tools icon indicating copy to clipboard operation
tools copied to clipboard

Published 20 hours ago verified publisher icon spdx

DocumentRef-1:LicenseRef-XY flagged as invalid

Open tbetker opened this issue 5 years ago • 1 comments

"PackageLicenseConcluded: DocumentRef-1:LicenseRef-XY" in an SPDX document is valid according to Appendix IV of the spec., but the verifier fails:

Invalid license id 'DocumentRef-1:LicenseRef-XY'. Must start with 'LicenseRef-' and made up of the characters from the set 'a'-'z', 'A'-'Z', '0'-'9', '+', '_', '.', and '-'.

The spdx-tools version I tested was release 2.1.20.

tbetker avatar Jan 19 '20 12:01 tbetker

It looks like the SPDX tools doesn't support external license ref declarations. We will need to add support similar to the ExternalSpdxElement class.

goneall avatar Jan 20 '20 04:01 goneall