SPDX License setup #6112
SPDX License setup #6112
Conversation
grom72
added
sprint goal
There was a problem hiding this comment.
Reviewed 1 of 1 files at r1, 7 of 8 files at r2, 1 of 1 files at r4, 1 of 1 files at r5, all commit messages.
Reviewable status: all files reviewed, 7 unresolved discussions (waiting on @grom72 and @osalyk)
a discussion (no related file):
https://github.com/pmem/pmdk/blob/master/CODING_STYLE.md?plain=1#L51
Should be re-phrased to include a SPDX-License.
a discussion (no related file):
https://github.com/pmem/pmdk/blob/master/CONTRIBUTING.md?plain=1#L18
https://github.com/pmem/pmdk/blob/master/README.md?plain=1#L47
Please fix the references.
a discussion (no related file):
https://github.com/pmem/pmdk/blob/master/doc/.gitignore#L4
Please fix or remove if redundant.
a discussion (no related file):
https://github.com/pmem/pmdk/blob/master/utils/pmdk.spec.in#L92
Please fix in the whole spec file.
Note: The daos-stack/pmdk spec file might require fixing as well.
LICENSE/BSD-3-Clause line 1 at r5 (raw file):
./LICENSE.txt
Invalid symlink.
Suggestion:
../LICENSE.txt
LICENSE/OPENSOLARIS.LICENSE line 3 at r5 (raw file):
Unless otherwise noted, all files in this distribution are released under the Common Development and Distribution License (CDDL). Exceptions are noted within the associated source files.
Can we adjust this one to reflect the reality a bit more? It is just a rough suggestion. Please give it a thought.
Suggestion:
A few files in this distribution are released under the Common Development and Distribution License (CDDL).
LICENSE.txt line 39 at r1 (raw file):
another similar BSD license variant, contained in those files. * utils/cstyle (used only during development) licensed under CDDL.
I am not exactly a fan of removing this bit in a separate commit whereas adding the LICENSE/* files in another. IMHO these two steps are tightly related.
Code quote:
Everything in this source tree is covered by the previous license
with the following exceptions:
* src/core/valgrind/valgrind.h, src/core/valgrind/memcheck.h,
src/core/valgrind/helgrind.h, src/core/valgrind/drd.h are covered by
another similar BSD license variant, contained in those files.
* utils/cstyle (used only during development) licensed under CDDL.
There was a problem hiding this comment.
Reviewable status: all files reviewed, 7 unresolved discussions (waiting on @janekmi and @osalyk)
LICENSE/BSD-3-Clause line 1 at r5 (raw file):
Previously, janekmi (Jan Michalski) wrote…
Invalid symlink.
Done.
LICENSE/OPENSOLARIS.LICENSE line 3 at r5 (raw file):
Previously, janekmi (Jan Michalski) wrote…
Can we adjust this one to reflect the reality a bit more? It is just a rough suggestion. Please give it a thought.
License is license. No changes to content.
grom72
force-pushed
the
grom72/LICENSE
branch
from
9630c86
to
9806dde
Compare
There was a problem hiding this comment.
Reviewable status: 4 of 14 files reviewed, 7 unresolved discussions (waiting on @janekmi and @osalyk)
a discussion (no related file):
Previously, janekmi (Jan Michalski) wrote…
https://github.com/pmem/pmdk/blob/master/CONTRIBUTING.md?plain=1#L18
https://github.com/pmem/pmdk/blob/master/README.md?plain=1#L47Please fix the references.
Done.
a discussion (no related file):
Previously, janekmi (Jan Michalski) wrote…
https://github.com/pmem/pmdk/blob/master/doc/.gitignore#L4
Please fix or remove if redundant.
Done.
a discussion (no related file):
Previously, janekmi (Jan Michalski) wrote…
https://github.com/pmem/pmdk/blob/master/utils/pmdk.spec.in#L92
Please fix in the whole spec file.
