-
Notifications
You must be signed in to change notification settings - Fork 99
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Update legal/src-headers to allow https #331
base: main
Are you sure you want to change the base?
Conversation
ctubbsii
commented
Dec 20, 2023
•
edited
Loading
edited
- Keep http by default in the recommended source header
- Add wording to make it clear that https is also acceptable
This only changes the recommended source header that ASF projects themselves "should" use. It doesn't change the "how to apply" section at the bottom of the Apache 2.0 LICENSE page. The change here makes it clear that either http or https are permitted, but changes the default copy/paste recommendation to use https for the URL. |
https://issues.apache.org/jira/browse/LEGAL-265 resolved the question of whether the deviation to use https is acceptable or not (the conclusion was that it was acceptable). And, from a certain technical perspective, it could be argued that the https version is already effectively the canonical location, since the http version of the link is merely a 301 permanent redirect to the https version. |
7d17686
to
042c02c
Compare
I backed out the changes to make https the default in the source header. Interestingly, I noticed that the front matter at the top of this markdown file already uses https in it's own link to the license. It doesn't have much bearing on this PR or the recommended source header, but I thought it was interesting. |
* Keep http by default in the recommended source header * Add wording to make it clear that https is also acceptable
042c02c
to
6f69d71
Compare
I rebased this on the main branch, and added suggested wording to the license FAQs because the question keeps arising for that as well as for the source headers. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
LGTM
So why not say |
Can you please rephrase your question? I'm not sure what you mean by "as the normative scheme". |
Hi,
Should we replace the header example with "https" and then talk about http
and https as both valid? Should we express a preference for for https?
Gary
…On Sat, Jun 1, 2024, 12:22 AM Christopher Tubbs ***@***.***> wrote:
So why not say https in the license URL as the normative scheme?
Can you please rephrase your question? I'm not sure what you mean by "as
the normative scheme".
—
Reply to this email directly, view it on GitHub
<#331 (comment)>, or
unsubscribe
<https://github.com/notifications/unsubscribe-auth/AAJB6NYA227UIHX6436KACLZFFEBTAVCNFSM6AAAAABA4KJDTOVHI2DSMVQWIX3LMV43OSLTON2WKQ3PNVWWK3TUHMZDCNBTGI4DENZWHA>
.
You are receiving this because you commented.Message ID:
***@***.***>
|
I see. That has been discussed at length on the mailing list, and there seems to be reluctance to do that, for a variety of reasons. My intent here is to do something that's much easier and less controversial. That is, I merely wish to document the answer to the frequently asked question about whether or not it's okay to use https instead of http. The consensus seems to be "yes" to that question. However, when presented with a PR to update the site with that answer, the issue is stalled again. I believe this issue is simply waiting on the VP legal to say "yes, it's okay to merge this" (or to click the merge button themselves). However, it is a struggle getting a response that is unambiguously clear. |
@ctubbsii |