On Tue, Nov 15, 2022 at 11:05 AM Todd Zullinger <tmz@xxxxxxxxx> wrote: > > Neal Gompa wrote: > > On Tue, Nov 15, 2022 at 6:24 AM Miro Hrončok <mhroncok@xxxxxxxxxx> wrote: > >> Do we have a command line tool for this? Does licensecheck support SPDX > >> identifiers? > >> > >> (I find the use of browser extension for this very weird. I have the LICENSE > >> file unpackaged with the sources on my machine, I am not browsing it on the web.) > > > > licensecheck supports SPDX, you just have to run it with > > "--shortname-scheme spdx". > > In my recent & limited experience, licensecheck did not > produce valid SPDX output in many cases. As an example, > take a file with the following license header: > > /* > * test-run-command.c: test run command API. > * > * (C) 2009 Ilari Liusvaara <ilari.liusvaara@xxxxxxxxxxx> > * > * This code is free software; you can redistribute it and/or modify > * it under the terms of the GNU General Public License version 2 as > * published by the Free Software Foundation. > */ > > I expect it to return GPL-2.0-only, but it returns GPL-2: > > $ licensecheck --shortname-scheme spdx t/helper/test-run-command.c > t/helper/test-run-command.c: GPL-2 > That is DEP-5 SPDX(ish) identifiers, which is what Debian uses for debian/copyright files. I am a bit surprised it gives DEP-5 for "spdx", but since the tool is from Debian, I guess it makes some sense... The identifier is considered valid, as SPDX GPL-2.0 is considered equivalent to DEP-5 GPL-2, and SPDX-3.0 GPL-2.0-only is equivalent to SPDX-2.0 GPL-2.0. Cf. https://wiki.debian.org/Proposals/CopyrightFormat > I did not see any files in the git source labeled with the > appropriate SPDX identifier for GPL-2.0*. Similar for LGPL. > For BSD-3-Clause, licensecheck used a lower-case C, which > then fails to match a valid license in rpmlint. > > Am I missing something obvious or does licensecheck not work > as expected? This is with licensecheck-3.3.0-2.fc36.noarch. > licensecheck does not follow/use SPDX-License-Identifier at all. It predates that scheme. -- 真実はいつも一つ!/ Always, there's only one truth! _______________________________________________ devel mailing list -- devel@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe send an email to devel-leave@xxxxxxxxxxxxxxxxxxxxxxx Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/devel@xxxxxxxxxxxxxxxxxxxxxxx Do not reply to spam, report it: https://pagure.io/fedora-infrastructure/new_issue
