Closed tylerjthomas9 closed 1 month ago
I guess we expected packages to do license = "BSD-2-Clause"
instead of
[license]
SPDX = "BSD-2-Clause"
Either way, we shouldn't crash on this but rather emit a debug message and mark the license in project as missing. We could also try to add support for this format.
@richardreeve is there a particular reason why you went with the
[license]
SPDX = "BSD-2-Clause"
format?
I had no idea there was a Julia standard for this - where did you get it from? I just wanted to add some additional metadata into Project.toml, so I added in license
and author_details
blocks.
I chose SPDX = "..."
because I wanted to be explicit that this was the SPDX identifier rather than some other way of specifying the license.
All of this is driven by the ResearchSoftwareMetadata.jl package (which I am just registering) that does a crosswalk from a package's Project.toml to it's codemeta.json, .zenodo.json, LICENSE and the licensing headers in all of the Julia files. The idea is to provide a simple way of implementing the Research Software MetaData (RSMD) guidelines.
I'm not objecting to changing what I'm doing here btw if there's a good reason, but I think that specifically referencing SPDX
as the format isn't a terrible idea because it is a specific, standard format. Do many packages have a license
entry in their Project.toml file?
Also, is adding random stuff into a Project.toml file generally supported, because I'm finding it really handy?
BTW, RSMD has a standard codemeta.json file in the package for any language (e.g. here in Phylo.jl) which contains a lot of the information you seem to be looking for.
https://github.com/EcoJulia/Phylo.jl/blob/dev/test/clean_ResearchSoftwareMetadata.jl
I'm not sure there is a real standard for julia. I only started checking for it in this package since I had recently added the license check to General and the idea came up there to use the field: https://github.com/JuliaRegistries/RegistryCI.jl/pull/344.
I found some stdlibs use the short approach: https://github.com/JuliaLang/Pkg.jl/blob/e6880bc9d8a04d95df6e341c76786219a4efc33f/Project.toml#L4.
Additionally, cargo also uses the same approach: https://doc.rust-lang.org/cargo/reference/manifest.html#the-license-and-license-file-fields. Generally they make good choices so it's probably a reasonably good way to do it.
BTW, RSMD has a standard codemeta.json file in the package for any language (e.g. here in Phylo.jl) which contains a lot of the information you seem to be looking for.
That is nice, but we wanted to assess the entire registry, so here we try to make do with what we can scrape as opposed to requiring an opt-in approach.
Okay, I'll switch over to license="<SPDX-identifier>"
tomorrow. I think with a nonstandard field, having a specific expectation of how it should work is probably unreasonable though in general.
The point about the codemeta.json file though is that this information is automatically extracted from Project.toml and elsewhere when you run the crosswalk, so it might make sense to think about these packages in the same context as trying to achieve similar goals...
Btw I forgot to say that this should all be resolved now for those packages, but it would be interesting to think about how to reconcile PackageAnalyzer more generally with other metadata that people may want to provide, but isn't part of the Julia standard.
I am getting an error parsing licenses when analyzing a few packages.
Phylo
,Diversity
andEcoSISTEM
are all giving me this error. They all recently updated their LICENSE (https://github.com/EcoJulia/Phylo.jl/commit/1790ae4986698288eee1d35db7d7ad3963ffcb91, https://github.com/EcoJulia/Diversity.jl/commit/141e7b94966daff527b716b16459e8b30c0ed6dd, https://github.com/EcoJulia/EcoSISTEM.jl/commit/5cef1bb8d4077d90c5b12a8342087e427982581d#diff-c693279643b8cd5d248172d9c22cb7cf4ed163a3c98c8a3f69c2717edd3eacb7)