Closed kemitchell closed 6 years ago
What if spdx-expression-parse
starts rejecting GPL-3.0
, will it break this package?
@zommerfelds Not sure I follow, could you give me example inputs and outputs?
Note to self: Tests in this package should pass once https://github.com/jslicense/spdx-expression-parse.js/pull/22 lands and we bump the dep here.
What I meant is that you are including the deprecated strings in https://github.com/jslicense/spdx-expression-parse.js/pull/22/files#diff-04c6e90faac2675aa89e2176d2eec7d8R49, but one day you might remove them, and then this package might no longer pass the tests. But I guess the answer to this is we'll cross that bridge once we come to it. Or maybe it never will be removed, just deprecated?
@kemitchell curious to know what your thoughts are on disabling the GPL upgrade recommendation with some kind of option?
For our use case, we are trying to run spdx-correct on our license detection scans. Since GPL-3.0
is a valid (deprecated) license, I don't feel right changing the license to GPL-3.0-or-later
for packages that have been published a while back.
Thinking something like correct('gpl-3.0', { upgrade: false })
EDIT: opened #25 with a proposal