Thanks Mark. Partly I was wondering if there was value in proposing a change to that Apache source header to include the SPDX identifier somehow. :)
Hen On Mon, Jun 8, 2015 at 12:20 AM, Gisi, Mark <[email protected]> wrote: > Hi Hen, > > > > There is no recommendation by SPDX.org yet on whether to use SPDX short > license identifiers within a file. There has been a fair amount of > discussion with some concerns identified when **only** short identifiers > are included in file headers. This is still an active discussion for which > I anticipate a recommendation for a best practice will be made sometime in > 2015. > > > > As one of the largest producers of SPDX files, Wind River has come to the > conclusion (for now) the best general practice is to use a standard license > file notice if one exists. In the case of the Apache 2.0 license, that > would be to include the following license notice in every file (as > recommend by the appendix of the Apache 2.0 license): > > > > Copyright [yyyy] [name of copyright owner] > > Licensed under the Apache License, Version 2.0 (the "License"); > you may not use this file except in compliance with the License. > You may obtain a copy of the License at > > http://www.apache.org/licenses/LICENSE-2.0 > > Unless required by applicable law or agreed to in writing, software > distributed under the License is distributed on an "AS IS" BASIS, > WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. > See the License for the specific language governing permissions and > limitations under the License. > > This is easy to identify by many SPDX generation tools today. This is also > a best practice followed by the Apache Foundation (along with including a > full copy of the Apache 2.0 in LICENSE.txt). It is my opinion that the > Apache Foundation approach for managing license information in source code > represents the current gold standard. An approach where a clear simple > license notice appears at the top of every source file, eliminating license > ambiguity that is commonly found in many other easily accessible source > code repositories. > > > > - Mark > > > > > > Mark Gisi | *Wind River *| Director, IP & Open Source > > Tel (510) 749-2016 | Fax (510) 749-4552 > > > > > > *From:* [email protected] [mailto: > [email protected]] *On Behalf Of *Henri Yandell > *Sent:* Saturday, June 06, 2015 10:09 AM > *To:* [email protected] > *Subject:* SPDX Identifier in licenses/source headers > > > > > > What would be the correct tag to put in a license and license source > header to make life easier for SPDX? > > > > I see 'SPDX-License-Identifier' referenced in 2013 emails, but searching > the spec doesn't find that. > > > > As an example, If I've an Apache 2.0 license, should I be inserting > 'SPDX-License-Identifier: Apache 2.0' into the LICENSE.txt and each source > header? > > > > If that's the case, is there any best practice location to put it in? > > > > Thanks, > > > > Hen >
_______________________________________________ Spdx-tech mailing list [email protected] https://lists.spdx.org/mailman/listinfo/spdx-tech