Note: The daos-stack/pmdk spec file might require fixing as well.
We will fix daos-stack later
Done
a discussion (no related file):
Previously, janekmi (Jan Michalski) wrote…
https://github.com/pmem/pmdk/blob/master/CODING_STYLE.md?plain=1#L51
Should be re-phrased to include a SPDX-License.
Done.
LICENSE.txt line 39 at r1 (raw file):
Previously, janekmi (Jan Michalski) wrote…
I am not exactly a fan of removing this bit in a separate commit whereas adding the LICENSE/* files in another. IMHO these two steps are tightly related.
Done.
There was a problem hiding this comment.
Reviewed 7 of 8 files at r2, 1 of 1 files at r4, 1 of 1 files at r5, 5 of 5 files at r6, 4 of 5 files at r7, 1 of 1 files at r8, all commit messages.
Reviewable status: all files reviewed, 7 unresolved discussions (waiting on @janekmi)
There was a problem hiding this comment.
Reviewable status: all files reviewed, 8 unresolved discussions (waiting on @grom72 and @janekmi)
LICENSE.txt line 38 at r8 (raw file):
another similar BSD license variant, contained in those files. * utils/cstyle (used only during development) licensed under CDDL.
New line
Signed-off-by: Tomasz Gromadzki <[email protected]>
Signed-off-by: Tomasz Gromadzki <[email protected]>
Signed-off-by: Tomasz Gromadzki <[email protected]>
This reverts commit 78ffce4.
Signed-off-by: Tomasz Gromadzki <[email protected]>
Signed-off-by: Tomasz Gromadzki <[email protected]>
Signed-off-by: Tomasz Gromadzki <[email protected]>
Signed-off-by: Tomasz Gromadzki <[email protected]>
grom72
force-pushed
the
grom72/LICENSE
branch
from
2aa5f7b
to
fd26915
Compare
There was a problem hiding this comment.
Reviewable status: all files reviewed, 8 unresolved discussions (waiting on @janekmi and @osalyk)
LICENSE.txt line 38 at r8 (raw file):
Previously, osalyk (Oksana Sałyk) wrote…
New line
Done.
There was a problem hiding this comment.
Reviewed 4 of 8 files at r10, 5 of 5 files at r14, 4 of 5 files at r15, 1 of 1 files at r16, all commit messages.
Reviewable status: all files reviewed, 7 unresolved discussions (waiting on @janekmi)
Signed-off-by: Tomasz Gromadzki <[email protected]>
grom72
force-pushed
the
grom72/LICENSE
branch
2 times, most recently
from
b623f29
to
e2ba420
Compare
There was a problem hiding this comment.
Reviewed 3 of 8 files at r10, 4 of 5 files at r14, 4 of 5 files at r15, 1 of 1 files at r16, 2 of 2 files at r17, all commit messages.
Reviewable status: all files reviewed, 7 unresolved discussions (waiting on @grom72)
CODING_STYLE.md line 53 at r17 (raw file):
- A copy of the SPDX BSD-3-Clause license reference must be placed at the beginning of each source file, script or man page. (Obviously, it does not apply to README's, Visual Studio projects and \*.match files.)
Suggestion:
- A [SPDX short-form identifier](https://spdx.dev/learn/handling-license-info/) for the BSD-3-Clause license must be placed at the beginning of each
source file, script or man page. (Obviously, it does not apply to README's, Visual Studio projects
and \*.match files.)CODING_STYLE.md line 55 at r17 (raw file):
and \*.match files.)/* SPDX-License-Identifier: BSD-3-Clause */
The exact form depends on the recommended commenting style for the given type of file. Giving an example is not exactly helpful. It might be confusing. I think giving a link to the manual describing the details is a better idea. Please see the comment above.
CODING_STYLE.md line 56 at r17 (raw file):
/* SPDX-License-Identifier: BSD-3-Clause /
/ Copyright , <Name/Company name> */
- It is not a part of the SPDX identifier.
