[feature] Better license modeling in Conan

[AbrilRBS]

What is your suggestion?

With the advent of sboms and related scrutinity over the recipe metadata, one lacking feature is a more robust modeling of licenses.

For example:

• Currently it's up to the consumer of the recipe to decide if each element in a license iterable should be ANDed or ORed
• In CCI we enforce SPDX identifiers to some degree (the linter can parse SPDX), but nothing states that programatically, which can be confusing (but allowing other approaches is something good for users that don't necessarily mean to use spdx). On the other side, Conan docs strongly suggest that SPDX is the preffered approach, but again, nothing set in stone
• Others?

Have you read the CONTRIBUTING guide?

• I've read the CONTRIBUTING guide

[valgur]

A SPDX format linter for the "license" field in CCI recipes would be very welcome and I would also suggest prohibiting a list of licenses without AND or OR clauses, as you mentioned.
It's more work, but the packaged license files could also be matched against known licenses as an additional validation using https://github.com/spdx/spdx-license-matcher (which should be the offline counterpart of https://tools.spdx.org/app/check_license/). It would have to be a very soft warning or just a notice in the pipeline output, though, since it would be unlikely to get an exact match in many cases.