Re: New tool - license-validate

Tue, 04 Jan 2022 12:33:56 -0800 

On Tue, Jan 04, 2022 at 03:21:20PM -0500, Neal Gompa wrote:

On Tue, Jan 4, 2022 at 3:10 PM Robbie Harwood <rharw...@redhat.com> wrote:


Neal Gompa <ngomp...@gmail.com> writes:

> On Tue, Jan 4, 2022 at 2:25 PM Robbie Harwood <rharw...@redhat.com> wrote:
>>
>> Neal Gompa <ngomp...@gmail.com> writes:
>>
>> > SPDX expression logic is identical to Fedora's, so that will not
>> > change.
>>
>> I don't believe that's correct.
>>
>> For instance, for the LGPL, SPDX uses "LGPL-2.0-only" and
>> "LGPL-2.0-or-later", while Fedora currently uses "LGPLv2" and "LGPLv2+".
>>
>> (From https://spdx.org/licenses/ and
>> https://fedoraproject.org/wiki/Licensing:Main )
>>
>
> Those are the identifiers, not the *logic*. SPDX and Fedora both use
> the same boolean logic terms ("and"/"or"/"with") and support
> parenthetical expressions. Fedora mandates lowercase, SPDX doesn't
> care, but examples historically are uppercase. Fedora will retain its
> expression logic system, complete with lowercase terms (since that
> makes the expressions more readable).

Fine, but that's misleading in this context.  Right now the tool flags
(and therefore bugs have been filed for) the identifiers as well.


Yes, and those should still happen. I'm saying that what
license-validate *does* and the code written for it will be useful
with SPDX identifiers or Fedora ones, because the meat of the tool
(the logical parsing and handling) would be the same.


I feel like I'm missing something, but rpminspect has been doing what
license-validate does for years now.  It's ready for SPDX expressions.
Results show up for Fedora builds in Zuul.  Or you can run it locally.

Thanks,

--
David Cantrell <dcantr...@redhat.com>
Red Hat, Inc. | Boston, MA | EST5EDT
_______________________________________________
devel mailing list -- devel@lists.fedoraproject.org
To unsubscribe send an email to devel-le...@lists.fedoraproject.org
Fedora Code of Conduct: 
https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: 
https://lists.fedoraproject.org/archives/list/devel@lists.fedoraproject.org
Do not reply to spam on the list, report it: 
https://pagure.io/fedora-infrastructure























					Reply via email to