From cc12dae3934eab08fbca39a9b661d8b1da0ba40d Mon Sep 17 00:00:00 2001 From: Maciej Borzecki Date: Wed, 6 Jan 2021 18:17:09 +0100 Subject: [PATCH] spdx: update to SPDX license list version: 3.11 2020-11-25 (#9629) Some licenses were missing. Update to the latest version of the SPDX license list. Fixes: https://bugs.launchpad.net/snapcraft/+bug/1903609 * spdx: add deprecated license IDs Some deprecated license IDs may be in common use, eg. GPL-2.0, GPL-3.0. Signed-off-by: Maciej Borzecki * spdx: drop implicit handling of 'or-later' licenses Some licenses had 'or-later' variants, eg. GPL-2.0+. The code would incorrectly treat such licenses and lics as 'gnuplot+' would validate correctly even though it is unexpected. Signed-off-by: Maciej Borzecki * spdx: add a test case for GPL-2.0++ license Signed-off-by: Maciej Borzecki * spdx: update to 3.11 2020-11-25 version of license list data Signed-off-by: Maciej Borzecki --- spdx/licenses.go | 444 ++++++++++++++++++++++++++++---------------- spdx/parser.go | 4 - spdx/parser_test.go | 1 + 3 files changed, 288 insertions(+), 161 deletions(-) diff --git a/spdx/licenses.go b/spdx/licenses.go index 43da1294aa5..9464c5ecf1a 100644 --- a/spdx/licenses.go +++ b/spdx/licenses.go @@ -19,193 +19,229 @@ package spdx -// from https://spdx.org/licenses/ +// From https://spdx.org/licenses/ +// data files: https://github.com/spdx/license-list-data +// Version: 3.11 2020-11-25 +// +// jq < json/licenses.json '.licenses | .[] | select(.isOsiApproved == true) | .licenseId' | sort | sed -e 's/$/,/' var osi = []string{ + "0BSD", + "AAL", "AFL-1.1", "AFL-1.2", "AFL-2.0", "AFL-2.1", "AFL-3.0", - "APL-1.0", + "AGPL-3.0", + "AGPL-3.0-only", + "AGPL-3.0-or-later", "Apache-1.1", "Apache-2.0", + "APL-1.0", "APSL-1.0", "APSL-1.1", "APSL-1.2", "APSL-2.0", "Artistic-1.0", - "Artistic-1.0-Perl", "Artistic-1.0-cl8", + "Artistic-1.0-Perl", "Artistic-2.0", - "AAL", - "BSL-1.0", + "BSD-1-Clause", "BSD-2-Clause", + "BSD-2-Clause-Patent", "BSD-3-Clause", - "0BSD", + "BSD-3-Clause-LBNL", + "BSL-1.0", + "CAL-1.0", + "CAL-1.0-Combined-Work-Exception", + "CATOSL-1.1", + "CDDL-1.0", "CECILL-2.1", "CNRI-Python", - "CDDL-1.0", "CPAL-1.0", "CPL-1.0", - "CATOSL-1.1", "CUA-OPL-1.0", - "EPL-1.0", "ECL-1.0", "ECL-2.0", "EFL-1.0", "EFL-2.0", "Entessa", + "EPL-1.0", + "EPL-2.0", "EUDatagrid", "EUPL-1.1", + "EUPL-1.2", "Fair", "Frameworx-1.0", - "AGPL-3.0", "GPL-2.0", + "GPL-2.0+", + "GPL-2.0-only", + "GPL-2.0-or-later", "GPL-3.0", - "LGPL-2.1", - "LGPL-3.0", - "LGPL-2.0", + "GPL-3.0+", + "GPL-3.0-only", + "GPL-3.0-or-later", + "GPL-3.0-with-GCC-exception", "HPND", - "IPL-1.0", "Intel", "IPA", + "IPL-1.0", "ISC", - "LPPL-1.3c", + "LGPL-2.0", + "LGPL-2.0+", + "LGPL-2.0-only", + "LGPL-2.0-or-later", + "LGPL-2.1", + "LGPL-2.1+", + "LGPL-2.1-only", + "LGPL-2.1-or-later", + "LGPL-3.0", + "LGPL-3.0+", + "LGPL-3.0-only", + "LGPL-3.0-or-later", "LiLiQ-P-1.1", - "LiLiQ-Rplus-1.1", "LiLiQ-R-1.1", - "LPL-1.02", + "LiLiQ-Rplus-1.1", "LPL-1.0", - "MS-PL", - "MS-RL", + "LPL-1.02", + "LPPL-1.3c", "MirOS", "MIT", + "MIT-0", "Motosoto", "MPL-1.0", "MPL-1.1", "MPL-2.0", "MPL-2.0-no-copyleft-exception", + "MS-PL", + "MS-RL", + "MulanPSL-2.0", "Multics", "NASA-1.3", "Naumen", + "NCSA", "NGPL", "Nokia", "NPOSL-3.0", "NTP", "OCLC-2.0", + "OFL-1.1", + "OFL-1.1-no-RFN", + "OFL-1.1-RFN", "OGTSL", + "OLDAP-2.8", + "OSET-PL-2.1", "OSL-1.0", "OSL-2.0", "OSL-2.1", "OSL-3.0", - "OSET-PL-2.1", "PHP-3.0", + "PHP-3.01", "PostgreSQL", "Python-2.0", "QPL-1.0", - "RPSL-1.0", "RPL-1.1", "RPL-1.5", + "RPSL-1.0", "RSCPL", - "OFL-1.1", "SimPL-2.0", - "Sleepycat", "SISSL", + "Sleepycat", "SPL-1.0", - "Watcom-1.0", + "UCL-1.0", + "Unicode-DFS-2016", + "Unlicense", "UPL-1.0", - "NCSA", "VSL-1.0", "W3C", + "Watcom-1.0", "Xnet", "Zlib", "ZPL-2.0", } +// using SPDX license data: +// jq < json/licenses.json '.licenses | .[] | .licenseId' | sort | sed -e 's/$/,/' var allLicenses = []string{ - "Glide", + "0BSD", + "AAL", "Abstyles", + "Adobe-2006", + "Adobe-Glyph", + "ADSL", "AFL-1.1", "AFL-1.2", "AFL-2.0", "AFL-2.1", "AFL-3.0", - "AMPAS", - "APL-1.0", - "Adobe-Glyph", - "APAFML", - "Adobe-2006", - "AGPL-1.0", "Afmparse", + "AGPL-1.0", + "AGPL-1.0-only", + "AGPL-1.0-or-later", + "AGPL-3.0", + "AGPL-3.0-only", + "AGPL-3.0-or-later", "Aladdin", - "ADSL", "AMDPLPA", + "AML", + "AMPAS", "ANTLR-PD", + "ANTLR-PD-fallback", "Apache-1.0", "Apache-1.1", "Apache-2.0", - "AML", + "APAFML", + "APL-1.0", "APSL-1.0", "APSL-1.1", "APSL-1.2", "APSL-2.0", "Artistic-1.0", - "Artistic-1.0-Perl", "Artistic-1.0-cl8", + "Artistic-1.0-Perl", "Artistic-2.0", - "AAL", "Bahyph", "Barr", "Beerware", "BitTorrent-1.0", "BitTorrent-1.1", - "BSL-1.0", + "blessing", + "BlueOak-1.0.0", "Borceux", + "BSD-1-Clause", "BSD-2-Clause", "BSD-2-Clause-FreeBSD", "BSD-2-Clause-NetBSD", + "BSD-2-Clause-Patent", + "BSD-2-Clause-Views", "BSD-3-Clause", + "BSD-3-Clause-Attribution", "BSD-3-Clause-Clear", + "BSD-3-Clause-LBNL", "BSD-3-Clause-No-Nuclear-License", "BSD-3-Clause-No-Nuclear-License-2014", "BSD-3-Clause-No-Nuclear-Warranty", + "BSD-3-Clause-Open-MPI", "BSD-4-Clause", + "BSD-4-Clause-UC", "BSD-Protection", "BSD-Source-Code", - "BSD-3-Clause-Attribution", - "0BSD", - "BSD-4-Clause-UC", + "BSL-1.0", + "BUSL-1.1", "bzip2-1.0.5", "bzip2-1.0.6", + "CAL-1.0", + "CAL-1.0-Combined-Work-Exception", "Caldera", - "CECILL-1.0", - "CECILL-1.1", - "CECILL-2.0", - "CECILL-2.1", - "CECILL-B", - "CECILL-C", - "ClArtistic", - "MIT-CMU", - "CNRI-Jython", - "CNRI-Python", - "CNRI-Python-GPL-Compatible", - "CPOL-1.02", - "CDDL-1.0", - "CDDL-1.1", - "CPAL-1.0", - "CPL-1.0", "CATOSL-1.1", - "Condor-1.1", + "CC0-1.0", "CC-BY-1.0", "CC-BY-2.0", "CC-BY-2.5", "CC-BY-3.0", + "CC-BY-3.0-AT", + "CC-BY-3.0-US", "CC-BY-4.0", - "CC-BY-ND-1.0", - "CC-BY-ND-2.0", - "CC-BY-ND-2.5", - "CC-BY-ND-3.0", - "CC-BY-ND-4.0", "CC-BY-NC-1.0", "CC-BY-NC-2.0", "CC-BY-NC-2.5", @@ -215,18 +251,51 @@ var allLicenses = []string{ "CC-BY-NC-ND-2.0", "CC-BY-NC-ND-2.5", "CC-BY-NC-ND-3.0", + "CC-BY-NC-ND-3.0-IGO", "CC-BY-NC-ND-4.0", "CC-BY-NC-SA-1.0", "CC-BY-NC-SA-2.0", "CC-BY-NC-SA-2.5", "CC-BY-NC-SA-3.0", "CC-BY-NC-SA-4.0", + "CC-BY-ND-1.0", + "CC-BY-ND-2.0", + "CC-BY-ND-2.5", + "CC-BY-ND-3.0", + "CC-BY-ND-4.0", "CC-BY-SA-1.0", "CC-BY-SA-2.0", + "CC-BY-SA-2.0-UK", "CC-BY-SA-2.5", "CC-BY-SA-3.0", + "CC-BY-SA-3.0-AT", "CC-BY-SA-4.0", - "CC0-1.0", + "CC-PDDC", + "CDDL-1.0", + "CDDL-1.1", + "CDLA-Permissive-1.0", + "CDLA-Sharing-1.0", + "CECILL-1.0", + "CECILL-1.1", + "CECILL-2.0", + "CECILL-2.1", + "CECILL-B", + "CECILL-C", + "CERN-OHL-1.1", + "CERN-OHL-1.2", + "CERN-OHL-P-2.0", + "CERN-OHL-S-2.0", + "CERN-OHL-W-2.0", + "ClArtistic", + "CNRI-Jython", + "CNRI-Python", + "CNRI-Python-GPL-Compatible", + "Condor-1.1", + "copyleft-next-0.3.0", + "copyleft-next-0.3.1", + "CPAL-1.0", + "CPL-1.0", + "CPOL-1.02", "Crossword", "CrystalStacker", "CUA-OPL-1.0", @@ -234,127 +303,196 @@ var allLicenses = []string{ "curl", "D-FSL-1.0", "diffmark", - "WTFPL", "DOC", "Dotseqn", "DSDP", "dvipdfm", - "EPL-1.0", "ECL-1.0", "ECL-2.0", - "eGenix", + "eCos-2.0", "EFL-1.0", "EFL-2.0", - "MIT-advertising", - "MIT-enna", + "eGenix", "Entessa", + "EPICS", + "EPL-1.0", + "EPL-2.0", "ErlPL-1.1", + "etalab-2.0", "EUDatagrid", "EUPL-1.0", "EUPL-1.1", + "EUPL-1.2", "Eurosym", "Fair", - "MIT-feh", "Frameworx-1.0", "FreeImage", - "FTL", "FSFAP", "FSFUL", "FSFULLR", - "Giftware", - "GL2PS", - "Glulxe", - "AGPL-3.0", + "FTL", "GFDL-1.1", + "GFDL-1.1-invariants-only", + "GFDL-1.1-invariants-or-later", + "GFDL-1.1-no-invariants-only", + "GFDL-1.1-no-invariants-or-later", + "GFDL-1.1-only", + "GFDL-1.1-or-later", "GFDL-1.2", + "GFDL-1.2-invariants-only", + "GFDL-1.2-invariants-or-later", + "GFDL-1.2-no-invariants-only", + "GFDL-1.2-no-invariants-or-later", + "GFDL-1.2-only", + "GFDL-1.2-or-later", "GFDL-1.3", + "GFDL-1.3-invariants-only", + "GFDL-1.3-invariants-or-later", + "GFDL-1.3-no-invariants-only", + "GFDL-1.3-no-invariants-or-later", + "GFDL-1.3-only", + "GFDL-1.3-or-later", + "Giftware", + "GL2PS", + "Glide", + "Glulxe", + "GLWTPL", + "gnuplot", "GPL-1.0", + "GPL-1.0+", + "GPL-1.0-only", + "GPL-1.0-or-later", "GPL-2.0", + "GPL-2.0+", + "GPL-2.0-only", + "GPL-2.0-or-later", + "GPL-2.0-with-autoconf-exception", + "GPL-2.0-with-bison-exception", + "GPL-2.0-with-classpath-exception", + "GPL-2.0-with-font-exception", + "GPL-2.0-with-GCC-exception", "GPL-3.0", - "LGPL-2.1", - "LGPL-3.0", - "LGPL-2.0", - "gnuplot", + "GPL-3.0+", + "GPL-3.0-only", + "GPL-3.0-or-later", + "GPL-3.0-with-autoconf-exception", + "GPL-3.0-with-GCC-exception", "gSOAP-1.3b", "HaskellReport", + "Hippocratic-2.1", "HPND", + "HPND-sell-variant", + "HTMLTIDY", "IBM-pibs", - "IPL-1.0", "ICU", + "IJG", "ImageMagick", "iMatix", "Imlib2", - "IJG", "Info-ZIP", - "Intel-ACPI", "Intel", + "Intel-ACPI", "Interbase-1.0", "IPA", + "IPL-1.0", "ISC", "JasPer-2.0", + "JPNIC", "JSON", - "LPPL-1.0", - "LPPL-1.1", - "LPPL-1.2", - "LPPL-1.3a", - "LPPL-1.3c", + "LAL-1.2", + "LAL-1.3", "Latex2e", - "BSD-3-Clause-LBNL", "Leptonica", + "LGPL-2.0", + "LGPL-2.0+", + "LGPL-2.0-only", + "LGPL-2.0-or-later", + "LGPL-2.1", + "LGPL-2.1+", + "LGPL-2.1-only", + "LGPL-2.1-or-later", + "LGPL-3.0", + "LGPL-3.0+", + "LGPL-3.0-only", + "LGPL-3.0-or-later", "LGPLLR", "Libpng", + "libpng-2.0", + "libselinux-1.0", "libtiff", - "LAL-1.2", - "LAL-1.3", "LiLiQ-P-1.1", - "LiLiQ-Rplus-1.1", "LiLiQ-R-1.1", - "LPL-1.02", + "LiLiQ-Rplus-1.1", + "Linux-OpenIB", "LPL-1.0", + "LPL-1.02", + "LPPL-1.0", + "LPPL-1.1", + "LPPL-1.2", + "LPPL-1.3a", + "LPPL-1.3c", "MakeIndex", - "MTLL", - "MS-PL", - "MS-RL", "MirOS", - "MITNFA", "MIT", + "MIT-0", + "MIT-advertising", + "MIT-CMU", + "MIT-enna", + "MIT-feh", + "MITNFA", + "MIT-open-group", "Motosoto", + "mpich2", "MPL-1.0", "MPL-1.1", "MPL-2.0", "MPL-2.0-no-copyleft-exception", - "mpich2", + "MS-PL", + "MS-RL", + "MTLL", + "MulanPSL-1.0", + "MulanPSL-2.0", "Multics", "Mup", "NASA-1.3", "Naumen", "NBPL-1.0", - "Net-SNMP", + "NCGL-UK-2.0", + "NCSA", "NetCDF", + "Net-SNMP", + "Newsletr", "NGPL", + "NIST-PD", + "NIST-PD-fallback", + "NLOD-1.0", + "NLPL", + "Nokia", "NOSL", + "Noweb", "NPL-1.0", "NPL-1.1", - "Newsletr", - "NLPL", - "Nokia", - "NPOSL-3.0", - - "NLOD-1.0", - "Noweb", "NRL", "NTP", - + "NTP-0", "Nunit", + "OCCT-PL", "OCLC-2.0", - "ODbL-1.0", - "PDDL-1.0", - "OCCT-PL", + "ODC-By-1.0", + "OFL-1.0", + "OFL-1.0-no-RFN", + "OFL-1.0-RFN", + "OFL-1.1", + "OFL-1.1-no-RFN", + "OFL-1.1-RFN", + "OGC-1.0", + "OGL-Canada-2.0", + "OGL-UK-1.0", + "OGL-UK-2.0", + "OGL-UK-3.0", "OGTSL", - - "OLDAP-2.2.2", "OLDAP-1.1", "OLDAP-1.2", "OLDAP-1.3", @@ -364,6 +502,7 @@ var allLicenses = []string{ "OLDAP-2.1", "OLDAP-2.2", "OLDAP-2.2.1", + "OLDAP-2.2.2", "OLDAP-2.3", "OLDAP-2.4", "OLDAP-2.5", @@ -371,101 +510,94 @@ var allLicenses = []string{ "OLDAP-2.7", "OLDAP-2.8", "OML", + "OpenSSL", "OPL-1.0", + "OSET-PL-2.1", "OSL-1.0", - "OSL-1.1", "OSL-2.0", - "OSL-2.1", - "OSL-3.0", - - "OpenSSL", - "OSET-PL-2.1", - + "O-UDA-1.0", + "Parity-6.0.0", + "Parity-7.0.0", + "PDDL-1.0", "PHP-3.0", - "PHP-3.01", "Plexus", + "PolyForm-Noncommercial-1.0.0", + "PolyForm-Small-Business-1.0.0", "PostgreSQL", - + "PSF-2.0", "psfrag", "psutils", "Python-2.0", - - "QPL-1.0", - "Qhull", + "QPL-1.0", "Rdisc", - "RPSL-1.0", - + "RHeCos-1.1", "RPL-1.1", - "RPL-1.5", - - "RHeCos-1.1", - "RSCPL", - + "RPSL-1.0", "RSA-MD", + "RSCPL", "Ruby", - "SAX-PD", "Saxpath", + "SAX-PD", "SCEA", - "SWL", - "SMPPL", "Sendmail", + "Sendmail-8.23", "SGI-B-1.0", "SGI-B-1.1", "SGI-B-2.0", - "OFL-1.0", - "OFL-1.1", - + "SHL-0.5", + "SHL-0.51", "SimPL-2.0", - + "SISSL", + "SISSL-1.2", "Sleepycat", - + "SMLNJ", + "SMPPL", "SNIA", "Spencer-86", "Spencer-94", "Spencer-99", - "SMLNJ", - "SugarCRM-1.1.3", - "SISSL", - - "SISSL-1.2", "SPL-1.0", - - "Watcom-1.0", - + "SSH-OpenSSH", + "SSH-short", + "SSPL-1.0", + "StandardML-NJ", + "SugarCRM-1.1.3", + "SWL", + "TAPR-OHL-1.0", "TCL", "TCP-wrappers", - "Unlicense", "TMate", "TORQUE-1.1", "TOSL", + "TU-Berlin-1.0", + "TU-Berlin-2.0", + "UCL-1.0", "Unicode-DFS-2015", "Unicode-DFS-2016", "Unicode-TOU", + "Unlicense", "UPL-1.0", - - "NCSA", - "Vim", "VOSTROM", "VSL-1.0", - - "W3C-20150513", - "W3C-19980720", "W3C", - + "W3C-19980720", + "W3C-20150513", + "Watcom-1.0", "Wsuipa", - "Xnet", - + "WTFPL", + "wxWindows", "X11", "Xerox", "XFree86-1.1", "xinetd", + "Xnet", "xpp", "XSkat", "YPL-1.0", @@ -475,11 +607,9 @@ var allLicenses = []string{ "Zimbra-1.3", "Zimbra-1.4", "Zlib", - "zlib-acknowledgement", "ZPL-1.1", "ZPL-2.0", - "ZPL-2.1", // FIXME: non SPDX licenses that the snapstore uses diff --git a/spdx/parser.go b/spdx/parser.go index 49f1685d3c2..8105780cd10 100644 --- a/spdx/parser.go +++ b/spdx/parser.go @@ -22,7 +22,6 @@ package spdx import ( "fmt" "io" - "strings" ) const ( @@ -40,9 +39,6 @@ type licenseID string func newLicenseID(s string) (licenseID, error) { needle := s - if strings.HasSuffix(s, "+") { - needle = s[:len(s)-1] - } for _, known := range allLicenses { if needle == known { return licenseID(s), nil diff --git a/spdx/parser_test.go b/spdx/parser_test.go index c79ac54230d..461b8bb9ae9 100644 --- a/spdx/parser_test.go +++ b/spdx/parser_test.go @@ -56,6 +56,7 @@ func (s *spdxSuite) TestParseError(c *C) { errStr string }{ {"", "empty expression"}, + {"GPL-2.0++", `unknown license: GPL-2.0\+\+`}, {"GPL-3.0 AND ()", "empty expression"}, {"()", "empty expression"},