Issue is less the availability of tools but which one to use - and which
dependencies we want to drag in.
There is https://github.com/spdx with several relevant repositories. There also
are the tools around http://reuse.software https://git.fsfe.org/reuse
--
Reply to this email directly or vie
We wont be writing our own validator for sure. For rpm to validate SPDX
licenses, the validation would need to happen in some external library. I have
no idea whether such a library currently exists...
--
Reply to this email directly or view it on GitHub:
https://github.com/rpm-software-managem
Even prior the SPDX migration started in Fedora, I was suggesting to have
something like `%spdx()` macro which would do the job. This have not
materialized at the time and now I would say it is too late. And I don't think
that RPM should somehow enforce the content of `License` field, especially
Loosely related to #2626: as SPDX is everywhere now, we should have an option
to validate SPDX identifiers in the License field at spec parse. Much like the
utf-8 check, it will need to be an opt-in feature initially and then eventually
tightened from default warning to an actual error. Unless s
