Re: Seen in file license recognition
No, I don’t think we should limit the values in “seen in file licenses” to just those which “exact” match the standard header set.
Because I don’t think it is reasonable to expect that SPDX will maintain a comprehensive set of all the variants of headers/texts encountered in files which refer to a specific license in the SPDX license list. Different producers will ‘see’ header variants in files that the SPDX community hasn’t yet ‘seen’ before (e.g. differing from standard headers by insignificant punctuation, spelling), but which are clearly referencing a specific license known to SPDX. SPDX producers should still get to record these observations as ‘seen in file licenses’, shouldn’t they?
Different producers of spdx will inevitably disagree on the values in the list, depending on the thoroughness of their analyses.
The CreatedBy and ReviewedBy fields in SPDX documents will let consumers of SPDX documents know who produced them.
The consumers can consider this information when assessing their risk.
On 1/14/11 11:00 AM, "Peter Williams" <peter.williams@...> wrote:
It was clear from the call this morning that when and spdx producer
Knowledge Base Manager
Black Duck Software Inc.