Currently, hex does not say anything about the format of
A list of licenses the project is licensed under. This attribute is required.
What about promoting (not requiring) SPDX identifers? Seems like many other package managers also recommend using it.
Other package management systems
add a current SPDX license identifier for the license you’re using
If your package is licensed under multiple common licenses, use an SPDX license expression syntax version 2.0 string, like this:
The simplest way, is to specify the standard SPDX ID spdx.org/licenses/ for the license. Ideally you should pick one that is OSI (Open Source Initiative) opensource.org/licenses/alphabetical approved.
An SPDX license expression or path to a license file within the package, often shown in UI displays as well as nuget.org. If you’re licensing the package under a common license such as BSD-2-Clause or MIT, use the associated SPDX license identifier.
If your package is licensed under multiple common licenses, you can specify a composite license using the SPDX expression syntax version 2.0.