[jira] [Commented] (MNG-6677) Ability to declare machine-readable license identifier for project
[ https://issues.apache.org/jira/browse/MNG-6677?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17788190#comment-17788190 ] Peter Monks commented on MNG-6677: -- Apologies for Lazarus'ing this issue, but I just want to reinforce how important it is that SPDX License Expressions are modeled somewhere in a future version of the POM, regardless of what values may exist in {{}} sub-elements. The existing model has two fundamental issues that impact downstream tools that attempt to consume this information: # the current sub-elements of {{}} aren't validated, and there's an enormous variation in the quality of data in those sub-elements in the real world (on Maven Central and other artifact repositories) # in the presence of multiple {{}} elements, it's impossible for downstream tooling to infer whether the conjunction between those licenses is a logical {{AND}} or a logical {{OR}} SPDX License Expressions elegantly solve both problems, while still providing an "escape hatch" for licenses that are not listed by SPDX themselves; the so-called {{{}LicenseRef{}}}, and (as of SPDX v3.0) {{{}AdditionRef{}}}, constructs. > Ability to declare machine-readable license identifier for project > -- > > Key: MNG-6677 > URL: https://issues.apache.org/jira/browse/MNG-6677 > Project: Maven > Issue Type: Improvement > Components: POM >Affects Versions: 3.6.1 >Reporter: Vladimir Sitnikov >Priority: Major > Fix For: Issues to be reviewed for 4.x > > > Current model for license is something, yet it is not machine-friendly. > Developers tend to put random data into > {{..}}, and it is hard to analyze in > automatic way. > What if we could use SPDX license identifiers/expressions for license > information? > Note: currently POM allows to list multiple tags, and it is not > clear how they should be treated (and? or?). So a machine-readable field > should probably allow for AND/OR license expressions. > So it would be nice if there was a way to declare a machine-readable license > tag. > I'm not affiliated with SPDX, however OSGi use those ids: > https://osgi.org/specification/osgi.core/7.0.0/framework.module.html#framework.module-bundle-license -- This message was sent by Atlassian Jira (v8.20.10#820010)
[jira] [Commented] (MNG-6677) Ability to declare machine-readable license identifier for project
[ https://issues.apache.org/jira/browse/MNG-6677?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17346919#comment-17346919 ] Romain Manni-Bucau commented on MNG-6677: - During the migration time it can if mixed licenses are used but im sure we can update it to merge to spdx naming for known string - at least asf exception - so does not look like a blocker to me. > Ability to declare machine-readable license identifier for project > -- > > Key: MNG-6677 > URL: https://issues.apache.org/jira/browse/MNG-6677 > Project: Maven > Issue Type: Improvement > Components: POM >Affects Versions: 3.6.1 >Reporter: Vladimir Sitnikov >Priority: Major > Fix For: Issues to be reviewed for 4.x > > > Current model for license is something, yet it is not machine-friendly. > Developers tend to put random data into > {{..}}, and it is hard to analyze in > automatic way. > What if we could use SPDX license identifiers/expressions for license > information? > Note: currently POM allows to list multiple tags, and it is not > clear how they should be treated (and? or?). So a machine-readable field > should probably allow for AND/OR license expressions. > So it would be nice if there was a way to declare a machine-readable license > tag. > I'm not affiliated with SPDX, however OSGi use those ids: > https://osgi.org/specification/osgi.core/7.0.0/framework.module.html#framework.module-bundle-license -- This message was sent by Atlassian Jira (v8.3.4#803005)
[jira] [Commented] (MNG-6677) Ability to declare machine-readable license identifier for project
[ https://issues.apache.org/jira/browse/MNG-6677?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17346877#comment-17346877 ] Michael Osipov commented on MNG-6677: - MPIR's license report. Aggregation will be broken. > Ability to declare machine-readable license identifier for project > -- > > Key: MNG-6677 > URL: https://issues.apache.org/jira/browse/MNG-6677 > Project: Maven > Issue Type: Improvement > Components: POM >Affects Versions: 3.6.1 >Reporter: Vladimir Sitnikov >Priority: Major > Fix For: Issues to be reviewed for 4.x > > > Current model for license is something, yet it is not machine-friendly. > Developers tend to put random data into > {{..}}, and it is hard to analyze in > automatic way. > What if we could use SPDX license identifiers/expressions for license > information? > Note: currently POM allows to list multiple tags, and it is not > clear how they should be treated (and? or?). So a machine-readable field > should probably allow for AND/OR license expressions. > So it would be nice if there was a way to declare a machine-readable license > tag. > I'm not affiliated with SPDX, however OSGi use those ids: > https://osgi.org/specification/osgi.core/7.0.0/framework.module.html#framework.module-bundle-license -- This message was sent by Atlassian Jira (v8.3.4#803005)
