Topics

SPDX recommendations from other communities! :-D


Kate Stewart
 

Hi,
     Just thought some of you might be interested in 
some recent announcements with SPDX showing up
in them. 

FSFE just launched a new site today recommending
use of SPDX license identifiers in the source files,
and generating a manifest from an SPDX document.  :-)

Also there are a similar set of recommendations by the 
Commons Conservancy which also recommend use of the
tags, and generation of SPDX documents: 

Best regards,
Kate


Neal Gompa
 

On Wed, Sep 6, 2017 at 8:47 AM, Kate Stewart
<kstewart@...> wrote:
Hi,
Just thought some of you might be interested in
some recent announcements with SPDX showing up
in them.

FSFE just launched a new site today recommending
use of SPDX license identifiers in the source files,
and generating a manifest from an SPDX document. :-)
see: https://reuse.software/

Also there are a similar set of recommendations by the
Commons Conservancy which also recommend use of the
tags, and generation of SPDX documents:
https://commonsconservancy.org/faq/licenseinfo/
I'd like to point out that this recommendation is contingent on being
able to automatically scan and generate it. No one is suggesting
manual inventory of code to generate SPDX document.


--
真実はいつも一つ!/ Always, there's only one truth!


Philip Odence
 

Wow, Kate, great stuff! Thanks for sharing. I’ll talk to Jack about putting reference on the website.

 

In the meantime, for your amusement: http://blog.blackducksoftware.com/open-source-licenses-interesting

 

From: <spdx-bounces@...> on behalf of Kate Stewart <kstewart@...>
Date: Wednesday, September 6, 2017 at 5:47 AM
To: SPDX-general <spdx@...>
Subject: SPDX recommendations from other communities! :-D

 

Hi,

     Just thought some of you might be interested in 

some recent announcements with SPDX showing up

in them. 

 

FSFE just launched a new site today recommending

use of SPDX license identifiers in the source files,

and generating a manifest from an SPDX document.  :-)

 

Also there are a similar set of recommendations by the 

Commons Conservancy which also recommend use of the

tags, and generation of SPDX documents: 

 

Best regards,

Kate

 


Philip Odence
 

Sorry, all, didn’t mean to cc the list. But you might find my blog amusing as well.

 

From: <spdx-bounces@...> on behalf of Philip Odence <podence@...>
Date: Wednesday, September 6, 2017 at 6:13 AM
To: Kate Stewart <kstewart@...>, SPDX-general <spdx@...>
Subject: Re: SPDX recommendations from other communities! :-D

 

Wow, Kate, great stuff! Thanks for sharing. I’ll talk to Jack about putting reference on the website.

 

In the meantime, for your amusement: http://blog.blackducksoftware.com/open-source-licenses-interesting

 

From: <spdx-bounces@...> on behalf of Kate Stewart <kstewart@...>
Date: Wednesday, September 6, 2017 at 5:47 AM
To: SPDX-general <spdx@...>
Subject: SPDX recommendations from other communities! :-D

 

Hi,

     Just thought some of you might be interested in 

some recent announcements with SPDX showing up

in them. 

 

FSFE just launched a new site today recommending

use of SPDX license identifiers in the source files,

and generating a manifest from an SPDX document.  :-)

 

Also there are a similar set of recommendations by the 

Commons Conservancy which also recommend use of the

tags, and generation of SPDX documents: 

 

Best regards,

Kate

 


Kate Stewart
 



On Wed, Sep 6, 2017 at 7:51 AM, Neal Gompa <ngompa13@...> wrote:

I'd like to point out that this recommendation is contingent on being
able to automatically scan and generate it. No one is suggesting
manual inventory of code to generate SPDX document.

Hi Neal,
    We agree, some tooling is needed to generate the signing of the 
files that is needed in an SPDX document for an accurate manifest. 
Both FOSSology and ScanCode are open source projects that 
scan source projects and generate SPDX documents.   Windriver
also provides a service to do so too. 

Kate