THE SPDX WIKI IS NO LONGER ACTIVE. ALL CONTENT HAS BEEN MOVED TO https://github.com/spdx
Technical Team/Use Cases/2.0/Debian has an interest in only building things that are linking license compatible
From SPDX Wiki
< Technical Team | Use Cases/2.0
Revision as of 13:19, 7 March 2013 by MartinMichlmayr (Talk | contribs)
- Title: Debian has an interest in only building things that are linking license compatible
- Primary Actor: Builder of binary copyrightable artifact
- Goal in Context: To be able to determine from the SPDX data of the source and libraries linked into a binary executable what licenses are in play so that judgements can be made about license compatibility.
- Stakeholders and Interests:
- Binary Builder:
- To understand the license information about the source code and libraries linked into the binary they are building.
- Binary Builder:
- Preconditions:
- Binary builder has some way to understand what source is built into their binary
- Binary builder has some way to understand what libraries are linked into their binary
- Binary builder has some understanding of the license informatino for the source built into their binary and an expression of it in SPDX form.
- Main Success Scenario: Binary builder can determine the licenses of all the source code and libaries that are linked into their binary.
- Failed End Condition: Binary builder can determine the licenses of all the source code and libaries that are not linked into their binary.
- Trigger:
- Binary build time
- Commit time?
- Notes: In a nutshell, we think this Use Case is asking for SPDX data to make licensing info machine readable to a build system, and that the license info of a binary be tied somehow to the license info of the source that went into it. So that someone can write logic around their build system based on what they may or may not deem to be acceptable license combinations in their build