[jira] [Commented] (MNG-6677) Ability to declare machine-readable license identifier for project
[ https://issues.apache.org/jira/browse/MNG-6677?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17346856#comment-17346856 ] Romain Manni-Bucau commented on MNG-6677: - > Yes, ti will, all reporting for license will be broken because they don't use >the current canonical display name. Likely not since current value is a free text, they will just use it as a free text and work the same. Such tools already don't match the exact text but pattern (Apache.*2 for ex) so it is a win and no real drawbacks AFAIK. Any example of broken tool with this move? > Ability to declare machine-readable license identifier for project > -- > > Key: MNG-6677 > URL: https://issues.apache.org/jira/browse/MNG-6677 > Project: Maven > Issue Type: Improvement > Components: POM >Affects Versions: 3.6.1 >Reporter: Vladimir Sitnikov >Priority: Major > Fix For: Issues to be reviewed for 4.x > > > Current model for license is something, yet it is not machine-friendly. > Developers tend to put random data into > {{..}}, and it is hard to analyze in > automatic way. > What if we could use SPDX license identifiers/expressions for license > information? > Note: currently POM allows to list multiple tags, and it is not > clear how they should be treated (and? or?). So a machine-readable field > should probably allow for AND/OR license expressions. > So it would be nice if there was a way to declare a machine-readable license > tag. > I'm not affiliated with SPDX, however OSGi use those ids: > https://osgi.org/specification/osgi.core/7.0.0/framework.module.html#framework.module-bundle-license -- This message was sent by Atlassian Jira (v8.3.4#803005)
[jira] [Commented] (MNG-6677) Ability to declare machine-readable license identifier for project
[ https://issues.apache.org/jira/browse/MNG-6677?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17346785#comment-17346785 ] Michael Osipov commented on MNG-6677: - Yes, ti will, all reporting for license will be broken because they don't use the current canonical display name. > Ability to declare machine-readable license identifier for project > -- > > Key: MNG-6677 > URL: https://issues.apache.org/jira/browse/MNG-6677 > Project: Maven > Issue Type: Improvement > Components: POM >Affects Versions: 3.6.1 >Reporter: Vladimir Sitnikov >Priority: Major > Fix For: Issues to be reviewed for 4.x > > > Current model for license is something, yet it is not machine-friendly. > Developers tend to put random data into > {{..}}, and it is hard to analyze in > automatic way. > What if we could use SPDX license identifiers/expressions for license > information? > Note: currently POM allows to list multiple tags, and it is not > clear how they should be treated (and? or?). So a machine-readable field > should probably allow for AND/OR license expressions. > So it would be nice if there was a way to declare a machine-readable license > tag. > I'm not affiliated with SPDX, however OSGi use those ids: > https://osgi.org/specification/osgi.core/7.0.0/framework.module.html#framework.module-bundle-license -- This message was sent by Atlassian Jira (v8.3.4#803005)
[jira] [Commented] (MNG-6677) Ability to declare machine-readable license identifier for project
[ https://issues.apache.org/jira/browse/MNG-6677?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17346633#comment-17346633 ] Romain Manni-Bucau commented on MNG-6677: - What about these 2 actions: 1. make asf parent using the normalized name 2. add to our xsd completion capability for known licenses (normalized fashion) this way no breaking change and we still support custom licenses but we enable and encourage normalized values. > Ability to declare machine-readable license identifier for project > -- > > Key: MNG-6677 > URL: https://issues.apache.org/jira/browse/MNG-6677 > Project: Maven > Issue Type: Improvement > Components: POM >Affects Versions: 3.6.1 >Reporter: Vladimir Sitnikov >Priority: Major > Fix For: Issues to be reviewed for 4.x > > > Current model for license is something, yet it is not machine-friendly. > Developers tend to put random data into > {{..}}, and it is hard to analyze in > automatic way. > What if we could use SPDX license identifiers/expressions for license > information? > Note: currently POM allows to list multiple tags, and it is not > clear how they should be treated (and? or?). So a machine-readable field > should probably allow for AND/OR license expressions. > So it would be nice if there was a way to declare a machine-readable license > tag. > I'm not affiliated with SPDX, however OSGi use those ids: > https://osgi.org/specification/osgi.core/7.0.0/framework.module.html#framework.module-bundle-license -- This message was sent by Atlassian Jira (v8.3.4#803005)
