search

spdx / spdx-spec

The SPDX specification in MarkDown and HTML formats.
https://spdx.github.io/spdx-spec/
Other
274 stars 133 forks source link

Mandatory properties of ExtractedLicensingInfo #835

Closed armintaenzertng closed 3 months ago

armintaenzertng commented 1 year ago

The spec Other licensing information detected (aka ExtractedLicensingInfo) is confusing regarding the fields LicenseId and ExtractedText.

LicenseId has a cardinality of 0..1 conditional (Mandatory, one) if license is not on SPDX License List. This is at odds with section 5.2.5 of the spec which states

This section is used for any detected, declared or concluded licenses that are NOT on the SPDX License List.

This means that the mentioned case in the cardinality (that the license is not on the License List) should be the only possible case and licenseId is always mandatory.

ExtractedText has a cardinality of 0..1 conditional (Mandatory, one) if there is a License Identifier assigned but as a licenseId seems to be mandatory, this would be a mandatory property, too (all examples in this repo seem to agree here as they have at least both of these properties set).

TL;DR: I think that LicenseId and ExtractedText should be marked as mandatory.

ddillard commented 1 year ago

The JSON schema does have both fields marked as mandatory, it would not be useful to have either be omitted.

goneall commented 3 months ago

I believe this is resolved in 3.0.