SPDX-License-Identifiers in Snippets


Steve Winslow
 

Hello spdx-legal team (cc spdx-tech team),

Similar to my separate email earlier today, I'd also encourage interested folks to take a look at the draft annex in PR #464 at https://github.com/spdx/spdx-spec/pull/464.

This relates to a proposal to add language to the part of the SPDX spec defining the use of "SPDX-License-Identifier:" in source code. The proposal here would be to add a new mechanism where individual snippets (sub-sections of a file) could be specified within source code, and an associated license expression and copyright statement associated with each snippet directly in the snippet's source code.

As you'll see in the PR comments, personally I am _not_ in favor of the PR as currently drafted, because in my view it gives a different meaning to the existing SPDX-License-Identifier: tag. But I'd like to see others from the SPDX Legal Team community weigh in as well with your own thoughts.

Thanks,
Steve


J Lovejoy
 

Thanks Steve.  I agree generally with your statement in this email and have added a comment to the PR.

To be clear, this is a chance to the Annex on using SPDX license identifiers in source code, not the Spec proper.

I"m also wondering if this proposal (if accepted in a modified as per some of your suggestions) would be better suited for Annex H?  https://github.com/spdx/spdx-spec/blob/development/v2.3/chapters/file-tags.md

Jilayne

On 5/21/22 12:26 PM, Steve Winslow wrote:
Hello spdx-legal team (cc spdx-tech team),

Similar to my separate email earlier today, I'd also encourage interested folks to take a look at the draft annex in PR #464 at https://github.com/spdx/spdx-spec/pull/464.

This relates to a proposal to add language to the part of the SPDX spec defining the use of "SPDX-License-Identifier:" in source code. The proposal here would be to add a new mechanism where individual snippets (sub-sections of a file) could be specified within source code, and an associated license expression and copyright statement associated with each snippet directly in the snippet's source code.

As you'll see in the PR comments, personally I am _not_ in favor of the PR as currently drafted, because in my view it gives a different meaning to the existing SPDX-License-Identifier: tag. But I'd like to see others from the SPDX Legal Team community weigh in as well with your own thoughts.

Thanks,
Steve


Matija Šuklje
 

Dear team(s),

was great hearing you again on the call yesterday.

I see there is renewed interest in this topic and I dearly hope we
can push it forward to whatever conclusion, so REUSE can finally
implement snippet-level tags.

Since it has been quite some time since the original proposal, I
took the time to summarise and contextualise it in my comment to
the issue in an orderly manner (it’s long-ish):
https://github.com/spdx/spdx-spec/pull/464#issuecomment-1140023288


cheers,
Matija Šuklje
--
gsm: +386 41 849 552
www: http://matija.suklje.name
xmpp: matija.suklje@...
sip: matija_suklje@...