- It is described in the next bullet point.
CONTRIBUTING.md line 18 at r17 (raw file):
**NOTE: If you do decide to implement code changes and contribute them, please make sure you agree your contribution can be made available under the [BSD-style License used for the Persistent Memory Development Kit](https://github.com/pmem/pmdk/blob/master/LICENSE.txt).**
Not giving an absolute URL does not tie us up to how GitHub works. We have already the same solution applied to README.md. I do not see any reason not to use it here as well.
Suggestion:
LICENSE.txtLICENSE/OPENSOLARIS.LICENSE line 3 at r5 (raw file):
Previously, grom72 (Tomasz Gromadzki) wrote…
License is license. No changes to content.
IMHO The contents start after the dashed line. Here you have described to what the license applies. I would be ok with removing this bit altogether and just storing the license files in this directory. To what applies the respective license is described in the LICENSE.txt. Please reconsider.
LICENSE.txt line 36 at r17 (raw file):
* src/core/valgrind/valgrind.h, src/core/valgrind/memcheck.h, src/core/valgrind/helgrind.h, src/core/valgrind/drd.h are covered by BSD-style license variants, contained in those files.
Suggestion:
BSD-style licenses, contained in those files.LICENSE.txt line 40 at r17 (raw file):
* utils/cstyle (used only during development) are covered by the Common Development and Distribution License, described in the CDDL HEADER contained in this file.
Suggestion:
contained in that file.
There was a problem hiding this comment.
Reviewable status: 10 of 14 files reviewed, 7 unresolved discussions (waiting on @janekmi and @osalyk)
CODING_STYLE.md line 53 at r17 (raw file):
- A copy of the SPDX BSD-3-Clause license reference must be placed at the beginning of each source file, script or man page. (Obviously, it does not apply to README's, Visual Studio projects and \*.match files.)
Done.
CODING_STYLE.md line 55 at r17 (raw file):
Previously, janekmi (Jan Michalski) wrote…
The exact form depends on the recommended commenting style for the given type of file. Giving an example is not exactly helpful. It might be confusing. I think giving a link to the manual describing the details is a better idea. Please see the comment above.
Done.
CODING_STYLE.md line 56 at r17 (raw file):
Previously, janekmi (Jan Michalski) wrote…
- It is not a part of the SPDX identifier.
- It is described in the next bullet point.
Done.
CONTRIBUTING.md line 18 at r17 (raw file):
Previously, janekmi (Jan Michalski) wrote…
Not giving an absolute URL does not tie us up to how GitHub works. We have already the same solution applied to README.md. I do not see any reason not to use it here as well.
Done.
LICENSE/OPENSOLARIS.LICENSE line 3 at r5 (raw file):
Previously, janekmi (Jan Michalski) wrote…
IMHO The contents start after the dashed line. Here you have described to what the license applies. I would be ok with removing this bit altogether and just storing the license files in this directory. To what applies the respective license is described in the
LICENSE.txt. Please reconsider.
Done.
LICENSE.txt line 36 at r17 (raw file):
* src/core/valgrind/valgrind.h, src/core/valgrind/memcheck.h, src/core/valgrind/helgrind.h, src/core/valgrind/drd.h are covered by BSD-style license variants, contained in those files.
Done.
LICENSE.txt line 40 at r17 (raw file):
* utils/cstyle (used only during development) are covered by the Common Development and Distribution License, described in the CDDL HEADER contained in this file.
Done.
There was a problem hiding this comment.
Reviewed 4 of 4 files at r18, all commit messages.
Reviewable status: all files reviewed, 3 unresolved discussions (waiting on @grom72)
CODING_STYLE.md line 52 at r18 (raw file):
See [CONTRIBUTING.md](https://github.com/pmem/pmdk/blob/master/CONTRIBUTING.md) for details. - A [SPDX short-form identifier](https://spdx.dev/learn/handling-license-info/) for the BSD-3-Clause license must be placed at the beginning of each source file, script or man page. (Obviously, it does
Passive -> active. As for all the other bullets here. Sorry, I didn't notice it earlier.
