Update legal/src-headers to allow https #331
Conversation
ctubbsii
commented
Dec 20, 2023
•
ctubbsii
commented
- Keep http by default in the recommended source header
- Add wording to make it clear that https is also acceptable
|
This only changes the recommended source header that ASF projects themselves "should" use. It doesn't change the "how to apply" section at the bottom of the Apache 2.0 LICENSE page. The change here makes it clear that either http or https are permitted, but changes the default copy/paste recommendation to use https for the URL. |
|
https://issues.apache.org/jira/browse/LEGAL-265 resolved the question of whether the deviation to use https is acceptable or not (the conclusion was that it was acceptable). And, from a certain technical perspective, it could be argued that the https version is already effectively the canonical location, since the http version of the link is merely a 301 permanent redirect to the https version. |
ctubbsii
force-pushed
the
https-source-header
branch
from
7d17686
to
042c02c
Compare
|
I backed out the changes to make https the default in the source header. Interestingly, I noticed that the front matter at the top of this markdown file already uses https in it's own link to the license. It doesn't have much bearing on this PR or the recommended source header, but I thought it was interesting. |
* Keep http by default in the recommended source header * Add wording to make it clear that https is also acceptable
ctubbsii
force-pushed
the
https-source-header
branch
from
042c02c
to
6f69d71
Compare
|
I rebased this on the main branch, and added suggested wording to the license FAQs because the question keeps arising for that as well as for the source headers. |
|
So why not say |
Can you please rephrase your question? I'm not sure what you mean by "as the normative scheme". |
|
Hi,
Should we replace the header example with "https" and then talk about http
and https as both valid? Should we express a preference for for https?
Gary
…On Sat, Jun 1, 2024, 12:22 AM Christopher Tubbs ***@***.***> wrote:
So why not say https in the license URL as the normative scheme?
Can you please rephrase your question? I'm not sure what you mean by "as
the normative scheme".
—
Reply to this email directly, view it on GitHub
<#331 (comment)>, or
unsubscribe
<https://github.com/notifications/unsubscribe-auth/AAJB6NYA227UIHX6436KACLZFFEBTAVCNFSM6AAAAABA4KJDTOVHI2DSMVQWIX3LMV43OSLTON2WKQ3PNVWWK3TUHMZDCNBTGI4DENZWHA>
.
You are receiving this because you commented.Message ID:
***@***.***>
|
I see. That has been discussed at length on the mailing list, and there seems to be reluctance to do that, for a variety of reasons. My intent here is to do something that's much easier and less controversial. That is, I merely wish to document the answer to the frequently asked question about whether or not it's okay to use https instead of http. The consensus seems to be "yes" to that question. However, when presented with a PR to update the site with that answer, the issue is stalled again. I believe this issue is simply waiting on the VP legal to say "yes, it's okay to merge this" (or to click the merge button themselves). However, it is a struggle getting a response that is unambiguously clear. |
|
@ctubbsii |
