Hi Henri, While Mark is right that there is no official recommendation by the SPDX working group, there does seem to be a bit of momentum forming around the use of:
SPDX-License-Identifier: <identifier> See http://wiki.spdx.org/view/Business_Team/Adoption#Use_of_META_Tags <http://wiki.spdx.org/view/Business_Team/Adoption#Use_of_META_Tags>, although I suspect there are more than we’ve captured here. Personally, I think this is a good thing and hope/expect to see more use of it. I read some of the posts in the Apache Jira that Roger sent the link to - if Apache is looking for a short(er) form for file-level notices and wanted to adopt this form, that would be fantastic, as far as I’m concerned. Obviously, up to the team at Apache, Jilayne SPDX Legal Team co-lead [email protected] > On Jun 8, 2015, at 7:46 PM, Henri Yandell <[email protected]> wrote: > > Thanks Mark. > > Partly I was wondering if there was value in proposing a change to that > Apache source header to include the SPDX identifier somehow. :) > > Hen > > On Mon, Jun 8, 2015 at 12:20 AM, Gisi, Mark <[email protected] > <mailto:[email protected]>> wrote: > Hi Hen, > > > > There is no recommendation by SPDX.org yet on whether to use SPDX short > license identifiers within a file. There has been a fair amount of discussion > with some concerns identified when *only* short identifiers are included in > file headers. This is still an active discussion for which I anticipate a > recommendation for a best practice will be made sometime in 2015. > > > > As one of the largest producers of SPDX files, Wind River has come to the > conclusion (for now) the best general practice is to use a standard license > file notice if one exists. In the case of the Apache 2.0 license, that would > be to include the following license notice in every file (as recommend by the > appendix of the Apache 2.0 license): > > > > Copyright [yyyy] [name of copyright owner] > > Licensed under the Apache License, Version 2.0 (the "License"); > you may not use this file except in compliance with the License. > You may obtain a copy of the License at > > http://www.apache.org/licenses/LICENSE-2.0 > <http://www.apache.org/licenses/LICENSE-2.0> > Unless required by applicable law or agreed to in writing, software > distributed under the License is distributed on an "AS IS" BASIS, > WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. > See the License for the specific language governing permissions and > limitations under the License. > > This is easy to identify by many SPDX generation tools today. This is also a > best practice followed by the Apache Foundation (along with including a full > copy of the Apache 2.0 in LICENSE.txt). It is my opinion that the Apache > Foundation approach for managing license information in source code > represents the current gold standard. An approach where a clear simple > license notice appears at the top of every source file, eliminating license > ambiguity that is commonly found in many other easily accessible source code > repositories. > > > > - Mark > > > > > > Mark Gisi | Wind River | Director, IP & Open Source > > Tel (510) 749-2016 <tel:%28510%29%20749-2016> | Fax (510) 749-4552 > <tel:%28510%29%20749-4552> > > > > > From: [email protected] > <mailto:[email protected]> > [mailto:[email protected] > <mailto:[email protected]>] On Behalf Of Henri Yandell > Sent: Saturday, June 06, 2015 10:09 AM > To: [email protected] <mailto:[email protected]> > Subject: SPDX Identifier in licenses/source headers > > > > > > What would be the correct tag to put in a license and license source header > to make life easier for SPDX? > > > > I see 'SPDX-License-Identifier' referenced in 2013 emails, but searching the > spec doesn't find that. > > > > As an example, If I've an Apache 2.0 license, should I be inserting > 'SPDX-License-Identifier: Apache 2.0' into the LICENSE.txt and each source > header? > > > > If that's the case, is there any best practice location to put it in? > > > > Thanks, > > > > Hen > > > _______________________________________________ > Spdx-legal mailing list > [email protected] > https://lists.spdx.org/mailman/listinfo/spdx-legal
_______________________________________________ Spdx-tech mailing list [email protected] https://lists.spdx.org/mailman/listinfo/spdx-tech
