Guidelines and HOWTOs/Licensing: Difference between revisions

Revision as of 09:25, 12 January 2020

This document explains how to state license information in KDE projects according to the KDE Licensing Policy. Stating licenses correctly is a very important task, because only correctly licensed software can be distributed and delivered to our users.

SPDX Expressions and REUSE.software

Every source code file shall contain an information about its license to inform the user of the file how it may be used. Such information are usually added in the form of source code comments at the top of the file. Traditionally, those comments stated so-called license headers, which are either the complete license texts or short texts that explain where to find the license text for the file and a few legal constraints. This system currently is getting replaced with "SPDX Expressions", which also should be the default way to state a license.

Introduction to SPDX Identifiers and Expressions

Software Package Data Exchange® (SPDX) is an open standard for communicating software bill of material information. The SPDX specification is developed by the SPDX workgroup, which is hosted by The Linux Foundation. The idea is to have a public registry of all open source licenses and important license exceptions, such that license statements can be reduced to simply stating the license identifiers.

Yet, not every source code is licensed under just one license. For example, you might want to state that a file can be used under the terms for the BSD-2-Clause license or under the terms of the GNU Public License version 2 or later. For these cases, the SPDX workgroup also provides a specification how state complex license statements (which we call "SPDX expressions"). The SPDX expression language actually allow tooling based syntax checks, which enables us to use tools to check the correctness of license statements.

https://spdx.org/specifications

SPDX Expression Examples

TODO

Introduction to REUSE.software

TODO

Examples

TODO

License Statement Tooling

TODO

@@ Line 2: / Line 2: @@
 == SPDX Expressions and REUSE.software ==
+Every source code file shall contain an information about its license to inform the user of the file how it may be used. Such information are usually added in the form of source code comments at the top of the file. Traditionally, those comments stated so-called license headers, which are either the complete license texts or short texts that explain where to find the license text for the file and a few legal constraints. This system currently is getting replaced with "SPDX Expressions", which also should be the default way to state a license.
+=== Introduction to SPDX Identifiers and Expressions ===
+[https://spdx.org/ Software Package Data Exchange® (SPDX)] is an open standard for communicating software bill of material information. The SPDX specification is developed by the SPDX workgroup, which is hosted by The Linux Foundation. The idea is to have a public registry of all open source licenses and important license exceptions, such that license statements can be reduced to simply stating the license identifiers.
+* https://spdx.org/licenses/index.html
+* https://spdx.org/licenses/exceptions-index.html
+Yet, not every source code is licensed under just one license. For example, you might want to state that a file can be used under the terms for the BSD-2-Clause license or under the terms of the GNU Public License version 2 or later. For these cases, the SPDX workgroup also provides a specification how state complex license statements (which we call "SPDX expressions"). The SPDX expression language actually allow tooling based syntax checks, which enables us to use tools to check the correctness of license statements.
+* https://spdx.org/specifications
+==== SPDX Expression Examples ====
+TODO
+=== Introduction to REUSE.software ===
 TODO