openjdk license: combine the 2 expressions into one for SBOM generator compatibility

[johan-boule]

Summary

Changes to recipe: openjdk all versions, licence attribute

Motivation

When using the Conan SBOM generator extension, the CycloneDX library rejects the licence information because it's using SPDX expressions, and in this case, there can be only one element.

Details

To allow the license to be valid when using Conan's SBOM generator extension, we have to use only one element when using SPDX expressions. I'm unsure whether multiple WITH operators are valid, so I propose to use a AND operator. WITH has precedence over AND, so no parenthesis is needed.

---

• Read the contributing guidelines
• Checked that this PR is not a duplicate: list of PRs by recipe
• Tested locally with at least one configuration using a recent version of Conan

NOTICE: I didn't read any of the CLA text I signed, nor did I read the contributing guidelines.

[CLAassistant]

All committers have signed the CLA.

[conan-center-bot]

Conan v1 pipeline ❌

Sorry, the build is only launched for Access Request users. You can request access writing in this issue.

Conan v2 pipeline ❌

Note: Conan v2 builds are now mandatory. Please read our discussion about it.

The v2 pipeline failed. Please, review the errors and note this is required for pull requests to be merged. In case this recipe is still not ported to Conan 2.x, please, ping @conan-io/barbarians on the PR and we will help you.

Sorry, the build is only launched for Access Request users. You can request access writing in this issue.

[AbrilRBS]

Hi @johan-boule thanks a lot for taking the time to create this, we appreciate it.

Conan documents the license field to be a tuple object (usually only one element is present, but internally it gets converted to one!), so I think the best approach would actually be to improve the sbom generator to handle these cases, and have the tool make the join as needed

Happy to help with that if needed, thanks!

[valgur]

@AbrilRBS I think that change is still useful, though. The SPDX licenses tuple often is ambiguous in terms of whether the list is to be interpreted as being joined by AND or OR.

[johan-boule]

I wonder if there's a generic way to combine the tuple elements. Should it be combined with AND or with OR ?
In the particular case of openjdk, I think AND makes sense, but could there be cases where it should be OR ?
I'm no SBOM or SPDX expert at all, but from what I could glimpse, there can be multiple elements, but if so, they shouldn't have any expression keywords (WITH, AND, OR). I could be wrong though.

[johan-boule]

Can you please move and reopen this issue to the conan-extensions project ?
Or maybe it's not technically possible as it's a pull request and not an issue.
Let me know if I need to create a proper issue ticket in conan-extensions.