add more license urls #2678
add more license urls #2678
Conversation
| @@ -3,6 +3,7 @@ | |||
| <license isOsiApproved="true" licenseId="MIT" name="MIT License"> | |||
| <crossRefs> | |||
| <crossRef>https://opensource.org/license/mit/</crossRef> | |||
| <crossRef>http://opensource.org/licenses/MIT</crossRef> | |||
There was a problem hiding this comment.
they are the same url (the content is the same).
| @@ -5,6 +5,8 @@ | |||
| <crossRefs> | |||
| <crossRef>https://www.eclipse.org/legal/epl-2.0</crossRef> | |||
| <crossRef>https://www.opensource.org/licenses/EPL-2.0</crossRef> | |||
| <crossRef>https://www.eclipse.org/legal/epl-v20.html</crossRef> | |||
| <crossRef>https://projects.eclipse.org/license/epl-2.0</crossRef> | |||
There was a problem hiding this comment.
This is just redirect to the url we have above.
|
Closing as spam. |
Can you reference the issue in spdx-maven-plugin so it is clear what you are trying to achieve? I still have no clue. |
|
@xsuchy sure this is the issue comment: spdx/spdx-maven-plugin#180 (comment) |
|
Ah. I see. |
@xsuchy - I agree with you comment that we can not have a full list of all URLs, but we can use the limited set of URLs to provide matching. We've been using this method in a few utilities since the inception of the SPDX license list. The reason this is important is other methods of matching is even less reliable (e.g. matching based on whatever the maintainer puts in as a "license name". Of course, if everyone uses license ID's this wouldn't be needed - unfortunately license IDs are not pervasively used in the case of Maven. |
|
A bit more history and context for the license URLs. There's been quite a bit of discussion on the use of the URLs and in the past we've agreed it can be used to match licenses. This is what led to the policy of not deleting URLs that are no longer live. We've enhanced the license list publisher to check the status of the URLs. It will check if the URL is live, if it is a wayback link, and if it actually contains text that matches the license per the license matching guidelines. All of this information is recorded in the When we render the HTML for spdx.org/licenses, we retain the order so the first license should always be the closest to canonical. If the license is no longer live - we append the url with a "[not live]" note. Since merging this will enhance the license data captured by the SPDX Maven plugin, I would like to merge this PR. @xsuchy - let me know if you'd like to discuss prior to merging. |
Here are some more URL mappings, please add them to your lists.
https://www.eclipse.org/legal/epl-v20.htmlused byorg.junit.jupiter:junit-jupiter-api:5.12.0https://projects.eclipse.org/license/epl-2.0used byjakarta.json:jakarta.json-api:2.1.3http://opensource.org/licenses/MITused byorg.checkerframework:checker-qual:3.49.1