+++ /dev/null
-Format: https://www.debian.org/doc/packaging-manuals/copyright-format/1.0/
-Upstream-Name: curl
-Upstream-Contact: Daniel Stenberg <daniel@haxx.se>
-Source: https://curl.se
-
-# Tests
-Files: tests/data/test* tests/certs/* tests/stunnel.pem tests/valgrind.supp
-Copyright: Daniel Stenberg, <daniel@haxx.se>, et al.
-License: curl
-
-# Docs in docs/
-Files: docs/FAQ docs/INSTALL docs/KNOWN_BUGS docs/MAIL-ETIQUETTE docs/THANKS docs/TODO docs/libcurl/symbols-in-versions docs/options-in-versions
-Copyright: Daniel Stenberg, <daniel@haxx.se>, et al.
-License: curl
-
-# Windows
-Files: projects/Windows/*
-Copyright: Daniel Stenberg, <daniel@haxx.se>, et al.
-License: curl
-
-Files: libcurl.def
-Copyright: Daniel Stenberg, <daniel@haxx.se>, et al.
-License: curl
-
-# Single files we do not want to edit directly
-Files: CHANGES
-Copyright: Daniel Stenberg, <daniel@haxx.se>, et al.
-License: curl
-
-Files: GIT-INFO.md
-Copyright: Daniel Stenberg, <daniel@haxx.se>, et al.
-License: curl
-
-Files: RELEASE-NOTES
-Copyright: Daniel Stenberg, <daniel@haxx.se>, et al.
-License: curl
-
-# checksrc control files
-Files: lib/.checksrc src/.checksrc docs/examples/.checksrc tests/libtest/.checksrc
-Copyright: Daniel Stenberg, <daniel@haxx.se>, et al.
-License: curl
-
-Files: lib/libcurl.vers.in
-Copyright: Daniel Stenberg, <daniel@haxx.se>, et al.
-License: curl
-
-Files: packages/OS400/README.OS400
-Copyright: Daniel Stenberg, <daniel@haxx.se>, et al.
-License: curl
-
-Files: packages/vms/build_vms.com
-Copyright: Daniel Stenberg, <daniel@haxx.se>, et al.
-License: curl
-
-Files: packages/vms/curl_release_note_start.txt
-Copyright: Daniel Stenberg, <daniel@haxx.se>, et al.
-License: curl
-
-Files: packages/vms/curlmsg.sdl
-Copyright: Daniel Stenberg, <daniel@haxx.se>, et al.
-License: curl
-
-Files: packages/vms/macro32_exactcase.patch
-Copyright: Daniel Stenberg, <daniel@haxx.se>, et al.
-License: curl
-
-Files: packages/vms/readme
-Copyright: Daniel Stenberg, <daniel@haxx.se>, et al.
-License: curl
-
-Files: plan9/README
-Copyright: Daniel Stenberg, <daniel@haxx.se>, et al.
-License: curl
-
-Files: projects/wolfssl_override.props
-Copyright: Daniel Stenberg, <daniel@haxx.se>, et al.
-License: curl
-
-Files: README
-Copyright: Daniel Stenberg, <daniel@haxx.se>, et al.
-License: curl
-
-Files: renovate.json
-Copyright: Daniel Stenberg, <daniel@haxx.se>, et al.
-License: curl
-
-Files: .mailmap
-Copyright: Daniel Stenberg, <daniel@haxx.se>, et al.
-License: curl
--- /dev/null
+# SPDX-License-Identifier: curl
+# SPDX-FileCopyrightText: Daniel Stenberg, <daniel@haxx.se>, et al.
+
+# This file describes the licensing and copyright situation for files that
+# cannot be annotated directly, for example because of being simply
+# uncommentable. Unless this is the case, a file should be annotated directly.
