Dear All, As we've heard already, starting with Qt 6.8, the build system will generate a Software Bill of Materials (SBOM) file for each built repo in the CI.
The Qt Sources SBOM is to be produced using the REUSE tool (https://reuse.software/spec-3.2/). In order to achieve this, REUSE.toml files are introduced to account for the copyright and license that are not documented in file or are not readable by REUSE. The change introducing REUSE.toml files in qtbase is here: https://codereview.qt-project.org/c/qt/qtbase/+/566901 The other modules will follow. With the REUSE.toml files, and the SPDX license tags already present in file, we become REUSE compliant. If you add a new qt_attribution.json file, please make sure the copyright and licensing information are documented in a REUSE.toml file next to it. To create a source SBOM with REUSE run: reuse spdx To check for REUSE compliance run: reuse lint Please reach out to me if you have any question or comment Cheers, Lucie
-- Development mailing list Development@qt-project.org https://lists.qt-project.org/listinfo/development
