#960665 licensecheck: license patterns: cover all SPDX licenses

#960665#5
Date:
2018-07-25 00:30:03 UTC
From:
To:
Hi,

it would be great if licensecheck would support SPDX-License-Identifier
headers.
See
https://spdx.org/licenses/
https://spdx.org/sites/cpstandard/files/pages/files/using_spdx_license_list_short_identifiers.pdf

#960665#10
Date:
2019-01-07 10:48:16 UTC
From:
To:
This would indeed be helpful.

libtommath is now using SPDX-License-Identifier [1]
and licensecheck extracts no useful information.

All the best

Dod

[1] https://github.com/libtom/libtommath/commit/18355de6259488dea58a2d608c9aa2fa1f3cbd58

#960665#15
Date:
2019-06-24 21:32:19 UTC
From:
To:
Hi there,

are the any news here?
Judging from
https://codesearch.debian.net/search?q=SPDX-License-Identifier
SPDX-License-Identifier usage seems to be quite significant already.

Regards,
Michael

#960665#20
Date:
2020-05-15 09:17:35 UTC
From:
To:
Quoting Michael Biebl (2019-06-24 23:32:19)

Licensecheck does not yet support SPDX-License-Identifier, no.

I agree that it is quite valuable, and it _will_ get implemented.

Quoting Dominique Dumont (2019-01-07 11:48:16)
is licensed as Unlicense which is not yet known to Licensecheck, and
Licensecheck does not yet track alien licenses.

Licenses covered can be seen with "man Regexp::Pattern::License" -
probably useful to expose that information to licensecheck itself.

Sorry for the lack of response till now.

 - Jonas

#960665#31
Date:
2023-05-12 14:36:31 UTC
From:
To:
Good morning,

 Attached please find your PDF account statement and invoice as of 05/11/2023. Please notice you have a past due balance  for invoice IN0099203.

 Please provide payment as soon as possible.




 Best Regards,
 Shawneen Chisholm
 Accounts Receivable Coordinator

 UNITED RENTALS, INC.
Branch L02 BONNYVILLE
4920 56TH AVE
BONNYVILLE AB T9N 2N8 CA
780-826-7610


 CONFIDENTIALITY NOTICE: The contents of this email message and any attachments are intended solely for the addressee(s). This may contain confidential and/or privileged information and may be legally protected from disclosure. If you are not the intended recipient of this message, please alert the sender immediately by reply email and then delete this message and any attachments. Any disclosure, reproduction, distribution or other use of this message or any attachments by an individual or entity other than the intended recipient is prohibited

#960665#36
Date:
2025-04-08 07:50:56 UTC
From:
To:
Hello,
please let me add one additional item to this feature.

Assuming SPDX license names are supported and the tool is able to
specifically parse for SPDX-fields.
In this case only that SPDX fields should be considered.
Other licenses strings, e.g. in comments, should be ignored.

See as a good example
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=960665

The problem here is that the whole project does offer SPDX meta data and
"reuse lint" is green on all files.
But one file "serviceHelper.py" does have comments about the license
history of that file. Some other licenses
are named just of historical reasons. License checker does consider that
strings, too. That is the problem.

And by the way: Licensecheck do not need to parse SPDX fields by itself.
Use "reuse" for that. I opened an issue at "reuse" to support machine
readable license infos. https://github.com/fsfe/reuse-tool/issues/1164

#960665#41
Date:
2025-04-08 08:42:45 UTC
From:
To:
Hi c,

Quoting c.buhtz@posteo.jp (2025-04-08 09:50:56)

Thank you for your contribution here, but please beware that it is not
easily actionable the way you provide it.

I encourage you to file separate bugreports for each actionable point
that you make, targeted the Debian package suitable for acting on it.

It seems you are not talking about changes to licensecheck, but instead
talking about the different tool reuse.  For that, please file a
bugreport against the pseudo-package "wnpp" as described here:
https://www.debian.org/devel/wnpp/#l1

If you want licensecheck to (by itself) detect only SPDX license names
then please file a separate issue about that.

If you want licensecheck to not check licenses but call out to reuse
instead, then please file a separate issue describing how that is
actionable for licensecheck.

In other words, please post to *this* bugreport only for information
relevant to the issue of *extending* licensecheck to cover SPDX
notation.


Kind regards,

 - Jonas