On Sat, Aug 23, 2014 at 10:06:00PM -0600, EBo wrote:
> Wouldn't it be just as effective that the license GPL-v2+, etc., be in
> the header?
Short answer: Only if there were a simple automated check that each
commit properly maintained a license block. But that is infeasible,
while it is very feasible to always check signed-off-by.
Long answer:
It has happened frequently in the past that a contribution includes
a newly created file with no license block. This is a problem that
regularly goes unnoticed for months, and when it *is* noticed all we
have is the author's *implicit* permission to distribute the
contribution under the project's license; getting these license blocks
added by the original author after the fact is about as fun and easy as
herding cats. This can be used to cast doubt on the distributability of
the project as a whole, and I'd like for that kind of FUD to be stopped
for once and for all.
The obvious solution to this problem is to add an automated check that
everything is OK in each new commit in LinuxCNC. Sort of like
continuous integration, but checking for copyleft instead of compiler
errors.
But license blocks take a variety of forms, and so adding an automated
check to find "added files without explicit license block" is much
harder than adding an automated check for signed-off-by (that just
consists of grepping each commit message for a line starting
"signed-off-by: " with a case-insensitive match)
Not to mention that many file types which may count as the "preferred
form for modification" may not have obvious ways to add license
information at all. Image formats like png, svg, dxf, etc are typical
exmaples of this.
In a project which uses signed-off-by, the commit shows the
contributor's intent explicitly: The code (or artwork or documentation
or whatever) is under the project's documented license for new
contributions (in our project, GPLv2+, or something compatible with it).
When somebody notices a particular file doesn't have a license block,
they can add a GPLv2+ block with a clear head and a full heart.
Finally, and I don't expect this to happen in LinuxCNC, signed-off-by
provides extra legal cover in the case that the legitimacy of a
particular contribution is challenged years down the road.
Perhaps you'd like to know more about the history of signed-off-by.
This seems to be a good presentation about where it came from and where
it is going:
https://events.linuxfoundation.org/images/stories/slides/lfcs2013_rodriguez.pdf
Jeff
------------------------------------------------------------------------------
Slashdot TV.
Video for Nerds. Stuff that matters.
http://tv.slashdot.org/
_______________________________________________
Emc-developers mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/emc-developers
