On Mon, Sep 25, 2023 at 7:15 AM Steve Langasek wrote:
>
> So can you tell me where in that specification this "flat text file" format
> is actually described? The specification is not on the page that includes
> this quote. The text does not link to the place in the spec where this
> format is
On Fri, Sep 22, 2023 at 12:58:10PM +0200, Stephan Lachnit wrote:
> On Fri, Sep 22, 2023 at 11:11 AM Steve Langasek wrote:
> > SPDX defines an xml format only. They lost before they'd even started.
> > debian/copyright is supposed to be human-readable first and foremost. XML
> > need not
Sune Vuorela writes:
> I do think that this is another point of "we should kill our babies if
> they don't take off". And preferably faster if/when "we lost" the race.
> We carried around the debian menu for a decade or so after we failed to
> gain traction and people centered on desktop files.
On Fri, Sep 22, 2023 at 11:11 AM Steve Langasek wrote:
>
>
> SPDX defines an xml format only. They lost before they'd even started.
>
> debian/copyright is supposed to be human-readable first and foremost. XML
> need not apply.
Not true. From [1]:
> Shall be in a human readable form.
> [...]
At 2023-09-22T02:11:15-0700, Steve Langasek wrote:
> SPDX defines an xml format only. They lost before they'd even
> started.
>
> debian/copyright is supposed to be human-readable first and foremost.
> XML need not apply.
Very much +1 on everything quoted.
That said, SPDX's license list and
On Fri, Sep 22, 2023 at 08:43:25AM -, Sune Vuorela wrote:
> On 2023-09-08, Jeremy Stanley wrote:
> > Since Debian's machine-readable format has been around longer than
> > either of the newer formats you mentioned, it seems like it would
> > make more sense for the tools to incorporate a
On Fri, Sep 22, 2023 at 08:43:25AM -, Sune Vuorela wrote:
> I do think that this is another point of "we should kill our babies if
> they don't take off". And preferably faster if/when "we lost" the race.
>
> We carried around the debian menu for a decade or so after we failed to
> gain
On 2023-09-08, Jeremy Stanley wrote:
> Since Debian's machine-readable format has been around longer than
> either of the newer formats you mentioned, it seems like it would
> make more sense for the tools to incorporate a parser for it rather
I do think that this is another point of "we should
org/CopyrightReviewTools
Yeah, although that page is aiming at debian/copyright format, not SPDX.
As an example, it does not cover (and I think it would be confusing to
add to it, at least as currently structured) how licensecheck also
supports producing SPDX shortnames e.g. like this (which gener
On Fri, 2023-09-08 at 12:09 +0530, Hideki Yamane wrote:
> Making appropriate debian/copyright file is hard and boring task, IMHO
Using scancode-toolkit/etc can probably automate most of that work.
https://wiki.debian.org/CopyrightReviewTools
--
bye,
pabs
https://wiki.debian.org/PaulWise
Hi,
On Fri, 08 Sep 2023 07:34:43 -0700
Russ Allbery wrote:
> The really interesting part of SPDX is the license list and the canonical
> name assignment, which is *way* more active and *way* more mature at this
> point than the equivalent in Debian. They have a much larger license
> list, which
On 2023-09-08 13:31:43 + (+), Jeremy Stanley wrote:
> On 2023-09-08 12:09:09 +0530 (+0530), Hideki Yamane wrote:
> [...]
> > SPDX is led by the Linux foundation project, OpenChain for license
> > compliance.
> [...]
>
> Unless I'm misreading, OpenChain follows the REUSE specification
>
On Fri, Sep 08, 2023 at 07:34:43AM -0700, Russ Allbery wrote:
> I don't think the file format is the most interesting part of SPDX. They
> don't really have a competing format equivalent to the functionality of
> our copyright files (at least that I've seen; I vaguely follow their
> lists). Last
Jonas Smedegaard writes:
> Only issue I am aware of is that SPDX shortname "MIT" equals Debian
> shortname "Expat".
There was also some sort of weirdly ideological argument with the FSF
about what identifiers to use for the GPL and related licenses, which
resulted in SPDX using an "-only" and
Jeremy Stanley writes:
> Since Debian's machine-readable format has been around longer than
> either of the newer formats you mentioned, it seems like it would make
> more sense for the tools to incorporate a parser for it rather than
> create needless churn in the package archive just to
On 2023-09-08 12:09:09 +0530 (+0530), Hideki Yamane wrote:
[...]
> SPDX is led by the Linux foundation project, OpenChain for license
> compliance.
[...]
Unless I'm misreading, OpenChain follows the REUSE specification
which acknowledges the sufficiency of "DEP5" formatted license info:
Hi Hideki,
Quoting Hideki Yamane (2023-09-08 08:39:09)
½>
> tl;dr: How about considering updating debian/copyright format to have
> more compatibility with SPDX format
>
>
> SBOM is expected to be used widely and several tools support it as a trend
> now, since US government asks to
tl;dr: How about considering updating debian/copyright format to have
more compatibility with SPDX format
SBOM is expected to be used widely and several tools support it as a trend
now, since US government asks to use it. There are two formats for it,
Software Package Data Exchange
18 matches
Mail list logo
