On Wed, Feb 8, 2023 at 11:21 PM Demi Marie Obenour < d...@invisiblethingslab.com> wrote:
> On Wed, Feb 08, 2023 at 02:58:38PM -0800, Stefano Stabellini wrote: > > On Wed, 8 Feb 2023, Demi Marie Obenour wrote: > > > Obtaining code over an insecure transport is a terrible idea for > > > blatently obvious reasons. Even for non-executable data, insecure > > > transports are considered deprecated. > > > > > > This patch changes GPL boilerplate. > > > > > > Signed-off-by: Demi Marie Obenour <d...@invisiblethingslab.com> > > > > For the licensing boilerplate, I think it would be better to switch to > > SPDX instead. > > > > That said, given that you have already done the work to covert the GPL > > boilerplate everywhere, I think this is OK. But if you have time and > > energy I would love to see a patch switching to SPDX in as many places > > as possible. > > The only part of this patch I actually wrote is the commit message. The > rest was generatedy by: > > git ls-files -z | > xargs -0 -- sed -Ei -- 's@(http)(://www\.gnu\.org)@\1s\2@g' > > followed by the usual git stuff. Thank you for doing this; but unfortunately, to feel comfortable giving an 'R-b', we'd want to have some confidence that the new URLs were correct; making this patch as posted is basically impossible to review, even knowing the rune used to create it. I think if you specifically focused only on the URL in the license boilerplate (i.e., http://www.gnu.org/licenses/), and included the runes used to create it in the commit message, then it should be easier to review. Alternately, if you had some runes you'd used to verify that the new URLs worked, then we could review *that* instead of reviewing all of the individual URLs. That said, since it's been suggested that we intend to move over to SPDX entirely, I'd understand if you didn't want to put in the extra effort here. -George
