Re: Adding LICENSES folder for REUSE
Hello Charlemagne, Charlemagne Lasse schreef op za 11-11-2017 om 23:29 [+0100]: > 1. SPDX license identifier first > 2. Full BSD/MIT/ISC license in source files is sufficient and don't > require License-Filename > 3. verbatim licenses which are not in source files (GPL, LGPL, MPL, ...) > should be in LICENSES/ > 4. License-Filename tag can be added later and multiple are allowed per > file Yes, that is all quite correct :) The REUSE recommendations are threefold, roughly: 1. Include verbatim licence text in repository. 2. Add licence information about each file. 3. (Optional-ish) Create an SPDX bill of materials that can be auto-generated. We also have some recommendations about _how_ you might go about doing this, e.g., putting the licences in a LICENSES folder or putting certain headers in code files, but the exact implementation is eventually up to the project itself. `SPDX-License-Identifier` and `License-Filename` do roughly the same thing, apart from the difference which Jonas mentioned. I know that some kernel code files already use the SPDX-License-Identifier tag, and it seems to me that just satisfying that tag would be sufficient to start with. > If this understanding is correct then I would still propose that the > LICENSES folder is prepared with the previously identified long licenses > (which are currently not stored completely in the source files): If the kernel project did only this and stopped there, that would take you half the way there already. Just having (and distributing) the licence texts verbatim is reasonably important as far as legal responsibilities go. Yours sincerely, -- Carmen Bianca Bakker Technical Intern Free Software Foundation Europe e.V. signature.asc Description: This is a digitally signed message part
Re: Adding LICENSES folder for REUSE
Hi, 2017-11-11 22:21 GMT+01:00 Jonas Oberg : > I wouldn't do that now. Adding SPDX license identifiers is in most cases > quite sufficient and something which I would encourage first. > > What you mention about the LICENSES/ folder and the License-Filename > tag (which can be repeated) is an addition which is a bit more specific, > especially for BSD licenses where the SPDX license identifier alone does > not convey information about the specific "attribution requirement" of > each licensor. > > Most often though, as you find the BSD licenses in the source code headers, > we wouldn't want the license text separated from them, and it would be > contrary to the REUSE principles to do so. Thank you for the fast reply. Just as summary: 1. SPDX license identifier first 2. Full BSD/MIT/ISC license in source files is sufficient and don't require License-Filename 3. verbatim licenses which are not in source files (GPL, LGPL, MPL, ...) should be in LICENSES/ 4. License-Filename tag can be added later and multiple are allowed per file If this understanding is correct then I would still propose that the LICENSES folder is prepared with the previously identified long licenses (which are currently not stored completely in the source files): mkdir LICENSES curl -o LICENSES/GPL-1.0.txt https://www.gnu.org/licenses/gpl-1.0.txt curl -o LICENSES/GPL-2.0.txt https://www.gnu.org/licenses/gpl-2.0.txt curl -o LICENSES/MPL-1.1.txt https://www.mozilla.org/media/MPL/1.1/index.0c5913925d40.txt curl -o LICENSES/LGPL-2.0.txt https://www.gnu.org/licenses/lgpl-2.0.txt curl -o LICENSES/LGPL-2.1.txt https://www.gnu.org/licenses/lgpl-2.1.txt $EDITOR COPYING # change file to reference LICENSES/GPL-2.0.txt ? git add LICENSES COPYING git commit Thanks, Charlemagne Lasse
Re: Adding LICENSES folder for REUSE
Hi Charlemagne, > Since some people started to add the SPDX headers to some files, it > might now be the right time to ask to get a LICENSES folder which will > contain the separate licenses. I wouldn't do that now. Adding SPDX license identifiers is in most cases quite sufficient and something which I would encourage first. What you mention about the LICENSES/ folder and the License-Filename tag (which can be repeated) is an addition which is a bit more specific, especially for BSD licenses where the SPDX license identifier alone does not convey information about the specific "attribution requirement" of each licensor. Most often though, as you find the BSD licenses in the source code headers, we wouldn't want the license text separated from them, and it would be contrary to the REUSE principles to do so. So for now, I would recommend to focus on the SPDX license identifiers and then work out the other details later. -- Jonas Öberg Executive Director FSFE e.V. - keeping the power of technology in your hands. Your support enables our work, please join us today http://fsfe.org/join
Adding LICENSES folder for REUSE
Hi, the linux kernel is a GPL-2.0 project but is build based on files using all kinds of different licenses. It would be really nice when these licenses could be correctly referenced as described in the https://reuse.software/practices/ from the FSF. Since some people started to add the SPDX headers to some files, it might now be the right time to ask to get a LICENSES folder which will contain the separate licenses. According to the currently existing SPDX-License-Identifier, this should be at least: - GPL-1.0 - GPL-2.0 - BSD-2-Clause - BSD-3-Clause - MIT - MPL-1.1 - LGPL-2.0 - LGPL-2.1 I personally don't understand why BSD-2-Clause or MIT needs to have the copyright file stored with the copyright holder while GPL-2.0 doesn't need that. Seems to be quite wasteful and useless in a project like the Linux kernel. Especially when there are multiple copyright holders - and there are different combination in each file. Maybe the FSFE can give us some insights here. Here just two example files: - https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/tree/drivers/net/wireless/ath/ath9k/dfs.c?id=b39545684a90ef3374abc0969d64c7bc540d128d - https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/tree/drivers/net/wireless/ath/ath9k/ar9580_1p0_initvals.h?id=b39545684a90ef3374abc0969d64c7bc540d128d It would also be interesting to know from the FSFE how dual license should be handled in by the License-Filename tag. Thanks, Charlemagne Lasse