GPL-3.0-or-later licenses wrongly reported as GPL-3.0-only

[streaksu]

Duplicates

• I have searched the existing issues

Current behavior 😯

License: GPL-3.0-only

Expected behavior 🤔

License: GPL-3.0-or-later

Steps to reproduce 🕹

1. Clone a GPL-3.0-or-later repository (for example: https://git.savannah.gnu.org/git/ironclad.git)
2. onefetch inside
3. Wrong result is shown

Additional context/Screenshots 🔦

Effectively reopening #769, which said to fix the issue, but as of onefetch 2.19.0 it still is reproducible

Possible Solution 💡

To my knowledge, the or-later is determined by the license headers in the files. If scanning the licensed files is impractical to determine the or-later, maybe removing the only in the license printed helps remove a degree of confusion.

[o2sh]

It's an upstream issue jpeddicord/askalono#45 (comment)

As a quick workaround, I see two options:

• As suggested in Wrong license detected: GPL-3.0-only #769, get the license value from the package manifest first (only works for Cargo.toml or pakage.json) -> already implemented
• In doubt (presence of aliases) show both licenses to the user, smth like License: GPL-3.0-or-later | GPL-3.0-only

[spenserblack]

So the "or later" is really only known by comments in the source code, and the docs referencing "1.3 or any later version", right?

Have there been any projects that mix "only" and "later"?

[o2sh]

For reference, it seems like the library used by github for license detection has the same issue licensee/licensee#406 and their solution matches @streaksu's suggestion

[spenserblack]

Perhaps Askolono can also report simplified names (e.g. gpl-3.0-* -> GPL 3.0) as an additional field if it doesn't already? And then we could use those.