[jira] [Commented] (MNG-6677) Ability to declare machine-readable license identifier for project
[ https://issues.apache.org/jira/browse/MNG-6677?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16861498#comment-16861498 ] Michael Osipov commented on MNG-6677: - I think we cannot enfore anything at the moment, you should make up something on your own. > Ability to declare machine-readable license identifier for project > -- > > Key: MNG-6677 > URL: https://issues.apache.org/jira/browse/MNG-6677 > Project: Maven > Issue Type: Improvement > Components: POM >Affects Versions: 3.6.1 >Reporter: Vladimir Sitnikov >Priority: Major > Fix For: Issues to be reviewed for 4.x > > > Current model for license is something, yet it is not machine-friendly. > Developers tend to put random data into > {{..}}, and it is hard to analyze in > automatic way. > What if we could use SPDX license identifiers/expressions for license > information? > Note: currently POM allows to list multiple tags, and it is not > clear how they should be treated (and? or?). So a machine-readable field > should probably allow for AND/OR license expressions. > So it would be nice if there was a way to declare a machine-readable license > tag. > I'm not affiliated with SPDX, however OSGi use those ids: > https://osgi.org/specification/osgi.core/7.0.0/framework.module.html#framework.module-bundle-license -- This message was sent by Atlassian JIRA (v7.6.3#76005)
[jira] [Commented] (MNG-6677) Ability to declare machine-readable license identifier for project
[ https://issues.apache.org/jira/browse/MNG-6677?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16861468#comment-16861468 ] Vladimir Sitnikov commented on MNG-6677: {quote}This still does not the id of the license in the list. {quote} The point of field is to provide machine-readable meaning. In other words, it is intentional that I don't put "Tomcat BSD-Style License" to expression. Does that answer the question? PS. We could just have a small conversation over zoom/hangout if you think that would be faster. PPS. I do get the topic is complicated, and I'm really sorry it takes time to type/read :-/ PPPS. All this thread appeared for me when I was trying to verify third-party licenses for Apache JMeter. > Ability to declare machine-readable license identifier for project > -- > > Key: MNG-6677 > URL: https://issues.apache.org/jira/browse/MNG-6677 > Project: Maven > Issue Type: Improvement > Components: POM >Affects Versions: 3.6.1 >Reporter: Vladimir Sitnikov >Priority: Major > > Current model for license is something, yet it is not machine-friendly. > Developers tend to put random data into > {{..}}, and it is hard to analyze in > automatic way. > What if we could use SPDX license identifiers/expressions for license > information? > Note: currently POM allows to list multiple tags, and it is not > clear how they should be treated (and? or?). So a machine-readable field > should probably allow for AND/OR license expressions. > So it would be nice if there was a way to declare a machine-readable license > tag. > I'm not affiliated with SPDX, however OSGi use those ids: > https://osgi.org/specification/osgi.core/7.0.0/framework.module.html#framework.module-bundle-license -- This message was sent by Atlassian JIRA (v7.6.3#76005)
[jira] [Commented] (MNG-6677) Ability to declare machine-readable license identifier for project
[ https://issues.apache.org/jira/browse/MNG-6677?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16861464#comment-16861464 ] Vladimir Sitnikov commented on MNG-6677: {quote}As an alternative, you can reuse the name element to write your SPDX ID. Isn't that enough for the moment? {quote} I tried that, however there are lots of "license variations". For instance: [http://jtidy.sourceforge.net/license.html] It is not a "standard" license. So it is somewhat expected to list that license in pom.xml as {code:xml} Java HTML Tidy License http://jtidy.sourceforge.net/license.html {code} For most of the cases (all?) it would be equivalent to BSD-3-Clause, however it would probably be incorrect to label the license as just BSD-3-Clause. That is why I'm inclined that name/url seem to be not that bad, and it would probably make sense to have a field for "machine-readable effective meaning" of the license. > Ability to declare machine-readable license identifier for project > -- > > Key: MNG-6677 > URL: https://issues.apache.org/jira/browse/MNG-6677 > Project: Maven > Issue Type: Improvement > Components: POM >Affects Versions: 3.6.1 >Reporter: Vladimir Sitnikov >Priority: Major > > Current model for license is something, yet it is not machine-friendly. > Developers tend to put random data into > {{..