Hi all,
We are getting a bit closer to introducing REUSE.yaml as a way to provide bulk-information about copyright and licensing for files.
Here's an issue asking for your opinions on possible formats and syntaxes of the files, including target and globbing rules as well as internal conflict resolution:
https://github.com/fsfe/reuse-docs/issues/81
Conflict resolution outside of a REUSE.yaml file between the different options how one can define information with REUSE is discussed here:
https://github.com/fsfe/reuse-docs/issues/70
Your feedback is highly appreciated, and very important so we can make a well-founded decision. Thank you.
Best, Max
~ Max Mehl [2021-05-04 12:06 +0200]:
Hi all,
Here's a pleasant update on the matter of providing a REUSE.yaml file (working title).
For those who joined later, a short summary: for some special cases, REUSE allows to bulk-declare copyright/licensing for whole directories. This currently happens via Debian's DEP-5 format. However, we are not so happy about it for a number of reasons:
- The syntax and the keys are different from the SPDX tags REUSE users are expecting.
- The file's location is a bit opaque and far away from the actual files it describes.
- DEP-5 creates some dependencies for the REUSE tooling that are not that easy to work with.
- It's not a SPDX-supported format.
That is why we aim to soft-deprecate DEP-5 by a more flexible file format.
~ Max Mehl [2020-07-28 12:38 +0200]:
~ Matija Šuklje [2020-07-27 15:32 +0200]:
Die 25. 07. 20 et hora 02:00 Gary O'Neall scripsit:
Let me know if there is interest in creating a REUSE profile in SPDX. The REUSE group could determine which fields are mandatory and which fields are optional. Myself and the SPDX tech team would be happy to collaborate on the effort.
Thanks Gary, that sounds like a great way forward! :D
While I can’t call any shots, my vote would definitely be to work together with SPDX and duplicate as little as possible between the two solutions.
I fully agree, and would love to have a light REUSE profile in SPDX!
Thanks to Kate and Gary from SPDX, we had a great chat in a recent SPDX tech meeting about an issue I created with SPDX:
https://github.com/spdx/spdx-spec/issues/502
This issue describes the wish to have a file that describes at least copyright and licensing for files in its own or child directories.
During the meeting, we figured that there are no big blockers to integrate this into SPDX spec 3.0. Gary provided an excellent summary in his most recent comment on this issue, if you are interested.
However, they need to run this by the SPDX legal team as well. So nothing is written in stone yet, but I am already excited to see REUSE offering a more elegant, flexible, and SPDX-standardised way to make repositories REUSE compliant!
If you have any comments on this, please share your opinion on the issue directly. Apart from that, as always, feel free to ask everyone here or me directly via mail.
Best, Max