Add support for SPDX expression resolution #39
Labels
enhancement
New feature or request
Comments
stevespringett
added a commit
that referenced
this issue
Jul 9, 2020
|
You might also want to consider ORT's SPDX expression library at https://github.com/oss-review-toolkit/ort/tree/master/spdx-utils. Currently, no separate binary artifacts are published for this, but if you're interested we could do that. |
By now the library is published at https://mvnrepository.com/artifact/org.ossreviewtoolkit.utils/spdx-utils. |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
SPDX Tools was removed from Java Core v3.0.0 due to introducing a lot of unnecessary dependencies and requiring Internet access by default (could be disabled via system property: SPDXParser.OnlyUseLocalLicenses).
Since the removal of SPDX Tools, CycloneDX Java Core had to implement the SPDX license list (json) as well as license text from the SPDX project. This enhancement request is to add support for SPDX license expressions, which is no longer possible in v3.0.0, back into this library.
There's a potential to introduce a standalone library that provides all of this functionality - similar to SPDX Tools - but without all the extras that go along with it. Possibly similar to https://github.com/nexB/license-expression
The text was updated successfully, but these errors were encountered: