https://bugs.linuxfoundation.org/show_bug.cgi?id=1289
Bug #: 1289
Summary: Any reason "NONE" and "NOASSERTION" are not valid
licenses as per Appendix IV?
Product: SPDX
Version: 2.0
Platform: All
OS/Version: All
Status: NEW
Severity: enhancement
Priority: P2
Component: Spec
AssignedTo: [email protected]
ReportedBy: [email protected]
Classification: Unclassified
In sections 3.12, 3.13, and 3.14, the terms "NONE" and "NOASSERTION" are
allowed but not "valid as per Appendix IV".
This has led to a thread of issues in the node.js SPDX module and npm, e.g.,
https://github.com/kemitchell/spdx.js/issues/11
The issue is whether or not a test for a valid license should treat "NONE" and
"NOASSERTION" as valid. From the spec, it appears that they are allowed and
hence functionally valid, but not technically "valid" as per the appendix.
I apologize if this is a hornets nest that has been discussed ad infinitum, but
the ambiguity about "validity" of "NONE" and "NOASSERTION" is an odd edge case
that happens to now have a small, but real, impact on my regular use of node
and npm in development.
Is this something that might be worth fixing in a subsequent revision? Or maybe
explained in the FAQ?
--
Configure bugmail: https://bugs.linuxfoundation.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.
_______________________________________________
Spdx-tech mailing list
[email protected]
https://lists.spdx.org/mailman/listinfo/spdx-tech
