From the documentation:

If your project includes documentation which is not included in the final build
artefact, you are encouraged but not obliged to include license information for
these too.

Is it possible to specifically exclude folders or files from reuse lint?

A package called fsfe-reuse that provides a program called reuse is a little confusing. Looking through the history, it was originally called reuse, then renamed to fsfs-reuse in a8c2890 without any rationale.

Is there a reason why the package cannot be called just reuse?

The SPDX-License-Identifier given as a parameter for reuse download is case-sensitive. I wonder whether this is actually necessary since there is no conflict. Especially for manual downloads, some users might appreciate the tool being less strict about this.

However, I think that we should stay case-sensitive when checking the identifiers with reuse lint.

Also: Automatically detect if a .license file already exists.

Some argparse arguments currently use argparse.FileType. This is really convenient because it automatically detects whether a file exists and/or is writeable. But it's also annoying because it creates a stream and doesn't handle directories.

It shouldn't be too hard to homebrew something for this that just returns a Path object.

The tool will currently not recognise GPL-3.0 or GPL-3.0+ as a valid licence, preferring instead the new GPL-3.0-only and GPL-3.0-or-later.

Should the tool consider deprecated licences as valid? Should there be a warning?

The "+" operator remains a part of the SPDX spec, however, and should probably be handled correctly.

I need a little heads up on how to build reuse-tool from scratch. My Linux distro is using Python 3.5 and I had to upgrade to 3.6 to install dependencies and the application.

So far I managed to install requirements.txt.

What are the build steps I have to take?

Downloaded licenses are formatted differently than originals (in text form). I believe this is because licenses may be downloaded from https://github.com/spdx/license-list-data/ which apparently generates them from HTML.

You can see what I mean, here:

• original: https://github.com/spdx/license-list-data/blob/master/text/Apache-2.0.txt
• weird formatting: https://github.com/spdx/license-list-data/blob/master/text/Apache-2.0.txt

I am not sure if this issue should be opened also in the spdx repository, but I think it would be nice if REUSE did not alter licenses.

Is it ok to modify licenses such as GPL (even just to reformat them) that explicitly forbids changes to the license itself?

Copyright (C) 2007 Free Software Foundation, Inc. https://fsf.org/
Everyone is permitted to copy and distribute verbatim copies
of this license document, but changing it is not allowed.

Given a file erroneous-spdx.txt:

SPDX-Copyright: Carmen

SPDX-License-Identifier: MIT OR BSD AND

The output of reuse lint is:

reuse._util - ERROR - Could not parse 'MIT OR BSD AND'
reuse.project - ERROR - erroneous-spdx.txt holds an SPDX expression that cannot be parsed, skipping the file
NO LICENSE

The following files have no license(s):
  erroneous-spdx.txt

NO COPYRIGHT

The following files have no copyright:
  erroneous-spdx.txt

SUMMARY

Bad licenses: 0
Missing licenses: 0
Unused licenses: 0
Used licenses: Apache-2.0, CC-BY-SA-4.0, CC0-1.0, GPL-3.0-or-later
Read errors: 0
Files with copyright information: 47 / 48
Files with license information: 47 / 48

The ERROR statements are just logger output from within the program. The file is then completely skipped over, and its (completely valid) SPDX-Copyright tag is ignored.

Is this sufficient, or should the plumbing somehow change to account for this edge case?

Still need to do this... Also not sure whether reuse addheader should support using something other than SPDX-Copyright. Maybe that's a job for templates?

e.g., someone could have a template along the lines of:

SPDX-License-Identifier: {spdx_license_expression}

Copyright © {year} {copyright_holder} {copyright_contact}

instead of the default

SPDX-License-Identifier: {spdx_license_expression}

SPDX-Copyright: {year} {copyright_holder} {copyright_contact}

(Super rough sketch, that isn't an actual proposal)

Those tests don't exist, but should. This issue mostly exists as a reminder to self.

this is a repost from the forum:

From the documentation we read that it is allowed to add a suffix to the file name containing the License Text:

(you may attach some suffix to the filename as well, such as LICENSE.txt ).

