Fix --validate-spdx option
Closed this issue · 0 comments
hesa commented
Currently the option --validate-spdx
checks if the licenses are known to [license_expression](https://github.com/nexB/license-expression)
, which is the same database of licenses as [ScanCode LicenseDB](https://scancode-licensedb.aboutcode.org/.
Instead, a check against should be implemented