From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: by sourceware.org (Postfix, from userid 48) id 63D9B38515CD; Mon, 30 May 2022 15:22:58 +0000 (GMT) DKIM-Filter: OpenDKIM Filter v2.11.0 sourceware.org 63D9B38515CD From: "richard.purdie at linuxfoundation dot org" To: glibc-bugs@sourceware.org Subject: [Bug libc/28007] Add SPDX license identifiers Date: Mon, 30 May 2022 15:22:58 +0000 X-Bugzilla-Reason: CC X-Bugzilla-Type: changed X-Bugzilla-Watch-Reason: None X-Bugzilla-Product: glibc X-Bugzilla-Component: libc X-Bugzilla-Version: unspecified X-Bugzilla-Keywords: X-Bugzilla-Severity: enhancement X-Bugzilla-Who: richard.purdie at linuxfoundation dot org X-Bugzilla-Status: NEW X-Bugzilla-Resolution: X-Bugzilla-Priority: P2 X-Bugzilla-Assigned-To: unassigned at sourceware dot org X-Bugzilla-Target-Milestone: --- X-Bugzilla-Flags: security- X-Bugzilla-Changed-Fields: Message-ID: In-Reply-To: References: Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable X-Bugzilla-URL: http://sourceware.org/bugzilla/ Auto-Submitted: auto-generated MIME-Version: 1.0 X-BeenThere: glibc-bugs@sourceware.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: Glibc-bugs mailing list List-Unsubscribe: , List-Archive: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 30 May 2022 15:22:58 -0000 https://sourceware.org/bugzilla/show_bug.cgi?id=3D28007 --- Comment #8 from richard.purdie at linuxfoundation dot org --- (In reply to Florian Weimer from comment #6) > Why is this important to you? I think you mean why is this important to Yocto Project. We have a lot of diverse users of the project and they have different legals departments and uses of the project. One thing they need to know is the software license the components of system they're building are under. As such, Yocto Project rec= ipes advertise the license we believe a given piece of software is under. We don't make any comment on what people should/shouldn't do with that information but I think we can agree that having correct information is important. For some project users it is particularly important where they n= eed to avoid things like GPL-3.0 for example (rightly or wrongly, I make no com= ment on that). Recently it was brought to our attention that glibc isn't just under GPL-2.0 but also has other license components and as such our overall license for g= libc wasn't correct. We looked into it and found that we do need to tweak our metadata. Had there been SPDX license identifiers, we'd likely have avoided that issue in the first place and also been able to detect that it had happened. In this case I don't think it changes decisions people should be making but we want our license information to be complete so people have confidence in it. The identifiers help with that. --=20 You are receiving this mail because: You are on the CC list for the bug.=