I tested this and am having problems. I created a file with SPDX License Identifier

SPDX-Copyright: 2019 Alice

SPDX-License-Identifier: BSD-2-Clause

then created a License file with the name LICENSES/BSD-2-Clause-Alice.txt

The tool couldn’t find it. When I change the name to LICENSES/BSD-2-Clause.txt it works.

Can the prefix only be applied to file extensions?

I initially quickly created #43 to quickly deal with an issue where the page of Dockerhub would incorrectly deal with <https://example.com> links.

Example:

But, as it turns out, Sphinx is now broken.

Example:

So I've reverted all those commits for now. Will deal with this another time.

It would be great to create an example demonstrating how to use REUSE in a custom Git repository as a part of its continuous integration practice (e.g., Travis CI).

Recently I have spent a lot of time on including REUSE into CI used in gim repository. The main problem was with setting up required Python version together with language: shell in .travis.yml, which seems impossible.

Well, I have ended up with Python version 3.5.2 (see also #25) and it looks like it is working but I am still afraid of that older Python version. Don't you know how to change Python version in Travis CI while using language: shell and not language: python by any chance? python: <version> doesn't work in that case.

TLDR: I read #28 and the example https://git.io/fj577. I am fine with that, I think we need a way to automate this. And for some files the tagging has to be out-of-band, headers wont work.

Idea

Singular files

My proposal:

reuse set-license --license X --copyright Y $GLOB

Which would edit .reuse/dep5, also replace entries if needed and report conflicts.

For example:

reuse set-license --license CC-BY-SA-4.0 --copyright "2019 Ganwell" static/*.png

Adds this to .reuse/dep5:

Files: static/*.png
Copyright: 2019 Ganwell
License: CC-BY-SA-4.0

Common files

reuse set-common-config --license AGPL-3.0-or-later --copyright "2019 Ganwell"

This should add entries to .reuse/dep5 for common files like .gitignore, Cargo.tom, package.json. It's just too much to ask from users to track all these files. I also don't like headers in these file, because many of these files are generated/edited by command-line tools and these headers have a high chance to break the file, or the command-line tools might remove the header again.

Motivation

Here is my motivation, I kind of argue that not every file should be tracked, but I can accept every file being tagged when there is good support for that.

I understand the goal to include every file. It feels like a good goal to me too. But I am not sure if really everything should be included. I moved 20 repositories to AGPL yesterday and I refused to add a license/copyright indicators to everything, it took over 10h regardless. Two mayor cases:

Config

1. Config files, these are often strongly structured: Cargo.tom, package.json, .travis-ci.yml, .gitlab-ci.yml. A notable exception I see: setup.py is actually code and I sometimes write code in these that should be under copyright/copyleft.

2. Less structure config files and config for IDEs and helper tools, like: .gitignore, .flake8, setup.cfg. In my option they don't hold a copyright-able work. Although in theory maybe everything does, but really... its just a burden.

Binary files

I think reuse should offer to set license/copyright on them, but by automatically extending .reuse/dep5 or some other out-of-band file. I can't add meaningful copyright indicators to files like *.png, *.jpg, *.dat. Some might actually have a comment field inside, but

1. I have to start the programm that produced that file to edit the comment

2. Almost nobody would ever bother to look inside a binary file

See also #13.

git config and .reuse/config should provide default values for author/email and default license respectively.

It makes sense for me to implement this as a composite of Project. This might be a little difficult, though, because I'd have to forward the config object to a lot of places that do not currently have one.

reuse download could use an option to download all used licenses in a project, instead of having to download them individually. Perhaps with an --all flag?

Since this might cause some issues with badly formed license information and/or false-positive findings, this could also happen interactively.

The following code fails during reuse lint and complains about the identifier in
license_identifier variable, which is used for writing license info to another file.

# SPDX-FileCopyrightText: 2019 Example
#
# SPDX-License-Identifier: LicenseRef-Proprietary
#

license_copyright_text = "SPDX-FileCopyrightText: 2019 Example"
license_identifier = "SPDX-License-Identifier: LicenseRef-Proprietary"

fout = open('out.txt', 'w')
fout.write(license_copyright_text)
fout.write('\n')
fout.write(license_identifier)
fout.close()

However, this file already has a valid license header.