}}, and it is hard to analyze in > automatic way. > What if we could use SPDX license identifiers/expressions for license > information? > Note: currently POM allows to list multiple tags, and it is not > clear how they should be treated (and? or?). So a machine-readable field > should probably allow for AND/OR license expressions. > So it would be nice if there was a way to declare a machine-readable license > tag. > I'm not affiliated with SPDX, however OSGi use those ids: > https://osgi.org/specification/osgi.core/7.0.0/framework.module.html#framework.module-bundle-license -- This message was sent by Atlassian JIRA (v7.6.3#76005)
[jira] [Commented] (MNG-6677) Ability to declare machine-readable license identifier for project
[ https://issues.apache.org/jira/browse/MNG-6677?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16861456#comment-16861456 ] Michael Osipov commented on MNG-6677: - This still does not the id of the license in the list. > Ability to declare machine-readable license identifier for project > -- > > Key: MNG-6677 > URL: https://issues.apache.org/jira/browse/MNG-6677 > Project: Maven > Issue Type: Improvement > Components: POM >Affects Versions: 3.6.1 >Reporter: Vladimir Sitnikov >Priority: Major > > Current model for license is something, yet it is not machine-friendly. > Developers tend to put random data into > {{..}}, and it is hard to analyze in > automatic way. > What if we could use SPDX license identifiers/expressions for license > information? > Note: currently POM allows to list multiple tags, and it is not > clear how they should be treated (and? or?). So a machine-readable field > should probably allow for AND/OR license expressions. > So it would be nice if there was a way to declare a machine-readable license > tag. > I'm not affiliated with SPDX, however OSGi use those ids: > https://osgi.org/specification/osgi.core/7.0.0/framework.module.html#framework.module-bundle-license -- This message was sent by Atlassian JIRA (v7.6.3#76005)
[jira] [Commented] (MNG-6677) Ability to declare machine-readable license identifier for project
[ https://issues.apache.org/jira/browse/MNG-6677?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16861452#comment-16861452 ] Vladimir Sitnikov commented on MNG-6677: {quote}Please make a proposal how you would like the next POM version look like.{quote} For instance: {code:xml} (Apache-2.0 AND MIT) OR (Apache-2.0 AND BSD-3-Clause) Tomcat BSD-Style License tomcat.apache.org/license-bsd.txt Tomcat MIT-Style License tomcat.apache.org/license-mit.txt {code} > Ability to declare machine-readable license identifier for project > -- > > Key: MNG-6677 > URL: https://issues.apache.org/jira/browse/MNG-6677 > Project: Maven > Issue Type: Improvement > Components: POM >Affects Versions: 3.6.1 >Reporter: Vladimir Sitnikov >Priority: Major > > Current model for license is something, yet it is not machine-friendly. > Developers tend to put random data into > {{..}}, and it is hard to analyze in > automatic way. > What if we could use SPDX license identifiers/expressions for license > information? > Note: currently POM allows to list multiple tags, and it is not > clear how they should be treated (and? or?). So a machine-readable field > should probably allow for AND/OR license expressions. > So it would be nice if there was a way to declare a machine-readable license > tag. > I'm not affiliated with SPDX, however OSGi use those ids: > https://osgi.org/specification/osgi.core/7.0.0/framework.module.html#framework.module-bundle-license -- This message was sent by Atlassian JIRA (v7.6.3#76005)
[jira] [Commented] (MNG-6677) Ability to declare machine-readable license identifier for project
