Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Fix URLs to OSI website #2616

Open
wants to merge 1 commit into
base: main
Choose a base branch
from
Open

Conversation

ziemek99
Copy link

@ziemek99 ziemek99 commented Nov 10, 2024

Apparently OSI webite was restructured a bit some time ago. Old links to license info return HTTP 301 redirects. While it's not a problem for a browser to follow such link, some kind of parser logic at SPDX erroneously detects such URL as "no longer live" when you see "Other web pages for this license" on SPDX website.

@goneall
Copy link
Member

goneall commented Nov 10, 2024

@ziemek99 - Thanks for pointing this out and proposing a solution

Rather than replacing the current OSI reference, I would suggest we add a new reference and keep the original so that tools the use the URL's to correlate license information won't break.

We'll end up with one live and one "not so live" URL. Note, this may appear unnecessary to human users, but for many tools it is quite important to correlate licenses with URLs that are no longer used.

@ziemek99
Copy link
Author

Rather than replacing the current OSI reference, I would suggest we add a new reference and keep the original so that tools the use the URL's to correlate license information won't break.

I suppose it only applies to files in src directory and not DOCS?

We'll end up with one live and one "not so live" URL.

Is there any required order to keep? For aesthetic reasons I'd like to keep "not so live" URLs under the live ones. If that'd break compatibility, though, I can keep the order of the previous entries and add current URLs underneath.

Another (better) solution would be fixing the parser logic so it follows any HTTP redirects and doesn't mark these URLs as no longer live.

@goneall
Copy link
Member

goneall commented Nov 11, 2024

Rather than replacing the current OSI reference, I would suggest we add a new reference and keep the original so that tools the use the URL's to correlate license information won't break.

I suppose it only applies to files in src directory and not DOCS?

Correct - only the src

We'll end up with one live and one "not so live" URL.

Is there any required order to keep? For aesthetic reasons I'd like to keep "not so live" URLs under the live ones. If that'd break compatibility, though, I can keep the order of the previous entries and add current URLs underneath.

I don't think order matters.

Another (better) solution would be fixing the parser logic so it follows any HTTP redirects and doesn't mark these URLs as no longer live.

Possibly - Although it is nice having the correct (non-redirected) URLs added for 2 reasons:

  • Improves the correlation of license identifications since it will identify licenses with the new location
  • The redirect may go away someday and having the "early warning" with the redirects may be helpful

Flagging these on the website gives us a chance to add the new URL. There may be a better way to flag them, but this did result in an very welcome update to the src URLs. Again - thanks for the PR and noticing the change.

@@ -48,7 +48,7 @@ There are two mandatory attributes for every `<license>` and `<exception>` tag:
There are two additional highly encouraged attributes which are technically optional:
* `listVersionAdded`: in which release version of the SPDX License List was the license first added, e.g., "3.24.0".
* Typically you'll check the currently-released version at https://github.com/spdx/license-list-XML/releases and increment the minor version by 1 for a new license. E.g., when last release is "3.24.0" you add there "3.25.0".
* `isOsiApproved` (for licenses, not exceptions): either "true" or "false" based on whether this license has been approved by the [Open Source Initiative](https://opensource.org/licenses/alphabetical)
* `isOsiApproved` (for licenses, not exceptions): either "true" or "false" based on whether this license has been approved by the [Open Source Initiative](https://opensource.org/licenses)
Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This should be just https://opensource.org/license (without the trailing s.

@xsuchy
Copy link
Collaborator

xsuchy commented Nov 14, 2024

Otherwise LGTM.

@xsuchy
Copy link
Collaborator

xsuchy commented Dec 20, 2024

@ziemek99 Can you update the PR with requested change pls?

@swinslow
Copy link
Member

Holding for 3.27.0, I'd like to take a closer look at this given the number of files it's touching.

@swinslow swinslow added this to the 3.27.0 milestone Dec 30, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

4 participants