The error message is:

reuse._util - ERROR - Could not parse 'LicenseRef-Proprietary"'
reuse.project - ERROR - kek.py holds an SPDX expression that cannot be parsed, skipping the file

Hello,

I was wondering how to properly license software with LGPL. On the GNU website ( https://www.gnu.org/licenses/gpl-howto.html ) I read that I should include both the GNU GPL plus the content of the LGPL:

Please note that, since the LGPL is a set of additional permissions on top of the GPL, it's crucial to include both licenses so users have all the materials they need to understand their rights

However the REUSE tool seems to be downloading only the text of the LGPL. Is that ok even if it contradicts the official guidelines?

Thanks :)

The question is clear. What is the minimal required Python version? README.rst states 3.6 whereas pypi as well as its badge states 3.5.

From my experience, it seems that REUSE works under Python 3.5.2 (Travis CI using Xenial image).

Hello,

I was trying to run reuse, but ran into an ImportError. Any idea why reuse cannot find its imports?

09:56 kuno@pink-yoshi:~/code$ mkdir reuse
09:56 kuno@pink-yoshi:~/code$ cd reuse
09:56 kuno@pink-yoshi:~/code/reuse$ python3 -m venv ve
09:57 kuno@pink-yoshi:~/code/reuse$ ve/bin/pip install fsfe-reuse
Collecting fsfe-reuse
  Using cached https://files.pythonhosted.org/packages/30/11/f96ce5e81048ac1af34f68725c22ec88131c137ffa22ddf7814af917ce5c/fsfe_reuse-0.5.0-py3-none-any.whl
Collecting python-debian (from fsfe-reuse)
  Using cached https://files.pythonhosted.org/packages/87/49/a34a602141db50b101a25d1f256b33cfb7b406bafd0f00e071a5f7424c92/python_debian-0.1.36-py3-none-any.whl
Collecting license-expression (from fsfe-reuse)
  Using cached https://files.pythonhosted.org/packages/de/6b/65b4a2ee355a1ea1b78bdc858e314e767cedcc44e8aaf9cd46e4da41674b/license_expression-0.999-py2.py3-none-any.whl
Collecting binaryornot (from fsfe-reuse)
  Using cached https://files.pythonhosted.org/packages/24/7e/f7b6f453e6481d1e233540262ccbfcf89adcd43606f44a028d7f5fae5eb2/binaryornot-0.4.4-py2.py3-none-any.whl
Collecting boolean.py (from fsfe-reuse)
  Using cached https://files.pythonhosted.org/packages/9b/27/d22062a221010e17935237ba4b574cd828238ea02e0765337c238466a512/boolean.py-3.6-py2.py3-none-any.whl
Collecting Jinja2 (from fsfe-reuse)
  Using cached https://files.pythonhosted.org/packages/1d/e7/fd8b501e7a6dfe492a433deb7b9d833d39ca74916fa8bc63dd1a4947a671/Jinja2-2.10.1-py2.py3-none-any.whl
Collecting requests (from fsfe-reuse)
  Using cached https://files.pythonhosted.org/packages/51/bd/23c926cd341ea6b7dd0b2a00aba99ae0f828be89d72b2190f27c11d4b7fb/requests-2.22.0-py2.py3-none-any.whl
Collecting six (from python-debian->fsfe-reuse)
  Using cached https://files.pythonhosted.org/packages/73/fb/00a976f728d0d1fecfe898238ce23f502a721c0ac0ecfedb80e0d88c64e9/six-1.12.0-py2.py3-none-any.whl
Collecting chardet (from python-debian->fsfe-reuse)
  Using cached https://files.pythonhosted.org/packages/bc/a9/01ffebfb562e4274b6487b4bb1ddec7ca55ec7510b22e4c51f14098443b8/chardet-3.0.4-py2.py3-none-any.whl
Collecting MarkupSafe>=0.23 (from Jinja2->fsfe-reuse)
  Using cached https://www.piwheels.org/simple/markupsafe/MarkupSafe-1.1.1-cp35-cp35m-linux_armv7l.whl
Collecting idna<2.9,>=2.5 (from requests->fsfe-reuse)
  Using cached https://files.pythonhosted.org/packages/14/2c/cd551d81dbe15200be1cf41cd03869a46fe7226e7450af7a6545bfc474c9/idna-2.8-py2.py3-none-any.whl
Collecting certifi>=2017.4.17 (from requests->fsfe-reuse)
  Using cached https://files.pythonhosted.org/packages/18/b0/8146a4f8dd402f60744fa380bc73ca47303cccf8b9190fd16a827281eac2/certifi-2019.9.11-py2.py3-none-any.whl
Collecting urllib3!=1.25.0,!=1.25.1,<1.26,>=1.21.1 (from requests->fsfe-reuse)
  Using cached https://files.pythonhosted.org/packages/81/b7/cef47224900ca67078ed6e2db51342796007433ad38329558f56a15255f5/urllib3-1.25.5-py2.py3-none-any.whl
Installing collected packages: six, chardet, python-debian, boolean.py, license-expression, binaryornot, MarkupSafe, Jinja2, idna, certifi, urllib3, requests, fsfe-reuse
Successfully installed Jinja2-2.10.1 MarkupSafe-1.1.1 binaryornot-0.4.4 boolean.py-3.6 certifi-2019.9.11 chardet-3.0.4 fsfe-reuse-0.5.0 idna-2.8 license-expression-0.999 python-debian-0.1.36 requests-2.22.0 six-1.12.0 urllib3-1.25.5
09:56 kuno@pink-yoshi:~/code/reuse$ cd ..
09:59 kuno@pink-yoshi:~/code$ cd reuse-example/
09:59 kuno@pink-yoshi:~/code/reuse-example (master)$ ../reuse/ve/bin/reuse lint
Traceback (most recent call last):
  File "../reuse/ve/bin/reuse", line 7, in <module>
    from reuse._main import main
  File "/home/kuno/code/reuse/ve/lib/python3.5/site-packages/reuse/_main.py", line 13, in <module>
    from . import (
  File "/home/kuno/code/reuse/ve/lib/python3.5/site-packages/reuse/download.py", line 11, in <module>
    from os import PathLike
ImportError: cannot import name 'PathLike'
09:59 kuno@pink-yoshi:~/code/reuse-example (master)$

System:

09:59 kuno@pink-yoshi:~/code/reuse-example (master)$ lsb_release -a
No LSB modules are available.
Distributor ID:	Raspbian
Description:	Raspbian GNU/Linux 9.9 (stretch)
Release:	9.9
Codename:	stretch

Not really sure how to describe this short of giving an example:

bash-5.0$ reuse download 0BSD
Successfully downloaded 0BSD.bash-5.0$

It seems like it doesn't give a newline, and doesn't give the file extension.

We want to support custom templates for headers. Allow default templates per file type and verify integrity.

Some notes that we took:

• Jinja seems like a good templating system for this
• Add a way to configure default templates per file type
• Verify integrity of template (is a single comment block, contains two tag loops)
• Make sure that the template can replace itself in a header
• [optional] Perhaps allow a method for uncommented templates that can be used for all file types recognised by REUSE? It's fairly trivial to comment such a text block
• Allow a method for commented templates

Suppose a project with two licenses, A and B. docs is the only directory that has files licensed under B. If I do reuse lint any_other_directory, the linter will complain that license B is unused. This is kind of annoying and needs to be fixed.

While writing the documentation, I am noticing that some subcommands (e.g., reuse download) are already wholly documented by their --help command. Because I don't want to copy+paste (DRY), I would like to share the documentation from a single source. Ideally, that would look something like this:

download
========

<-- Output of `reuse download --help` here -->

[...]

I think this can be achieved with Jinja2. It's just a little bit of work that I want to put off.

I tried to lint the Linux kernel today and received a fatal error, see below:

Git: git://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git
Branch: master
Commit: 089cf7f6ecb266b6a4164919a2e69bd2f938374a

This error is rather new, with 0.4.0, linting Linux didn't throw an error.

reuse.project - WARNING - Could not resolve SPDX License Identifier of LICENSES/dual/Apache-2.0, resolving to Apache-2. Make sure the license is in the license list found at <https://spdx.org/licenses/> or that it starts with 'LicenseRef-', and that it has a file extension.
reuse.project - WARNING - Could not resolve SPDX License Identifier of LICENSES/dual/CDDL-1.0, resolving to CDDL-1. Make sure the license is in the license list found at <https://spdx.org/licenses/> or that it starts with 'LicenseRef-', and that it has a file extension.
reuse.project - WARNING - Could not resolve SPDX License Identifier of LICENSES/dual/MPL-1.1, resolving to MPL-1. Make sure the license is in the license list found at <https://spdx.org/licenses/> or that it starts with 'LicenseRef-', and that it has a file extension.
reuse.project - WARNING - Could not resolve SPDX License Identifier of LICENSES/exceptions/GCC-exception-2.0, resolving to GCC-exception-2. Make sure the license is in the license list found at <https://spdx.org/licenses/> or that it starts with 'LicenseRef-', and that it has a file extension.
reuse.project - WARNING - Could not resolve SPDX License Identifier of LICENSES/preferred/GPL-2.0, resolving to GPL-2. Make sure the license is in the license list found at <https://spdx.org/licenses/> or that it starts with 'LicenseRef-', and that it has a file extension.
reuse.project - WARNING - Could not resolve SPDX License Identifier of LICENSES/preferred/LGPL-2.0, resolving to LGPL-2. Make sure the license is in the license list found at <https://spdx.org/licenses/> or that it starts with 'LicenseRef-', and that it has a file extension.
reuse.project - WARNING - Could not resolve SPDX License Identifier of LICENSES/preferred/LGPL-2.1, resolving to LGPL-2. Make sure the license is in the license list found at <https://spdx.org/licenses/> or that it starts with 'LicenseRef-', and that it has a file extension.
reuse.project - CRITICAL - LGPL-2 is the SPDX License Identifier of both LICENSES/preferred/LGPL-2.1 and LICENSES/preferred/LGPL-2.0
Traceback (most recent call last):
  File "/usr/bin/reuse", line 11, in <module>
    load_entry_point('fsfe-reuse==0.5.0', 'console_scripts', 'reuse')()
  File "/usr/lib/python3.7/site-packages/reuse/_main.py", line 225, in main
    return parsed_args.func(parsed_args, out)
  File "/usr/lib/python3.7/site-packages/reuse/lint.py", line 255, in run
    project = create_project()
  File "/usr/lib/python3.7/site-packages/reuse/project.py", line 297, in create_project
    return Project(root)
  File "/usr/lib/python3.7/site-packages/reuse/project.py", line 63, in __init__
    self.licenses = self._licenses()
  File "/usr/lib/python3.7/site-packages/reuse/project.py", line 277, in _licenses
    "Multiple licenses resolve to {}".format(identifier)
RuntimeError: Multiple licenses resolve to LGPL-2

Reported by @mxmehl

When I look into https://git.fsfe.org/reuse/website,

this repository has a single license file and a git submodule. The submodule contains a LICENSES folder (in master branch).

The first thing I notice is that some files have no SPDX license identifier, for example README.md, though the rendered output as 'content of the website' is licensed.

Files like .gitmodules and Dockerfile do not have a license. I was hoping to use reuse lint in a build step to check whether the project is REUSE compliant or not, but this doesn't work since there is no distinction between exceptions and missing license identifier.

When using submodules I receive the following git error: fatal: Pathspec 'reuse-docs/.git' is in submodule 'reuse-docs'

Finally, licenses from submodules cannot be found: reuse - WARNING - reuse-docs/practices/2.0.md is licensed under CC-BY-SA-4.0, but its license file could not be found

The reason for this is that the license only exist in the folder of the submodule and is missing in the root folder of the repository.

In this case, should I copy all licenses from submodules into the root LICENSES folder, according to practice 1 or should I make a reference in the header:

/*
* This file is part of project X. It’s copyrighted by the contributors
* recorded in the version control history of the file, available from
* its original location http://git.example.com/X/filename.c
*
* SPDX-License-Identifier: GPL-3.0
*/

Arch Linux users can also use this AUR to install reuse: https://aur.archlinux.org/packages/reuse

We should mention it in the README, the docs, and the website.

Given .reuse/dep5 file

Format: https://www.debian.org/doc/packaging-manuals/copyright-format/1.0/

Files: gradle/*.lockfile
Copyright: ©  Basil Peace
License: Apache-2.0

reuse lint (master branch) correctly recognizes license on gradle/main.lockfile file under Debian, but not under Windows.
Under Windows this works:

Files: gradle\\*.lockfile

which is somewhat strange.
Format should be OS-independent otherwise cross-platform development and build is not feasible.

Hello! Would it be possible to add some relevant GitHub topics to this repository? It would be great and also it might bring some people.

I also want to say 'Thank you' this way for developing this project! ❤️ I have been using it in my every single software project (and even in some non-software focused ones) I have developed using Git. Still remember when I found it on FSFE Git and it was exactly what I wanted. Just type reuse lint and that's all.

It's a shame that this project is so underestimated. Yet, it is one of my GitHub stars! ⭐

When running reuse spdx over reuse-website, I find the following as an example:

FileName: ./site/static/css/template.css
SPDXID: SPDXRef-80751eb67afd7c1010f435798d7feb52
FileChecksum: SHA1: b7b7266ae690116ed56a71f616afd9d2bace073a
LicenseConcluded: NOASSERTION
LicenseInfoInFile: MIT
FileCopyrightText: <text>SPDX-FileCopyrightText: 2019 Free Software Foundation Europe e.V. <https://fsfe.org>
SPDX-FileCopyrightText: 2015 Omar Abdelhafith <[email protected]></text>

1. Do we want to print SPDX-FileCopyrightText as a value of FileCopyrightText?
2. Is it correct that two copyright statements are inside one <text> tag?

This issue outlines all the ways in which one might use reuse addheader, and what should happen in those cases.

1. Simplest case

This is a super straightforward case.

reuse addheader --copyright "Mary Sue" --license 0BSD myfile.py should add the header

# SPDX-Copyright: CURRENT_YEAR Mary Sue
#
# SPDX-License-Identifier: 0BSD

Should there be a confirmation prompt here?

2. Overwriting current year

Also a simple case.

reuse addheader --year 1984 --copyright "Mary Sue" --llicense 0BSD myfile.py should add the header

# SPDX-Copyright: 1984 Mary Sue
#
# SPDX-License-Identifier: 0BSD

3. Chaining copyright holders and licenses

You can repeat arguments.

reuse addheader --copyright "Mary Sue" --copyright "John Doe" --license 0BSD --license MIT should add the header

# SPDX-Copyright: CURRENT_YEAR John Doe
# SPDX-Copyright: CURRENT_YEAR Mary Sue
#
# SPDX-License-Identifier: 0BSD
# SPDX-License-Identifier: MIT

4. No arguments

The thing prompts you, maybe? This might be super clumsy though.

Everything between brackets is user input.

$ reuse addheader myfile.py
Who is the copyright holder?: [Mary Sue]
What is the license?: [0BSD]
SUCCESS MESSAGE HERE

5. Environment variables

Maybe we can set environment variables so that you don't have to be prompted. Kind of like a default setting for lazy users.

$ export NAME="Mary Sue"
$ export EMAIL="[email protected]"
$ export DEFAULT_LICENSE="0BSD"
$ reuse addheader myfile.py

will add the header

# SPDX-Copyright: CURRENT_YEAR Mary Sue <[email protected]>
#
# SPDX-License-Identifier: 0BSD

Should the user be prompted to confirm this?

6. Config

Maybe we could put some defaults in .reuse/config. Let's say that that file looks like this:

[reuse]
default_license="0BSD"

reuse addheader --copyright "Mary Sue" myfile.py should add the header

# SPDX-Copyright: CURRENT_YEAR Mary Sue
#
# SPDX-License-Identifier: 0BSD

Should the user be prompted to confirm this?

The default copyright holder CANNOT be in .reuse/config, because an individual's setting cannot be in the repository.

7. Use git config

Maybe some defaults could be taken from git config. Given a .git/config (or global gitconfig) like this

[user]
	email = [email protected]
	name = Mary Sue

Then reuse addheader --license 0BSD myfile.py might add the header

# SPDX-Copyright: CURRENT_YEAR Mary Sue <[email protected]>
#
# SPDX-License-Identifier: 0BSD

Should the user be prompted for this?

