Re: Using SPDX for firmware
On Wed, Aug 12, 2015 at 2:00 PM, Richard Hughes <hughsient@...> wrote:
On 12 August 2015 at 17:40, Kate Stewart <kstewart@...> wrote:
Thanks. I've forward the info to the folks with web access, and we'll
get it fixed.
Possibly something like LicenseRef-Rasbperry-Pi-firmware
would be short and descriptive.
Actual syntax in the spec is
where [idstring] is a unique string containing letters, numbers, “.”, “-” or “+”.
Then define in another section of the metadata to contain the actual details
of the License itself, so it can carry along.
The AppStream metadata probably is the logical point.
That way the info can be self referential and consistent.
If its in the meta data, you should be able to still do this.
This is one of the use cases that motivated us having an
"Other Licensing Information Detected" section in SPDX ;-)
For maximizing interoperability, suggest the following or something similar be added to Appstream metadata specification.
I've filled it in using Rasberry Pi Firmware example.
<licenseName>Raspberry Pi Firmware from Broadcom</licenseName>
<rdfs:comment> This permits redistribution without modification only </rdfs:comment>
Have filled in an example of how the above would be coded up and carried with the metadata in SPDX. Of the example, for SPDX the only fields are mandatory are:
licenseId, licenseName, & extractedText. Those would be the ones to make sure are carried in your metadata. rdfs:seeAlso and rdfs:comment - are optional in SPDX, but are nice to have.
Hope this helps,