Re: remove recommendation re: standard license headers
On Sun, Nov 14, 2021 at 9:35 PM Warner Losh <imp@...> wrote:
I'd personally rather we didn't even make the *appearance* of a
recommendation that SPDX-License-Identifiers are suitable replacements
for standard license headers. Especially with licenses that declare
*how* you're supposed to leverage a license for your software, this
can be highly problematic.
My personal feeling is that everyone who uses SPDX-License-Identifier
as a replacement for proper license headers is doing a disservice to
themselves, the community at large, and everyone who uses and and
consumes that code. When code travels (e.g. Linux drm/ -> FreeBSD),
it's super-easy for compliance and understanding to be missed because
you've gutted the important information from the code itself. This
also makes it difficult for the spirit and intent of licenses to be
conveyed because you're reducing them to something that they're not:
some checkbox somewhere. Moreover, you've effectively eliminated how
people learn about the licenses the code uses.
Older licenses like BSD and MIT flavors are designed to be short
enough to be embedded in the source. Newer licenses like MPL, GPL, and
ASL are both too large for that, so these licenses have a preferred
method of indicating that code follows those terms. Not following
those adds too much ambiguity and weakens the importance of conveying
the *intent* and *spirit* of these licenses.
If we were to have any recommendation, I would say the
SPDX-License-Identifier is a machine-parseable supplement to the
standard header, not a replacement. This is also how my workplace uses them.
真実はいつも一つ！/ Always, there's only one truth!