Adopting SPDX license format

hex
mix
#1

Currently, hex does not say anything about the format of licenses.

A list of licenses the project is licensed under. This attribute is required.

What about promoting (not requiring) SPDX identifers? Seems like many other package managers also recommend using it.

Other package management systems

https://docs.npmjs.com/files/package.json

add a current SPDX license identifier for the license you’re using
If your package is licensed under multiple common licenses, use an SPDX license expression syntax version 2.0 string, like this:

https://guides.rubygems.org/specification-reference/

The simplest way, is to specify the standard SPDX ID spdx.org/licenses/ for the license. Ideally you should pick one that is OSI (Open Source Initiative) opensource.org/licenses/alphabetical approved.

An SPDX license expression or path to a license file within the package, often shown in UI displays as well as nuget.org. If you’re licensing the package under a common license such as BSD-2-Clause or MIT, use the associated SPDX license identifier.
If your package is licensed under multiple common licenses, you can specify a composite license using the SPDX expression syntax version 2.0.

3 Likes
#2

There’s an open issue about this https://github.com/hexpm/hexpm/issues/746. Any contributions are always very welcome, and the Hex team would be happy to help anyone that wants to contribute to this.

1 Like