On Fri, Jun 21, 2024 at 5:27 AM Vít Ondruch <vondruch@redhat.com> wrote:
But the intent of both is to be temporary, to help understand where we
need to put some work. If this was initial status:
~~~
License: GPLv2 and MIT
~~~
and prior any SPDX work, we would change all .spec files to:
~~~
License: callaway(GPLv2 and MIT)
~~~
And slowly worked forward to:
~~~
License: GPL-2.0-only AND callaway(MIT)
~~~
and finally:
~~~
License: GPL-2.0-only AND MIT
~~~
We would know where we are. Now, nobody knows. We still have to use
something like changelog messages and what not, which is hardly better.
We could even mark packages with e.g. `Provides: license(callaway)`,
which would make easier to query where we stand.
IMHO it is still is not late to do something like this!
Could we wrap remaining Callaway names in a `LicenseRef-` (similar to
your "callaway(MIT)" idea but sort of SPDX-conformant)?
Red Hat is doing something like this in RHEL SBOMs, currently.
Jilayne?