Skip to content

Use SPDX license identifier in package metadata for automated license scanning #317

Open
Open
Use SPDX license identifier in package metadata for automated license scanning#317
@mrcll123

Description

@mrcll123
mrcll123
opened on May 28, 2026

Issue

The injector package currently uses "BSD" as the license identifier in its package metadata, which is not recognized by automated license scanning tools like osv-scanner because it's not a specific SPDX identifier. "BSD" is ambiguous as there are multiple BSD license variants (BSD-2-Clause, BSD-3-Clause, BSD-4-Clause, etc.).

Current State

$ pip show injector | grep License
License: BSD

Metadata

Metadata

Assignees

No one assigned

    Labels

    No labels
    No labels

    Type

    No type

    Fields

    No fields configured for issues without a type.

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions