Include SPDX license identifier in our license headers

I just came across SPDX (https://spdx.org/ids) as part of a discussion on the same topic for Spoon (governance: add spdx data in license header · Issue #3158 · INRIA/spoon · GitHub). As far as I understand their goal is to have easier way to discover and made assertion over software licenses, and the easiest for doing that is by using a standardized tag to indicate the license of a file in the license header, such as:

// SPDX-License-Identifier: GPL-2.0-or-later

I’m not quite sure about the benefits for us, but I find it interesting to open the discussion about it.

Hi surli, Hi all,

As far as I can see on some example files hosted on kernel.org such as xiang/erofs-utils.git/tree/mkfs/main.c?h=dev, this could allow to replace the license summary header by a simple reference, that would make the source files lighter, a nice benefit imho if legal advisors confirm the validity of this approach.

I just realized one thing on this topic: many vm files seem to not contain any license reference, for example xwiki-platform-flamingo-skin-resources/src/main/resources/flamingo/view.vm?

The SPDX workgroup actually recommends to keep the license headers in addition to the SPDX identifier, it seems: https://spdx.org/ids-how. However, several advantages of using SPDX remain interesting:

• determine easily which licenses apply to a file
• standardize licenses in source code, docs and others
• eliminate error-prone parsing of license headers"

Indeed, I’ve started Adding license headers for *.vm files

Note: I’ve identified (but not tested), 2 maven plugins that supposedly can generate SPDX files:

• GitHub - spdx/spdx-maven-plugin: Plugin for supporting SPDX in a Maven build.
• GitHub - spdx/licensegenplugin: Maven plugin for generating the license data from the license list XML repository