+#
+# This follows the REUSE specification: https://reuse.software/spec-3.2/#reusetoml
+
+version = 1
+SPDX-PackageName = "curl"
+SPDX-PackageDownloadLocation = "https://curl.se/"
+
+[[annotations]]
+path = [
+ ".mailmap",
+ "CHANGES",
+ "docs/FAQ",
+ "docs/INSTALL",
+ "docs/KNOWN_BUGS",
+ "docs/libcurl/symbols-in-versions",
+ "docs/MAIL-ETIQUETTE",
+ "docs/options-in-versions",
+ "docs/THANKS",
+ "docs/TODO",
+ "GIT-INFO.md",
+ "lib/libcurl.vers.in",
+ "libcurl.def",
+ "packages/OS400/README.OS400",
+ "packages/vms/build_vms.com",
+ "packages/vms/curl_release_note_start.txt",
+ "packages/vms/curlmsg.sdl",
+ "packages/vms/macro32_exactcase.patch",
+ "packages/vms/readme",
+ "plan9/README",
+ "projects/Windows/**", "projects/wolfssl_override.props",
+ "README",
+ "RELEASE-NOTES",
+ "renovate.json",
+ "tests/certs/**",
+ "tests/data/test**",
+ "tests/stunnel.pem",
+ "tests/valgrind.supp",
+ # checksrc control files
+ "docs/examples/.checksrc",
+ "lib/.checksrc",
+ "src/.checksrc",
+ "tests/libtest/.checksrc",
+]
+SPDX-FileCopyrightText = "Daniel Stenberg, <daniel@haxx.se>, et al."
+SPDX-License-Identifier = "curl"
+# If there is licensing/copyright information in or next to these files, perfer that
+precedence = "closest"
This means that all files need to have their license and copyright information
clearly stated. Ideally by having the standard curl source code header, with
the SPDX-License-Identifier included. If the header does not work, you can use a
-smaller header or add the information for a specific file to the `.reuse/dep5`
+smaller header or add the information for a specific file to the `REUSE.toml`
file.
You can manually verify the copyright and compliance status by running the
-`./scripts/copyright.pl` script in the root of the git repository.
+[REUSE helper tool](https://github.com/fsfe/reuse-tool): `reuse lint`
+++ /dev/null
-#!/usr/bin/env perl
-#***************************************************************************
-# _ _ ____ _
-# Project ___| | | | _ \| |
-# / __| | | | |_) | |
-# | (__| |_| | _ <| |___
-# \___|\___/|_| \_\_____|
-#
-# Copyright (C) Daniel Stenberg, <daniel@haxx.se>, et al.
-#
-# This software is licensed as described in the file COPYING, which
-# you should have received as part of this distribution. The terms
-# are also available at https://curl.se/docs/copyright.html.
-#
-# You may opt to use, copy, modify, merge, publish, distribute and/or sell
-# copies of the Software, and permit persons to whom the Software is
-# furnished to do so, under the terms of the COPYING file.
-#
-# This software is distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY
-# KIND, either express or implied.
-#
-# SPDX-License-Identifier: curl
-#
-###########################################################################
-#
-# Invoke script in the root of the git checkout. Scans all files in git unless
-# given a specific single file.