[ https://issues.apache.org/jira/browse/MNG-6677?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16861450#comment-16861450 ] Michael Osipov commented on MNG-6677: - As an alternative, you can reuse the name element to write your SPDX ID. Isn't that enough for the moment? > Ability to declare machine-readable license identifier for project > -- > > Key: MNG-6677 > URL: https://issues.apache.org/jira/browse/MNG-6677 > Project: Maven > Issue Type: Improvement > Components: POM >Affects Versions: 3.6.1 >Reporter: Vladimir Sitnikov >Priority: Major > > Current model for license is something, yet it is not machine-friendly. > Developers tend to put random data into > {{..}}, and it is hard to analyze in > automatic way. > What if we could use SPDX license identifiers/expressions for license > information? > Note: currently POM allows to list multiple tags, and it is not > clear how they should be treated (and? or?). So a machine-readable field > should probably allow for AND/OR license expressions. > So it would be nice if there was a way to declare a machine-readable license > tag. > I'm not affiliated with SPDX, however OSGi use those ids: > https://osgi.org/specification/osgi.core/7.0.0/framework.module.html#framework.module-bundle-license -- This message was sent by Atlassian JIRA (v7.6.3#76005)
[jira] [Commented] (MNG-6677) Ability to declare machine-readable license identifier for project
[ https://issues.apache.org/jira/browse/MNG-6677?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16861449#comment-16861449 ] Vladimir Sitnikov commented on MNG-6677: However it would be quite complicated if licensing for different uses is different (e.g. MIT in winter and BSD in summer). I guess there should be a pre-defined value for those cases like ITS_COMPLICATED_CONSULT_LAWYERS, so machine-reader could figure out that the case is complicated and require manual intervention. > Ability to declare machine-readable license identifier for project > -- > > Key: MNG-6677 > URL: https://issues.apache.org/jira/browse/MNG-6677 > Project: Maven > Issue Type: Improvement > Components: POM >Affects Versions: 3.6.1 >Reporter: Vladimir Sitnikov >Priority: Major > > Current model for license is something, yet it is not machine-friendly. > Developers tend to put random data into > {{..}}, and it is hard to analyze in > automatic way. > What if we could use SPDX license identifiers/expressions for license > information? > Note: currently POM allows to list multiple tags, and it is not > clear how they should be treated (and? or?). So a machine-readable field > should probably allow for AND/OR license expressions. > So it would be nice if there was a way to declare a machine-readable license > tag. > I'm not affiliated with SPDX, however OSGi use those ids: > https://osgi.org/specification/osgi.core/7.0.0/framework.module.html#framework.module-bundle-license -- This message was sent by Atlassian JIRA (v7.6.3#76005)
[jira] [Commented] (MNG-6677) Ability to declare machine-readable license identifier for project
[ https://issues.apache.org/jira/browse/MNG-6677?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16861440#comment-16861440 ] Vladimir Sitnikov commented on MNG-6677: {quote}The problem is with the list of licenses also that some people write two licenses in the name element because it is so. So is Tomcat, for example. How do you want to cover that? {quote} Technically speaking, SPDX has notion of "license expressions" which looks like {{Apache-2.0+ WITH Bison-exception-2.2}} (which is (Apache 2.0 or later) with Bison exception...) I don't think we need to have xml representation of that expression though, and we could be just fine with a string field with "license expression" inside. {quote}What we could do is to add the license id optionally to the manifest or the properties bundled the archiver, but that you can already do on your own{quote} Unfortunately, that is not enforced by default. Maven Central enforces everybody to have tag. So they have it. As you know it is not parsable :( > Ability to declare machine-readable license identifier for project > -- > > Key: MNG-6677 > URL: https://issues.apache.org/jira/browse/MNG-6677 > Project: Maven > Issue Type: Improvement > Components: POM >Affects Versions: 3.6.1 >Reporter: Vladimir Sitnikov >Priority: Major > > Current model for license is something, yet it is not machine-friendly. > Developers tend to put random data into > {{..}}, and it is hard to analyze in > automatic way. > What if we could use SPDX license identifiers/expressions for license > information? > Note: currently POM allows to list multiple tags, and it is not > clear how they should be treated (and? or?). So a machine-readable field > should probably allow for AND/OR license expressions. > So it would be nice if there was a way to declare a machine-readable license > tag. > I'm not affiliated with SPDX, however OSGi use those ids: > https://osgi.org/specification/osgi.core/7.0.0/framework.module.html#framework.module-bundle-license -- This message was sent by Atlassian JIRA (v7.6.3#76005)
[jira] [Commented] (MNG-6677) Ability to declare machine-readable license identifier for project
