LicenseRef-08 flagged as invalid

[tbetker]

"LicenseID: LicenseRef-08" in an SPDX document is valid according to the spec., but the verifier fails:

18:11:50.231 [main] ERROR org.apache.jena.riot - [line: 1, col: 1 ] Content is not allowed in prolog. Unable to parse the file: File xxx.spdx is not a recognized RDF/XML or tag/value format. While verifying for Tag/Value format: Error converting tag/value to RDF/XML format: For input string: "8". While verifying for RDF/XML format: [line: 1, col: 1 ] Content is not allowed in prolog.

I had a look at the code, and my impression was that the verifier tries to interpret "08" -- which is just an idstring -- as an octal number; "01" to "07" are fine, but "08" is not valid in base 8. I have to admit that I am not really fluent in Java, though.

The spdx-tools version I tested was release 2.1.20.

[goneall]

@tbetker Can you attach document to reproduce the problem?

[tbetker]

Attached is a copy of SPDXTagExample-v2.1.spdx with "LicenseID: LicenseRef-Beerware-4.2" replaced by "LicenseID: LicenseRef-08" in line 260.

The verifier should show the error I reported. When you replace "LicenseRef-08" by "LicenseRef-8", the error goes away.

Note: None of the three IDs "LicenseRef-Beerware-4.2", "LicenseRef-08", "LicenseRef-8" is used anywhere else in the document.

issue-315.spdx.txt

[tbetker]

I accidentally closed the issue by clicking "Close and comment". I reopened it immediately; sorry for the confusion ...

[goneall]

Resolved in https://github.com/spdx/tools/pull/216

@tbetker Thanks for catching this - a very (very) old bug. Let me know if you want me to push out a release with this fix.

[tbetker]

Tested the fix, and it works. Thanks!

No, I don't need a release for this (I was using LicenseRef-0000N, and I just renamed them to LicenseRef-N). However, a fix for #214 would be really appreciated as I don't have a workaround for that one.