The REUSE specification says:
These are the definitions for some of the terms used in this specification:
[…]
The latest version of SPDX is version 3.0.1. It would be nice if the REUSE specification was updated so that it used SPDX 3.0.1.
That being said, updating to version 3.x of the SPDX specification might be a significant amount of work. SPDX 3.x doesn’t mention SPDX-License-Identifier: at all. The specification for SPDX-License-Identifier: has been moved to https://spdx.github.io/using/license-id-in-source. Unfortunately, there’s no version numbers in that URL which raises the question: how do we lock specific versions of the REUSE specification to specific versions of the SPDX-License-Identifier: specification? Additionally, that page says “TODO: update for SPDXv3” so I guess that it’s not ready to be used with SPDX 3.x yet.
The REUSE specification says:
The latest version of SPDX is version 3.0.1. It would be nice if the REUSE specification was updated so that it used SPDX 3.0.1.
That being said, updating to version 3.x of the SPDX specification might be a significant amount of work. SPDX 3.x doesn’t mention
SPDX-License-Identifier:at all. The specification forSPDX-License-Identifier:has been moved to https://spdx.github.io/using/license-id-in-source. Unfortunately, there’s no version numbers in that URL which raises the question: how do we lock specific versions of the REUSE specification to specific versions of theSPDX-License-Identifier:specification? Additionally, that page says “TODO: update for SPDXv3” so I guess that it’s not ready to be used with SPDX 3.x yet.