Closed hfhbd closed 2 years ago
I'm extremely wary of doing this. It is not always guaranteed that the URL will work without the slash.
I understand. There are many URL rfcs and a living standard (for web). At least the living standard would not produce a trailing slash after serializing the parsed url: https://url.spec.whatwg.org/#url-path-serializer
I will use allowURL
and try to change the license url of the artifact instead.
If both the URLs work (with and without slash) you could also consider adding the URL to the library as an fallback URL. Or sending a PR to the upstream project to correct it to match what the SPDX database uses.
Yes, they both work. I will add it as fallback then.
Do you have a test for the fallback urls? I didn't found one with a quick look
I believe there's a single test somewhere for the mechanism itself but not one for every URL. That felt like it would be a change-detector test.
Actually we should probably move these to JSON to ensure we only need to test the codepath and not every value.
Use case: A pom file has a trailing slash in the license url so it is not recognized as EPL-2.0 although it is inside the json file:
- Unknown license URL 'https://www.eclipse.org/legal/epl-2.0/' is NOT allowed