On Mon, Nov 27, 2017 at 8:37 PM, Richard Fontana <rfontana@...> wrote:
On Mon, Nov 27, 2017 at 11:04:15AM -0800, Bradley M. Kuhn wrote:Richard,As I understand Richard's reasons, they relate to license documents thatRight. I can't really see a justification for creating SPDX
say I am a user of 5,000 packages. Some of which come with this L/GPL
rider, some not: I could see some value there. But then again, it may
be a point minor enough that this may not be worth tracking in SPDX.
And of course very few reuse 5,000 packages, right? Yet in fact
several small to mid-size container-based deployment reach this number
very quickly. Add a few npm/node-based apps in the mix and you top
that number even faster in practice.