Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Commas included in SPDX license expressions instead of 'AND' #1223

Closed
rnjudge opened this issue Mar 14, 2023 · 0 comments · Fixed by #1225
Closed

Commas included in SPDX license expressions instead of 'AND' #1223

rnjudge opened this issue Mar 14, 2023 · 0 comments · Fixed by #1225
Labels
spdx Issues related to the SPDX formatting of Tern reports

Comments

@rnjudge
Copy link
Contributor

rnjudge commented Mar 14, 2023

When trying to validate an SPDX file from the ubuntu:latest image the resulting file does not validate due to error:

Analysis exception processing SPDX file: Invalid license expression.  Expecting more operands.
License expression: 'LGPL-2.1+, GPL-2.0+, LGPL-2.0+'

This is because the license expression should use AND instead of commas: LGPL-2.1+ AND GPL-2.0+ AND LGPL-2.0+

PackageName: libprocps8
SPDXID: SPDXRef-libprocps8-2-3.3.17-6ubuntu2
PackageVersion: 2:3.3.17-6ubuntu2
PackageSupplier: Organization: Ubuntu
PackageDownloadLocation: NOASSERTION
FilesAnalyzed: false
PackageLicenseConcluded: NOASSERTION
PackageLicenseDeclared: LGPL-2.1+, GPL-2.0+, LGPL-2.0+
PackageCopyrightText:<text>
@rnjudge rnjudge added the spdx Issues related to the SPDX formatting of Tern reports label Mar 15, 2023
@rnjudge rnjudge mentioned this issue Mar 20, 2023
Closed
rnjudge added a commit to rnjudge/tern that referenced this issue Mar 20, 2023
@rnjudge
Invalid chars included in SPDX declared licenses
ad77b92 
Tern was including commas and other invalid characters in SPDX license
expressions which resulted in failed validation for generated SPDX docs.
This commit removes the inappropriate characters and
replaces them with valid ones (i.e. swapping `&` for `and`) before
checking if a license expression is valid. It also updates the related
function descriptions and comments for clarity.

Fixes: tern-tools#1223

Signed-off-by: Rose Judge <[email protected]>
@rnjudge rnjudge mentioned this issue Mar 20, 2023
Merged
rnjudge added a commit that referenced this issue Mar 20, 2023
@rnjudge
Invalid chars included in SPDX declared licenses
6be6976 
Tern was including commas and other invalid characters in SPDX license
expressions which resulted in failed validation for generated SPDX docs.
This commit removes the inappropriate characters and
replaces them with valid ones (i.e. swapping `&` for `and`) before
checking if a license expression is valid. It also updates the related
function descriptions and comments for clarity.

Fixes: #1223

Signed-off-by: Rose Judge <[email protected]>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
spdx Issues related to the SPDX formatting of Tern reports
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

Invalid chars included in SPDX declared licenses rnjudge/tern
1 participant
@rnjudge