Quoting Stephan Lachnit (2022-01-26 12:49:34) > - What is an SPDX bill of materials? > It is a machine-readable format that specifies the licenses of each > file in tag/value style like DEP-5. However compared to DEP-5 it is > much less human readable, i.e. it includes much more meta information, > and does not contain the license texts. > > - What has this to do with Debian? > My idea is to allow SPDX documents in addition to DEP-5. The advantage > is that - if supported upstream - REUSE can generate such reports > automatically during package build time, so there is no need to write > d/copyright manually anymore.
I am sceptical towards this proposal. An important feature to me with current machine-readable format is that really it is machine-and-human-readable. Another important feature to me is that there is only one format (in addition to unformatted content, which hopefully we can put past us at some point). Today, I can as DD help proof-read and change *any* package in Debian. If we permit a debian/copyright format that is not human-readable, it means that I cannot confidently proof-read and change the contents of the debian subdir without the help of machine-parsers, and I would need to know two formats with different goals. I would like to instead welcome the REUSE developers in helping Debian evolve next version of the existing machine-readable format to better align with SPDX. - Jonas -- * Jonas Smedegaard - idealist & Internet-arkitekt * Tlf.: +45 40843136 Website: http://dr.jones.dk/ [x] quote me freely [ ] ask before reusing [ ] keep private
signature.asc
Description: signature
