[REUSE] Addressing some papercuts in the specification
Andreas Cord-Landwehr
cordlandwehr at kde.org
Fri Dec 24 12:35:27 UTC 2021
Hi, I must say I am slightly surprised to read that the specification should be
more formal. Actually, it was my feeling that it is well worded, short and
precise. So I am wondering if we are looking at different parts of REUSE? I am
referring to the specification version 3.0 at https://reuse.software/spec/
Using the REUSE linter tool, IMHO it is easy to write such headers and
afterwards check them to be correct or to use a self-crafted server-side Git
hook (as we are doing in KDE). At the moment we have more than 50.000 REUSE
based license headers in KDE and I doubt that more than a very few developers
use the REUSE addheader option to create them but write them by hand. -- Yet,
I see the point of difference in hyphens and agree that one variant could be
deprecated in the future such that both are consistent between Copyright and
License.
Actually, using the "SPDX-*" prefixed tags globally in our code base simplifies
tooling a lot because those tags are not repeated anywhere in a source code
comments, unlike strings as e.g. "Copyright" or "License".
Regarding the "Distributed under the terms of ..." statement, to my
understanding this is something currently completely not covered by REUSE,
because REUSE only has inbound licenses in focus and not (yet) outbound
licenses. It is important to clearly distinguish those because for outbound
licenses it is not enough to just respect all source code licenses but also
licenses of linked third-party libraries and headers (e.g. shared or static
linked libraries or header-only libraries).
That said, I would very welcome if we could get a way to clearly state those
outbound licenses. But for the single statement, I do not see that we have to
go away from the SPDX syntax. If you look, for example, at Yocto based license
statements, those declarations for outbound licenses use the same idea of AND
and OR connections in case that a binary artifact is distributed under
different outbound licenses or when requirements of several licenses must be
fulfilled at the same time (e.g. "BSD-2-Clause AND LGPL-2.1").
Best regards,
Andreas
More information about the REUSE
mailing list