[REUSE] Addressing some papercuts in the specification

Andreas Cord-Landwehr cordlandwehr at kde.org
Fri Dec 24 12:35:27 UTC 2021 

Hi, I must say I am slightly surprised to read that the specification should be 
more formal. Actually, it was my feeling that it is well worded, short and 
precise. So I am wondering if we are looking at different parts of REUSE? I am 
referring to the specification version 3.0 at https://reuse.software/spec/

Using the REUSE linter tool, IMHO it is easy to write such headers and 
afterwards check them to be correct  or to use a self-crafted server-side Git 
hook (as we are doing in KDE). At the moment we have more than 50.000 REUSE 
based license headers in KDE and I doubt that more than a very few developers 
use the REUSE addheader option to create them but write them by hand. -- Yet, 
I see the point of difference in hyphens and agree that one variant could be 
deprecated in the future such that both are consistent between Copyright and 
License.
Actually, using the "SPDX-*" prefixed tags globally in our code base simplifies 
tooling a lot because those tags are not repeated anywhere in a source code 
comments, unlike strings as e.g. "Copyright" or "License".

Regarding the "Distributed under the terms of ..." statement, to my 
understanding this is something currently completely not covered by REUSE, 
because REUSE only has inbound licenses in focus and not (yet) outbound 
licenses. It is important to clearly distinguish those because for outbound 
licenses it is not enough to just respect all source code licenses but also 
licenses of linked third-party libraries and headers (e.g. shared or static 
linked libraries or header-only libraries).
That said, I would very welcome if we could get a way to clearly state those 
outbound licenses. But for the single statement, I do not see that we have to 
go away from the SPDX syntax. If you look, for example, at Yocto based license 
statements, those declarations for outbound licenses use the same idea of AND 
and OR connections in case that a binary artifact is distributed under 
different outbound licenses or when requirements of several licenses must be 
fulfilled at the same time (e.g. "BSD-2-Clause AND LGPL-2.1").

Best regards,
Andreas

More information about the REUSE mailing list