On Wed, Jan 05, 2022 at 02:59:33AM +0100, Miroslav Suchý wrote:
Dne 04. 01. 22 v 21:03 David Cantrell napsal(a):
>One of the difficult things with the Fedora abbreviations is that
>tokens can have spaces in them. For example, the Apache 2.0 license
>in Fedora is called "ASL 2.0". This makes it really hard to work with
>in software.
>
>Likewise, we have historically allowed full expressions through that
>contain otherwise forbidden licenses. For example, many Perl module
>packages use the License tag "GPL+ or Artistic" so in a way that
>entire expression is treated as a token.
>
>This information is currently captured in this JSON file (not the
>original author, but I make use of the file):
>
>https://github.com/rpminspect/rpminspect-data-fedora/blob/master/licenses/fedora.json
>
>rpminspect's license check uses this data to validate the License tag
>in RPM headers based on the rules as they exist in the packaging
>guidelines plus the assorted expressions we have historically allowed
>through that would not otherwise validate.
*nod*
The string
'GPL+ or Artistic or MIT'
evaluates license-validate as correct, while rpminspect results that as bad license.
But this expression is not valid. It would be valid as
(GPL+ or Artistic) or MIT
--
David Cantrell <dcantrell(a)redhat.com>
Red Hat, Inc. | Boston, MA | EST5EDT