Redirected from github.com/github/go-spdx/spdxexp.

spdxexp

package

v2.6.0 Latest Latest Go to latest Published: Apr 17, 2026 License: MIT Imports: 8 Imported by: 29

Details

Valid go.mod file
Redistributable license
Tagged version
Stable version
Learn more about best practices

Repository

github.com/github/go-spdx

Links

Open Source Insights

Documentation ¶

Overview ¶

Package spdxexp validates licenses and determines if a license expression is satisfied by a list of licenses. Validity of a license is determined by the SPDX license list.

Index ¶

func ActiveLicense(id string) (bool, string)
func ExtractLicenses(expression string) ([]string, error)
func Satisfies(testExpression string, allowedList []string) (bool, error)
func ValidateLicenses(licenses []string) (bool, []string)
func ValidateLicensesWithOptions(licenses []string, options ValidateLicensesOptions) (bool, []string)
type ValidateLicensesOptions

Examples ¶

Satisfies (And)
Satisfies (AndNotFound)
Satisfies (ErrorUnknownLicense)
Satisfies (ExtraAllowedLicense)
Satisfies (Only)
Satisfies (OnlyNotFound)
Satisfies (Or)
Satisfies (OrLater)
Satisfies (OrLaterNotFound)
Satisfies (OrNotFound)
Satisfies (Plus)
Satisfies (PlusNotFound)
Satisfies (SingleLicense)
ValidateLicenses (AllBad)
ValidateLicenses (AllGood)
ValidateLicenses (OneBad)

Constants ¶

This section is empty.

Variables ¶

This section is empty.

Functions ¶

func ActiveLicense ¶ added in v2.4.0

func ActiveLicense(id string) (bool, string)

ActiveLicense returns true if the id is an active license.

func ExtractLicenses ¶ added in v2.2.0

func ExtractLicenses(expression string) ([]string, error)

ExtractLicenses extracts licenses from the given expression without duplicates. Returns an array of licenses or error if error occurs during processing.

func Satisfies ¶

func Satisfies(testExpression string, allowedList []string) (bool, error)

Satisfies determines if the allowed list of licenses satisfies the test license expression. Returns true if allowed list satisfies test license expression; otherwise, false. Returns error if error occurs during processing.

Example (And) ¶

fmt.Println(Satisfies("Apache-2.0 AND MIT", []string{"MIT", "Apache-2.0"}))

Output:
true <nil>

Example (AndNotFound) ¶

fmt.Println(Satisfies("MIT AND Apache-2.0", []string{"MIT"}))

Output:
false <nil>

Example (ErrorUnknownLicense) ¶

fmt.Println(Satisfies("GPL", []string{"GPL"}))

Output:
false unknown license 'GPL' at offset 0

Example (ExtraAllowedLicense) ¶

fmt.Println(Satisfies("MIT AND Apache-2.0", []string{"MIT", "Apache-1.0", "Apache-2.0"}))

Output:
true <nil>

Example (Only) ¶

fmt.Println(Satisfies("Apache-1.0", []string{"Apache-1.0-only"}))

Output:
true <nil>

Example (OnlyNotFound) ¶

fmt.Println(Satisfies("Apache-2.0", []string{"Apache-1.0-only"}))

Output:
false <nil>

Example (Or) ¶

fmt.Println(Satisfies("MIT OR Apache-2.0", []string{"MIT"}))

Output:
true <nil>

Example (OrLater) ¶

fmt.Println(Satisfies("Apache-2.0", []string{"Apache-1.0-or-later"}))

Output:
true <nil>

Example (OrLaterNotFound) ¶

fmt.Println(Satisfies("Apache-1.0", []string{"Apache-2.0-or-later"}))

Output:
false <nil>

Example (OrNotFound) ¶

fmt.Println(Satisfies("MIT OR Apache-2.0", []string{"GPL-2.0"}))

Output:
false <nil>

Example (Plus) ¶

fmt.Println(Satisfies("Apache-2.0", []string{"Apache-1.0+"}))

Output:
true <nil>

Example (PlusNotFound) ¶

fmt.Println(Satisfies("Apache-1.0", []string{"Apache-2.0+"}))

Output:
false <nil>

Example (SingleLicense) ¶

fmt.Println(Satisfies("MIT", []string{"MIT"}))

Output:
true <nil>

func ValidateLicenses ¶

func ValidateLicenses(licenses []string) (bool, []string)

ValidateLicenses checks if given licenses are valid according to spdx. Returns true if all licenses are valid; otherwise, false. Returns all the invalid licenses contained in the `licenses` argument.

Example (AllBad) ¶

fmt.Println(ValidateLicenses([]string{"MTI", "Apache--2.0", "GPL"}))

Output:
false [MTI Apache--2.0 GPL]

Example (AllGood) ¶

fmt.Println(ValidateLicenses([]string{"MIT", "Apache-2.0", "GPL-2.0"}))

Output:
true []

Example (OneBad) ¶

fmt.Println(ValidateLicenses([]string{"MIT", "Apache-2.0", "GPL"}))

Output:
false [GPL]

func ValidateLicensesWithOptions ¶ added in v2.6.0

func ValidateLicensesWithOptions(licenses []string, options ValidateLicensesOptions) (bool, []string)

ValidateLicensesWithOptions checks if given licenses are valid according to SPDX. Returns true if all licenses are valid; otherwise, false. Returns all the invalid licenses contained in the `licenses` argument.

Types ¶

type ValidateLicensesOptions ¶ added in v2.6.0

type ValidateLicensesOptions struct {
	// FailComplexExpressions rejects SPDX license expressions (e.g. "MIT AND Apache-2.0").
	// Single license identifiers (including those with a WITH exception) are still allowed.
	FailComplexExpressions bool

	// FailDeprecatedLicenses rejects deprecated SPDX license identifiers (e.g. "eCos-2.0").
	FailDeprecatedLicenses bool

	// FailAllLicenseRefs rejects all SPDX license references (e.g. "LicenseRef-MyLicense").
	FailAllLicenseRefs bool

	// FailAllDocumentRefs rejects all SPDX document references (e.g. "DocumentRef-MyDocument").
	FailAllDocumentRefs bool
}

ValidateLicensesOptions controls how ValidateLicensesWithOptions validates input.

Source Files ¶

View all Source files

Directories ¶

Path	Synopsis
spdxlicenses Package spdxlicenses provides functions to get licenses, deprecated licenses, and exceptions.	Package spdxlicenses provides functions to get licenses, deprecated licenses, and exceptions.

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL