Please use SPDX license id to simplify automatic analysis
vlsi opened this issue · comments
Current behavior
jodd pom.xml uses <license><name>The BSD 2-Clause License</...
for license name which is not very well machine-readable.
Expected behavior
Please use SPDX identifier: BSD-2-Clause (see https://spdx.org/licenses/BSD-2-Clause.html)
Note: I know there's no standard way to reference a license, however use of SPDX id would still simplify the analysis. Especially taking into account that your pom.xml
uses http://jodd.org/license.html
for license URL, and the contents of that page might vary over time.
So it becomes complicated to assess the license for "past" artifacts.
Steps to Reproduce the Problem
Download recent pom.xml for jodd (e.g. jodd-core 5.0.13)
Agree!