kemitchell
commented
6 years ago - [ ] npm upgrade spdx-license-ids
- [ ] figure out versioning
Closed kemitchell closed 6 years ago
kemitchell
commented
6 years ago 
zommerfelds
commented
6 years ago What if spdx-expression-parse starts rejecting GPL-3.0, will it break this package?
kemitchell
commented
6 years ago @zommerfelds Not sure I follow, could you give me example inputs and outputs?
kemitchell
commented
6 years ago Note to self: Tests in this package should pass once https://github.com/jslicense/spdx-expression-parse.js/pull/22 lands and we bump the dep here.
zommerfelds
commented
6 years ago What I meant is that you are including the deprecated strings in https://github.com/jslicense/spdx-expression-parse.js/pull/22/files#diff-04c6e90faac2675aa89e2176d2eec7d8R49, but one day you might remove them, and then this package might no longer pass the tests. But I guess the answer to this is we'll cross that bridge once we come to it. Or maybe it never will be removed, just deprecated?
dabutvin
commented
5 years ago @kemitchell curious to know what your thoughts are on disabling the GPL upgrade recommendation with some kind of option?
For our use case, we are trying to run spdx-correct on our license detection scans. Since GPL-3.0 is a valid (deprecated) license, I don't feel right changing the license to GPL-3.0-or-later for packages that have been published a while back.
Thinking something like correct('gpl-3.0', { upgrade: false })
EDIT: opened #25 with a proposal