You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
a source code file's license (if it has an SPDX-License-Identifier: tag); and
which source code file(s) are built into a binary file (to the extent that the CMake file API response contains that info).
It would be interesting to explore whether this can be used to auto-conclude the binary file's license -- in other words, to fill in LicenseConcluded with some value other than NOASSERTION.
The most obvious approach would be to simply AND together the licenses of all the source files and/or libraries that are used as inputs. So, for instance, if a binary has four source file inputs, three of which contain Apache-2.0 licenses and the other containing ISC, then cmake-spdx could follow the relationships to determine that those are the four files used to create the binary, and then conclude the binary's license as Apache-2.0 AND ISC.
The text was updated successfully, but these errors were encountered:
Currently, cmake-spdx can determine:
SPDX-License-Identifier:tag); andIt would be interesting to explore whether this can be used to auto-conclude the binary file's license -- in other words, to fill in
LicenseConcludedwith some value other thanNOASSERTION.The most obvious approach would be to simply AND together the licenses of all the source files and/or libraries that are used as inputs. So, for instance, if a binary has four source file inputs, three of which contain
Apache-2.0licenses and the other containingISC, then cmake-spdx could follow the relationships to determine that those are the four files used to create the binary, and then conclude the binary's license asApache-2.0 AND ISC.The text was updated successfully, but these errors were encountered: