Open Jayman2000 opened 2 years ago
Oh, good spot. @silverhook what do you think? LicenseConcluded is also not really what we would aim for, right?
LicenseConcluded
is a good question – on one hand it is based on a tool finding, on the other the tool finding is what (arguably) the authors wrote themselves.
Personally, I am leaning more towards not using LicenseConcluded
and a broader interpretation of LicenseInfoInFile
, but that would make sense to check with other SPDX tooling experts on how they see it.
This would be easier with {$fle}.license
as it is very easy to match to {$file}
, but when we store that same info in the .reuse/
folder it will get a bit more removed.
Let’s drive this by SPDX Tooling and, if needed, also by SPDX Legal.
I think this could be a reason to add a file-level LicenseDeclared field in SPDX 3.0. It could be useful for occasions such as these when it is clear that a license is intended to apply to a specific file, but is not declared within the file itself.
There are other cases apart from REUSE where this might come up - I can imagine someone writing in the README that a specific file is under a different license from the others. That said, the more people adopt REUSE, the less likely that particular situation will arise! :)
@seabass-labrax , or the zlib license situation, with its “as license declared in file X”. In any case that sounds like what we’d need to discuss within SPDX.
Consider this this example:
Running
reuse spdx
from that directory gives me:The SPDX Spec says
In the example I used, the license information isn’t in
ColemanCount.png
. It’s in a separate.license
file.