SPDX identifier of genroot.sh and genserv.sh (not sure which license it's under) #9417
Assignees
Labels
Comments
|
Yeah, we have a wildcard in `.reuse/dep5': Line 7 in 7be5377 ... but sure, shell scripts should have the SPDX properly spelled out. Will fix! |
bagder
added a commit
that referenced
this issue
Sep 2, 2022
... including the SPDX-License-Identifier. These omissions were not detected by the RUEUSE CI job nor the copyright.pl scanners because we have a general wildcard in .reuse/dep5 for "tests/certs/*". Reported-by: Samuel Henrique Fixes #9417
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Hello,
After the much appreciated work done by upstream of adding SPDX identifiers to pretty much all of the files, I decided to do a review of Debian's machine readable d/copyright for curl, and spotted a couple of files with no SPDX identifier from an author which is not curl's upstream.
The files are the following:
https://github.com/curl/curl/blob/7be53774c41c59b47075fbaf758b1497f70b25d6/tests/certs/scripts/genroot.sh
https://github.com/curl/curl/blob/7be53774c41c59b47075fbaf758b1497f70b25d6/tests/certs/scripts/genserv.sh
Both have this header:
With no license declaration, so I'm not sure what the SPDX header is supposed to set and didn't want to submit a PR.
I took the assumption that both files are under the curl license on Debian (as there isn't any other license shown), but decided to report this so you could double check and possibly add the SPDX header.
Thank you,
The text was updated successfully, but these errors were encountered: