./modules/lib/openthread/third_party/NordicSemiconductor/libraries/nrf_security/include/mbedtls/chachapoly_alt.h
FileName: ./modules/lib/openthread/third_party/NordicSemiconductor/libraries/nrf_security/include/mbedtls/ecp_alt.h
FileName: ./modules/lib/openthread/third_party/NordicSemiconductor/libraries/nrf_security/include/mbedtls/platform_alt.h
FileName: ./modules/lib/openthread/third_party/NordicSemiconductor/libraries/nrf_security/include/mbedtls/poly1305_alt.h
FileName: ./modules/lib/openthread/third_party/NordicSemiconductor/libraries/nrf_security/include/mbedtls/sha1_alt.h
FileName: ./modules/lib/openthread/third_party/NordicSemiconductor/libraries/nrf_security/include/mbedtls/sha256_alt.h
FileName: ./modules/lib/openthread/third_party/NordicSemiconductor/libraries/nrf_security/include/mbedtls/threading_alt.h
The text was updated successfully, but these errors were encountered: