Hi all, I am running FOSSID from time to time and now with the SPDX migration I am scanning again the code. Doing checks from time to time may not be enough and the best guard would be a CI snipped scanner
Best regards Alin ________________________________ Från: raiden00pl <raiden0...@gmail.com> Skickat: den 16 oktober 2024 12:04 Till: dev@nuttx.apache.org <dev@nuttx.apache.org> Ämne: Re: About SW licenses +1 We need to pay more attention to the license of the code that is added. GPL can destroy this project :( śr. , 16 paź 2024 o 07: 33 Jukka Laitinen <jukka. laitinen@ iki. fi> napisał(a): > Hi, > > A kind reminder to everyone contributing +1 We need to pay more attention to the license of the code that is added. GPL can destroy this project :( śr., 16 paź 2024 o 07:33 Jukka Laitinen <jukka.laiti...@iki.fi> napisał(a): > Hi, > > A kind reminder to everyone contributing code to NuttX; > > Please keep in mind that it is NOT allowed to copy code snippets from > any GPL licensed code into Apache/NuttX. > > While reading through arch/arm64 code base, my eye catches a lot of > places now, which resemble code in linux kernel. This *may* be > co-incidence, since the code is doing the same things in practice. > > I don't have any proper snippet scan tool at my disposal atm. Maybe if > someone has (e.g. blackduck hub), it would be nice to confirm that there > isn't any creeping in of GPLv2 code snippets. > > Anyhow; for now I just wanted to remind everyone about this. *do not > copy code from linux kernel or other GPL licensed code*. This would do > great harm to users of NuttX > > Thanks, > > Jukka > > >
