On Fri, Jun 21, 2024 at 5:27 AM Vít Ondruch vondruch@redhat.com wrote:
But the intent of both is to be temporary, to help understand where we need to put some work. If this was initial status:
License: GPLv2 and MIT
and prior any SPDX work, we would change all .spec files to:
License: callaway(GPLv2 and MIT)
And slowly worked forward to:
License: GPL-2.0-only AND callaway(MIT)
and finally:
License: GPL-2.0-only AND MIT
We would know where we are. Now, nobody knows. We still have to use something like changelog messages and what not, which is hardly better.
We could even mark packages with e.g. `Provides: license(callaway)`, which would make easier to query where we stand.
IMHO it is still is not late to do something like this!
Could we wrap remaining Callaway names in a `LicenseRef-` (similar to your "callaway(MIT)" idea but sort of SPDX-conformant)? Red Hat is doing something like this in RHEL SBOMs, currently.
Jilayne?
Richard