Dear Miguel, as a normal Maven user I have faced this problem several times. To have such information available as part of the licence information would be great.
Oliver Am 08.04.19 um 00:42 schrieb Miguel Angel Terrón: > Hi team, > > I've been checking the xsd for the pom file and the license section is > described as: > > license > > Describes the licenses for this project. This is used to generate the license > page of the project's web site, as well as being taken into consideration in > other reporting and validation. The licenses listed for the project are that > of > the project itself, and not of dependencies. > > > name: The full legal name of the license. > url: The official url for the license text. > distribution: The primary method by which this project may be distributed. > comments: Addendum information pertaining to this license. > > The problem I see is that in reality the name seems to be a random string > and not always the "full legal name of the license"; I've seen "Apache 2" , > "The Apache Software License, Version 2.0", "Apache License, Version 2.0", > etc. Of those, only the last one is "the full legal name of the license". > > I think it'd be a good idea to add another field with the SPDX license > identifier (https://spdx.org/licenses/) to be able to match the included > license to a source of truth. > In case this is implemented, the name field could be optional as long as > the identifier field is mandatory. > > Thanks > -- N Oliver B. Fischer A Schönhauser Allee 64, 10437 Berlin, Deutschland/Germany P +49 30 44793251 M +49 178 7903538 E o.b.fisc...@swe-blog.net S oliver.b.fischer J oliver.b.fisc...@jabber.org X http://xing.to/obf
signature.asc
Description: OpenPGP digital signature
