Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

interpret licenses for missing versions #1098

Open
elrayle opened this issue Apr 17, 2024 · 0 comments
Open

interpret licenses for missing versions #1098

elrayle opened this issue Apr 17, 2024 · 0 comments

Comments

@elrayle
Copy link
Collaborator

elrayle commented Apr 17, 2024
edited
Loading

Description

If a license is requested for a package that exists in ClearlyDefined data but the specific version requested does not have data, interpret the license from the existing data.

The interpreted license will be each identified license for all versions AND together and including AND LicenseRef-clearlydefined-NODATA. In this way, we do not have do figure out where in the list of versions the requested version lies and attempt to determine which license applies if there are multiple licenses. The LicenseRef-clearlydefined-NODATA tells the consumer that there was no license data for this specific coordinates (package + version) and the return license was interpreted.

Examples...

  • a dependency where all licenses are MIT for all versions and a new version appears, it is interpreted as MIT AND LicenseRef-clearlydefined-NODATA

  • a dependency where early versions were Apache-2.0 and later versions were MIT, the interpreted license will be Apache-2.0 AND MIT AND LicenseRef-clearlydefined-NODATA
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@elrayle