-#
-# Usage: copyright.pl [file]
-#
-
-my %skips;
-
-# file names
-my %skiplist = (
- # REUSE-specific file
- ".reuse/dep5" => "<built-in>",
-
- # License texts
- "LICENSES/BSD-3-Clause.txt" => "<built-in>",
- "LICENSES/BSD-4-Clause-UC.txt" => "<built-in>",
- "LICENSES/ISC.txt" => "<built-in>",
- "LICENSES/curl.txt" => "<built-in>",
- "COPYING" => "<built-in>",
-
- );
-
-sub scanfile {
- my ($f) = @_;
- my $line=1;
- my $found = 0;
- open(F, "<$f") || return -1;
- while (<F>) {
- chomp;
- my $l = $_;
- # check for a copyright statement and save the years
- if($l =~ /.* ?copyright .* (\d\d\d\d|)/i) {
- my $count = 0;
- while($l =~ /([\d]{4})/g) {
- push @copyright, {
- year => $1,
- line => $line,
- col => index($l, $1),
- code => $l
- };
- $count++;
- }
- if(!$count) {
- # year-less
- push @copyright, {
- year => -1,
- line => $line,
- col => index($l, $1),
- code => $l
- };
- $count++;
- }
- $found = $count;
- }
- if($l =~ /SPDX-License-Identifier:/) {
- $spdx = 1;
- }
- # allow within the first 100 lines
- if(++$line > 100) {
- last;
- }
- }
- close(F);
- return $found;
-}
-
-sub checkfile {
- my ($file, $skipped, $pattern) = @_;
- $spdx = 0;
- my $found = scanfile($file);
-
- if($found < 1) {
- if($skipped) {
- # just move on
- $skips{$pattern}++;
- return 0;
- }
- if(!$found) {
- print "$file:1: missing copyright range\n";
- return 2;
- }
- # this means the file couldn't open - it might not exist, consider
- # that fine
- return 1;
- }
- if(!$spdx) {
- if($skipped) {
- # move on
- $skips{$pattern}++;
- return 0;
- }
- print "$file:1: missing SPDX-License-Identifier\n";
- return 2;
- }
-
- if($skipped) {
- print "$file:1: ignored superfluously by $pattern\n" if($verbose);
- $superf{$pattern}++;
- }
-
- return 1;
-}
-
-sub dep5 {
- my ($file) = @_;
- my @files;
- my $copy;
- open(F, "<$file") || die "can't open $file";
- my $line = 0;
- while(<F>) {
- $line++;
- if(/^Files: (.*)/i) {
- my @all = `git ls-files $1`;
- if(!$all[0]) {
- print STDERR "$1 matches no files\n";
- }
- else {
- push @files, @all;
- }
- }
- elsif(/^Copyright: (.*)/i) {
- $copy = $1;
- }
- elsif(/^License: (.*)/i) {
- my $license = $1;
- for my $f (@files) {
- chomp $f;
- if($f =~ /\.gitignore\z/) {
- # ignore .gitignore
- }
- else {
- if($skiplist{$f}) {
- print STDERR "$f already skipped at $skiplist{$f}\n";
- }
- $skiplist{$f} = "dep5:$line";
- }
- }
- undef @files;
- }
- }
- close(F);
-}
-
-dep5(".reuse/dep5");
-
-my $checkall = 0;
-my @all;
-my $verbose;
-if($ARGV[0] eq "-v") {
- $verbose = 1;
- shift @ARGV;
-}
-if($ARGV[0]) {
- push @all, @ARGV;
-}
-else {
- @all = `git ls-files`;
- $checkall = 1;
-}
-
-for my $f (@all) {
- chomp $f;
- my $skipped = 0;
- my $miss;
- my $wro;
- my $pattern;
- if($skiplist{$f}) {
- $pattern = $skip;
- $skiplisted++;
- $skipped = 1;
- $skip{$f}++;
- }
-
- my $r = checkfile($f, $skipped, $pattern);
- $mis=1 if($r == 2);
- $wro=1 if(!$r);
-
- if(!$skipped) {
- $missing += $mis;
- $wrong += $wro;
- }
-}
-
-if($verbose) {
- print STDERR "$missing files have no copyright\n" if($missing);
- print STDERR "$wrong files have wrong copyright year\n" if ($wrong);
- print STDERR "$skiplisted files are skipped\n" if ($skiplisted);
-
- for my $s (@skiplist) {
- if(!$skips{$s}) {
- printf ("Never skipped pattern: %s\n", $s);
- }
- if($superf{$s}) {
- printf ("%s was skipped superfluously %u times and legitimately %u times\n",
- $s, $superf{$s}, $skips{$s});
- }
- }
-}
-
-if($checkall) {
- for(keys %skiplist) {
- if(!$skip{$_}) {
- printf STDERR "$_ is marked for SKIP but is missing!\n";
- }
- }
-}
-
-exit 1 if($missing || $wrong);
projects / thirdparty / curl.git / commitdiff
