SPDX Tag-Value validator: Unexpected Error: org.spdx.library.model.SpdxIdInUseException: Can not create Apache-2.0. It is already in use with type ListedLicense which is incompatible with type ExtractedLicensingInfo

[kzantow]

While attempting to validate the attached SPDX Tag-Value file, it results in this error in the online validator:

Analysis exception processing SPDX file: Unexpected Error: org.spdx.library.model.SpdxIdInUseException: 
Can not create Apache-2.0. It is already in use with type ListedLicense which is incompatible with type 
ExtractedLicensingInfo

This is difficult to understand what the problem is -- is it a parser issue or something wrong with the SPDX file?

sample.spdx.txt

[goneall]

@kzantow I took a look at the sample file and the issue is due to 2 issues with the sample.spdx file:

• The Extracted license information is mixed in with the file data - it should be in a separate section for extracted license information - typically put at the end of the SPDX document
• The extracted license information is using a standard listed license ID - the spec requires that any licenses defined in the doc with extracted license text information have an ID starting with LicenseRef-

Below is an example from the file:

FileName: file 2
SPDXID: SPDXRef-id 2
FileType: SOURCE
FileType: TEXT
FileChecksum: MD5: 3b3d84497fe614195e799aeafdd0740b
FileChecksum: SHA1: a518255d3dcf2c6f3fa8a4de15b6aafc77221b29
LicenseConcluded: Apache-2.0
LicenseInfoInFile: f1
LicenseInfoInFile: f2
LicenseInfoInFile: f3
LicenseComments: comments 2
FileCopyrightText: copy 2
ArtifactOfProjectName: name 2
ArtifactOfProjectHomePage: http://some-other-url.com/
ArtifactOfProjectURI: http://some-url.org/page-1/uri
ArtifactOfProjectName: name 4
ArtifactOfProjectHomePage: http://some-fourth.edu/
ArtifactOfProjectURI: http://some-fourth.edu/uri
FileComment: comment 2
FileNotice: notice 2
FileContributor: c1
FileContributor: c2
FileDependency: d1
FileDependency: d2
FileDependency: d3
FileDependency: d4
LicenseID: LGPL-3.0
ExtractedText: text 1
LicenseName: name 1
LicenseCrossReference: x1
LicenseCrossReference: x2
LicenseCrossReference: x3
LicenseComment: comment 1

in the above, all the lines inclusive of LicenseID through LicenseComment should be moved into a separate section and not included in the middle of the file properties.

Also, the LicenseID: LGPL-3.0 should be replaced with LicenseID: LicenseRef-LGPL-3.0 to be valid.

[goneall]

Note that the tag/value parser should do a better job of reporting this error.

I'll move the issue over to the tag/value parser to track this issue.

[kzantow]

Thank you very much for the response @goneall -- I've had a hard time finding information about the overall Tag Value format (I see plenty of individual property examples in the SPDX docs, but nothing describing the actual TV format itself). Is there any way you could point me to some documentation for this?

[goneall]

@kzantow aside from the spec itself, there is a repo of examples which may be helpful.