1. Spdx-Legal
  2. Messages

Re: Change use of SPDX *-Identifier tags in REUSE.software and Linux kernel best practices?

Jonas Oberg <jonas@...>
 

Your analysis is correct. We used Valid- to avoid confusion, and to make clear REUSE/Linux kernel use of it was an addition to SPDX, not SPDX in itself.
The exception identifier was left as the meaning was not elsewhere defined. I'd be fine to change it too to Valid- for consistency.

Best
Jonas

On August 1, 2018 2:21:41 PM UTC, "Matija Šuklje" <matija@...> wrote:
Hi all,

I’m currently battling figuring out how to integrate SPDX through
REUSE.software and am at a stage of severe head-scratching¹. I am
CC’ing Jonas
(FSFE, REUSE), in case he is not actively following this list.

While I am referring to REUSE.software² here, the situation is near
identical
in the Linux kernel licensing rules³.

REUSE.software refers to the following tags:

• ‘Valid-License-Identifier’ to tag the actual *text of* a license
(and
‘License-Text’ to include a copy of its text)
• ‘SPDX-Exception-Identifier’ to tag the actual *text of* an exception
(and
‘Exception-Text’ to include a copy of its text)

Now, I searched the SPDX Specifications 2.1⁴ and I could not find
either.

What I did find is the ‘SPDX-License-Identifier’, which we all know and
love
and is used to tag the governing license of a work/file/part. This tag
can
also include an ‘exception-id’ of course in the form of “‘license-id’
WITH
‘exception-id’”.

The issue I have with this is the inconsistency and therefore potential

confusion. Namely: On face value ‘SPDX-Exception-Identifier’ and ’SPDX-
License-Identifier’ seem to be part of one spec and
‘Valid-License-Identifier’
of another; but the truth is that the first and the last are of one
origin,
and the middle is in fact the one with a different origin.

It seems as if initially the SPDX tags ’SPDX-License-Identifier’ and
‘SPDX-
Exception-Identifier’ were used, but then the former changed to ‘Valid-
License-Identifier’ in order to avoid confusion. But the exception tag
was
left unchanged, as it did not clash directly with SPDX specs, which
brings us
to this mess.

Would it be possible to change the ’SPDX-Exception-Identifier’ to
‘Valid-
Exception-Identifier’ in the Linux kernel and REUSE.software best
practices? I
know that this is not an SPDX question directly, but I am pretty sure
people
involved with both projects are here as well and it is paramount to not
break
SPDX specs while finding a solution.


cheers,
Matija Šuklje

1 I don’t need a doctor, just your guidance here ;)
2 https://reuse.software/practices/2.0/
3 https://www.kernel.org/doc/html/v4.17/process/license-rules.html
4 https://spdx.org/spdx-specification-21-web-version
Join Spdx-legal@lists.spdx.org to automatically receive all group messages.