spdx@lists.spdx.org | Seen in file license recognition

Home Messages Hashtags Subgroups

Date Date 1 - 3 of 3

Seen in file license recognition

Jilayne Lovejoy <Jlovejoy@...> #283 Yes, I would agree with that, Bill. Jilayne From: spdx-bounces@... [mailto:spdx-bounces@...] On Behalf Of Bill Schineller Sent: Friday, January 14, 2011 2:50 PM To: Peter Williams; spdx@... Subject: Re: Seen in file license recognition No, I don’t think we should limit the values in “seen in file licenses” to just those which “exact” match the standard header set. Because I don’t think it is reasonable to expect that SPDX will maintain a comprehensive set of all the variants of headers/texts encountered in files which refer to a specific license in the SPDX license list. Different producers will ‘see’ header variants in files that the SPDX community hasn’t yet ‘seen’ before (e.g. differing from standard headers by insignificant punctuation, spelling), but which are clearly referencing a specific license known to SPDX. SPDX producers should still get to record these observations as ‘seen in file licenses’, shouldn’t they? Different producers of spdx will inevitably disagree on the values in the list, depending on the thoroughness of their analyses. The CreatedBy and ReviewedBy fields in SPDX documents will let consumers of SPDX documents know who produced them. The consumers can consider this information when assessing their risk. Bill Schineller Black Duck On 1/14/11 11:00 AM, "Peter Williams" <peter.williams@...> wrote: It was clear from the call this morning that when and spdx producer sees a standard header in a file that license ends up in the "seen in file licenses" list. However, for all other licenses/license headers do we expect those to be listed? Do we want to limit the values in "seen in file licenses" to just those that match the standard header set? If we don't then different producers of spdx will not agree on the values in that list. Peter openlogic.com _______________________________________________ Spdx mailing list Spdx@... https://fossbazaar.org/mailman/listinfo/spdx Bill Schineller Knowledge Base Manager Black Duck Software Inc. T: +1.781.810.1829 F: +1.781.891.5145 E: bschineller@... http://www.blackducksoftware.com
More
Bill Schineller #282 No, I don’t think we should limit the values in “seen in file licenses” to just those which “exact” match the standard header set. Because I don’t think it is reasonable to expect that SPDX will maintain a comprehensive set of all the variants of headers/texts encountered in files which refer to a specific license in the SPDX license list. Different producers will ‘see’ header variants in files that the SPDX community hasn’t yet ‘seen’ before (e.g. differing from standard headers by insignificant punctuation, spelling), but which are clearly referencing a specific license known to SPDX. SPDX producers should still get to record these observations as ‘seen in file licenses’, shouldn’t they? Different producers of spdx will inevitably disagree on the values in the list, depending on the thoroughness of their analyses. The CreatedBy and ReviewedBy fields in SPDX documents will let consumers of SPDX documents know who produced them. The consumers can consider this information when assessing their risk. Bill Schineller Black Duck On 1/14/11 11:00 AM, "Peter Williams" <peter.williams@...> wrote: It was clear from the call this morning that when and spdx producer sees a standard header in a file that license ends up in the "seen in file licenses" list. However, for all other licenses/license headers do we expect those to be listed? Do we want to limit the values in "seen in file licenses" to just those that match the standard header set? If we don't then different producers of spdx will not agree on the values in that list. Peter openlogic.com _______________________________________________ Spdx mailing list Spdx@... https://fossbazaar.org/mailman/listinfo/spdx Bill Schineller Knowledge Base Manager Black Duck Software Inc. T: +1.781.810.1829 F: +1.781.891.5145 E: bschineller@... http://www.blackducksoftware.com
More All Messages By This Member
Peter Williams <peter.williams@...> #273 It was clear from the call this morning that when and spdx producer sees a standard header in a file that license ends up in the "seen in file licenses" list. However, for all other licenses/license headers do we expect those to be listed? Do we want to limit the values in "seen in file licenses" to just those that match the standard header set? If we don't then different producers of spdx will not agree on the values in that list. Peter openlogic.com
More

1 - 3 of 3

1

Previous Topic Next Topic

Home Hashtags Subgroups Terms