On 8/17/25 3:19 PM, Jelle van der Waa wrote:
Hi All,Some time ago we decided to adopt SPDX license identifiers in the license array of PKGBUILD's. Without having progress reports its hard to know what the current status is, so I made a little script with some borrowed logic from namcap. [1]This uses expac to extract the licenses array from the local package sync db (/var/lib/pacman/sync). The unknown / invalid entries are emitted on stderr and stdout contains JSON data to be consumed by whatever tool you might suit you :-)A test run on my machine gave the following output, in summary: [2] * invalid: 62 * unknown: 4743I hope having an easy script to collect statistics will move the conversion process forward. But do note that the original RFC does not yet tackle the `custom` license question. [3][1] https://github.com/jelly/Dotfiles/blob/master/bin/arch-spdx-statistics[2] https://gist.githubusercontent.com/jelly/ c5b790c3b1223f91362d956d50401e93/ raw/0d14618fa3853c27571fc32af708efa34bd3674d/gistfile1.txt [3] https://rfc.archlinux.page/0016-spdx-license-identifiers/ #unresolved-questions
Nice work, but I have two questions to this:1. Is there / will there be some pkgctl command to check this before you can change the license in a PKGBUILD similar to `pkgctl license check` for the license of the files in the pkg git repository?
2. Wouldn't it be a good idea to put all the packages that are not compliant yet into a TODO list so everyone gets a notification that their packages were added and that they should work on this?
Best regards Segaja
OpenPGP_signature.asc
Description: OpenPGP digital signature