Suggestion:
- Place a [SPDX short-form identifier](https://spdx.dev/learn/handling-license-info/) for the BSD-3-Clause
license the beginning of each source file, script or man page. (Obviously, it doesCONTRIBUTING.md line 18 at r18 (raw file):
**NOTE: If you do decide to implement code changes and contribute them, please make sure you agree your contribution can be made available under the [BSD-style License used for the Persistent Memory Development Kit](LICENSE.txt).**
Considering the context of the CODING_STYLE, it seems a new contributor ought to be ready to accept exactly the BSD-3-Clause, not the BSD-style license. Shouldn't we reference it here as well? So, LICENSE/BSD-3-Caluse instead of LICENSE.txt?
Code quote:
**NOTE: If you do decide to implement code changes and contribute them,
please make sure you agree your contribution can be made available
under the [BSD-style License used for the Persistent Memory Development Kit](LICENSE.txt).**LICENSE.txt line 36 at r18 (raw file):
* src/core/valgrind/valgrind.h, src/core/valgrind/memcheck.h, src/core/valgrind/helgrind.h, src/core/valgrind/drd.h are covered by BSD-style licenses, contained in thise files.
Suggestion:
contained in these files.
grom72
force-pushed
the
grom72/LICENSE
branch
from
0d1ad11
to
27c4cb9
Compare
There was a problem hiding this comment.
Reviewed 4 of 4 files at r20, all commit messages.
Reviewable status: all files reviewed, 1 unresolved discussion (waiting on @grom72)
CODING_STYLE.md line 52 at r20 (raw file):
See [CONTRIBUTING.md](https://github.com/pmem/pmdk/blob/master/CONTRIBUTING.md) for details. - Place a [SPDX short-form identifier](https://spdx.dev/learn/handling-license-info/) for the BSD-3-Clause license the beginning of each new source file, script or man page.
Suggestion:
at the beginningCONTRIBUTING.md line 18 at r18 (raw file):
Previously, janekmi (Jan Michalski) wrote…
Considering the context of the CODING_STYLE, it seems a new contributor ought to be ready to accept exactly the BSD-3-Clause, not the BSD-style license. Shouldn't we reference it here as well? So,
LICENSE/BSD-3-Caluseinstead ofLICENSE.txt?
Discussed offline. The conclusion is that if a developer decides to contribute to either the cstyle script or the valgrind headers they will have to accept their respective licenses. So, referencing here the LICENSE.txt mentioning all of these cases is probably the best idea. Thanks.
There was a problem hiding this comment.
Reviewable status: all files reviewed, 1 unresolved discussion (waiting on @grom72)
Signed-off-by: Tomasz Gromadzki <[email protected]>
grom72
force-pushed
the
grom72/LICENSE
branch
from
27c4cb9
to
dcdc776
Compare
There was a problem hiding this comment.
Reviewable status: 13 of 14 files reviewed, 1 unresolved discussion (waiting on @janekmi)
CODING_STYLE.md line 52 at r20 (raw file):
See [CONTRIBUTING.md](https://github.com/pmem/pmdk/blob/master/CONTRIBUTING.md) for details. - Place a [SPDX short-form identifier](https://spdx.dev/learn/handling-license-info/) for the BSD-3-Clause license the beginning of each new source file, script or man page.
Done.
LICENSE.txt line 36 at r18 (raw file):
* src/core/valgrind/valgrind.h, src/core/valgrind/memcheck.h, src/core/valgrind/helgrind.h, src/core/valgrind/drd.h are covered by BSD-style licenses, contained in thise files.
Done.
Organize licenses in a way to is fully compatible with OpenSSF Scorecard
There is no license issue with the given licenses configuration:
https://github.com/grom72/pmdk/security/code-scanning
This change is