Re: SPDX Identifier in licenses/source headers
|
Mark Gisi
As a general rule of thumb, one should *not* modify the licensing terms of another copyright holder. Adding an SPDX Identifier to an existing file is one thing. Removing (or modifying) license notices by a non-copyright holder is another and a bad idea. Especially if you end up with less information (e.g., loss of warrantee disclaimers, copyright notices, important license text, ...).clarification: The argument was that the replacement of a license header If a standard license notice exists (the ones typically found with GPL, LGPL, Apache, MIT, BSD, ...) then tools today do a very good job at detecting licenses for source files. Adding a license identifier adds nothing in those cases. That is, programmatically determining the license info in file for standard notices is no more or less easier. Non-standard or missing license notices present a different situation. If we end up with less information, SPDX Identifiers will create a bigger problem than they solve. We need to move forward with care. The discussion for providing recommend license notices just started following the recent release of the 2.0 spec. The first step is to more concisely define the problem to solve. I encourage anyone interested in this topic to participate. - Mark -----Original Message----- From: spdx-tech-bounces@... [mailto:spdx-tech-bounces@...] On Behalf Of Wolfgang Denk Sent: Wednesday, June 10, 2015 4:32 AM To: Manbeck, Jack Cc: spdx-tech@... Subject: Re: SPDX Identifier in licenses/source headers Dear Jack, In message <858B013A986C4F43A8A43AF62F39E5660CF03FF5@...> you wrote: Thanks for the link. We are starting discussions again on this to see if we can move thisI see. Here is a bit of additional information; I'm not sure if this has been brought up before: when suggesting to add SPDX IDs to the Linux kernel files, one argument was raised which in my opinion needs clarification: The argument was that the replacement of a license header in a source file by some abbreviation (an ID tag) is not just a formal change of the textual representation of the license information, but a might be considered a change to the actual license terms. I sent an e-mail for help to the Software Freedom Law Center, trying to get their official position if the replacement of the GPL header by a "SPDX-License-Identifier: GPL-2.0+" tag is acceptable, but they did not reply yet. Best regards, Wolfgang Denk -- DENX Software Engineering GmbH, Managing Director: Wolfgang Denk HRB 165235 Munich, Office: Kirchenstr.5, D-82194 Groebenzell, Germany Phone: (+49)-8142-66989-10 Fax: (+49)-8142-66989-80 Email: wd@... Imagination was given to man to compensate him for what he is not; a sence of humor to console him for what he is. - Fancis Bacon _______________________________________________ Spdx-tech mailing list Spdx-tech@... https://lists.spdx.org/mailman/listinfo/spdx-tech |
|
|