[ https://issues.apache.org/jira/browse/MNG-6677?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16861419#comment-16861419 ] Michael Osipov commented on MNG-6677: - Yes, I was referring to MPIR-382. The problem is with the list of licenses also that some people write two licenses in the name element because it is so. So is Tomcat, for example. How do you want to cover that? IT would require a unique license ID. Please make a proposal how you would like the next POM version look like. What we could do is to add the license id optionally to the manifest or the properties bundled the archiver, but that you can already do on your own. > Ability to declare machine-readable license identifier for project > -- > > Key: MNG-6677 > URL: https://issues.apache.org/jira/browse/MNG-6677 > Project: Maven > Issue Type: Improvement > Components: POM >Affects Versions: 3.6.1 >Reporter: Vladimir Sitnikov >Priority: Major > > Current model for license is something, yet it is not machine-friendly. > Developers tend to put random data into > {{..}}, and it is hard to analyze in > automatic way. > What if we could use SPDX license identifiers/expressions for license > information? > Note: currently POM allows to list multiple tags, and it is not > clear how they should be treated (and? or?). So a machine-readable field > should probably allow for AND/OR license expressions. > So it would be nice if there was a way to declare a machine-readable license > tag. > I'm not affiliated with SPDX, however OSGi use those ids: > https://osgi.org/specification/osgi.core/7.0.0/framework.module.html#framework.module-bundle-license -- This message was sent by Atlassian JIRA (v7.6.3#76005)
[jira] [Commented] (MNG-6677) Ability to declare machine-readable license identifier for project
[ https://issues.apache.org/jira/browse/MNG-6677?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16861406#comment-16861406 ] Vladimir Sitnikov commented on MNG-6677: [~michael-o], I have tried to search for the request, and I fail to find one. I see similar issues like https://issues.apache.org/jira/browse/RAT-251 and https://issues.apache.org/jira/browse/MPIR-382 Did you have something else in mind? The fun fact is I came from https://github.com/spdx/tools/issues/192 "Support normalization of license names" (which is very close to MPIR-382), however for now it looks like the idea of trying to use "standard ID/URL" in tag won't fly. That is why I wonder if a dedicated machine-readable field could appear. Note: I know that 4.0.0 is here "for ages". > Ability to declare machine-readable license identifier for project > -- > > Key: MNG-6677 > URL: https://issues.apache.org/jira/browse/MNG-6677 > Project: Maven > Issue Type: Improvement > Components: POM >Affects Versions: 3.6.1 >Reporter: Vladimir Sitnikov >Priority: Major > > Current model for license is something, yet it is not machine-friendly. > Developers tend to put random data into > {{..}}, and it is hard to analyze in > automatic way. > What if we could use SPDX license identifiers/expressions for license > information? > Note: currently POM allows to list multiple tags, and it is not > clear how they should be treated (and? or?). So a machine-readable field > should probably allow for AND/OR license expressions. > So it would be nice if there was a way to declare a machine-readable license > tag. > I'm not affiliated with SPDX, however OSGi use those ids: > https://osgi.org/specification/osgi.core/7.0.0/framework.module.html#framework.module-bundle-license -- This message was sent by Atlassian JIRA (v7.6.3#76005)
[jira] [Commented] (MNG-6677) Ability to declare machine-readable license identifier for project
[ https://issues.apache.org/jira/browse/MNG-6677?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16861371#comment-16861371 ] Michael Osipov commented on MNG-6677: - There is a similiar request on that matter. Please search for, I'd like to merge both tickets. > Ability to declare machine-readable license identifier for project > -- > > Key: MNG-6677 > URL: https://issues.apache.org/jira/browse/MNG-6677 > Project: Maven > Issue Type: Improvement > Components: POM >Affects Versions: 3.6.1 >Reporter: Vladimir Sitnikov >Priority: Major > > Current model for license is something, yet it is not machine-friendly. > Developers tend to put random data into > {{..}}, and it is hard to analyze in > automatic way. > What if we could use SPDX license identifiers/expressions for license > information? > Note: currently POM allows to list multiple tags, and it is not > clear how they should be treated (and? or?). So a machine-readable field > should probably allow for AND/OR license expressions. > So it would be nice if there was a way to declare a machine-readable license > tag. > I'm not affiliated with SPDX, however OSGi use those ids: > https://osgi.org/specification/osgi.core/7.0.0/framework.module.html#framework.module-bundle-license -- This message was sent by Atlassian JIRA (v7.6.3#76005)