8. All of the above

Given a git config like this:

[user]
	email = [email protected]
	name = Mary Sue

and environment variables like this:

export NAME="Jane Doe"
export EMAIL="[email protected]"
export DEFAULT_LICENSE="MIT"

and a .reuse/config like this:

[reuse]
default_license="0BSD"

What happens if you type reuse addheader myfile.py?

What happens if you type reuse addheader --copyright "John Doe" --license "CC0-1.0" myfile.py?

In contrast to license_expression, which does a lot of legwork for us by verifying and interpreting SPDX License Expressions, spdx-tools isn't currently doing much. I initially required it because it comes with an SPDX License List, but I ended up copying that code into the repository and making some minor adjustments.

Hello! I am a big fan of the new REUSE badge as it is simpler and smaller. However, it seems that GitHub caches some images on their servers and unfortunately includes the REUSE badge in this caching process. The following image should illustrate the new REUSE badge (from the official REUSE website) but in reality it is the older one:

So right now I am stuck with the older REUSE badge wherever I go on GitHub. I suspect that it is not only my problem and it affects more users. Please, let me know whether you are affected as well.

Do you know if there is any refresh interval of their cached images by chance? If so, what is the interval? Is there anything to do to get the new REUSE badge working?

If I can be of any help, feel free to ask.

This is related to #11.

This issue proposes several design challenges for the behaviour of reuse addheader. I'm not really sure how to introduce them other than to simply expose them.

Just assume that we call reuse addheader on all files.

1. How to deal with existing header

Given a file

# This is my first program

print("Hello, world")

What should be done with the existing header?

1. It should be removed and replaced
2. It should be combined with the new header
3. It should be shifted downwards so that it is the second comment block

2. How to deal with existing SPDX Info in the header

Given a file

# This file is copyrighted by:
#
# SPDX-Copyright: Mary Sue
#
# This file is licensed under:
#
# SPDX-License-Identifier: 0BSD

print("Hello, world!")

What should be done with the existing header?

1. It should be removed and replaced
2. It should be combined with the new header
3. It should be shifted downwards so that it is the second comment block

3. How to deal with existing SPDX Info outside of the header

Given a file

# This is my first program

# SPDX-Copyright: Mary Sue

print("Hello, world!")

What should be done with the SPDX info?

1. Remove it and put it in the new header
2. Ignore it

With the release of v0.4.0, things have changed a lot. I would say that most changes are positive and it seems to me that a lot of program mechanisms are simpler as well as the REUSE Specification, which is almost always good; things are almost never as simple as they should be. ⚫ And license downloading... Good work on that! 👍 And I have hardly worked with the v0.5.0 so far, so I am looking forward. 😃

But there is a little problem arising from the new specification. It is the GitHub license integration. New specification requires all license files to be in the LICENSES directory, which makes sense to make things more simple and consistent but it certainly breaks the GitHub integration and it looks like the repository is not licensed at all at first glance. On the other hand, with previous versions there was a problem with the requirement of LICENSE.txt.license just to state the LICENSE.txt license identifier. I think it was the only way to both be REUSE compliant and meet GitHub integration (correct me if I am wrong). It certainly was not a perfect solution but it worked.

However, I like the idea that filename meets the license inside and REUSE should stick with it in my opinion. Nevertheless, I would like to open a discussion about any possible ways of GitHub integration and try to establish an official REUSE suggestion (or functionality) to solve this problem.

Personally, I don't have any specific suggestions but I have tried to somehow use both REUSE and GitHub integration in the vhdldep and asus-fan-control repositories.

In vhdldep, there was the preferred license added using GitHub website (the SPDX one is not recongised by GitHub 😕) and that's it. In this case, it is good that all know that the preferred license is the MIT license. However, I don't know how to include this information in README.md, so I have omitted it so far. It could be confusing. At the end of the day, which MIT license (LICENSE.txt, or LICENSES/MIT.txt) is this project license under? README.md is far from legal text.

In asus-fan-control, the situation about the right interpretation of the license is much better. However, the integration of GitHub says 'Other' license, which is predictable...

So as you can see, it may be a minor problem but I really like this program and I would be really happy to solve the above problem. Do you have any ideas? Any possible solutions including adding a new functionality to the program? Thank you for your time and sharing your opinions! 🎉

We already have some documentation for the tool, but I think we should provide more on the usage of the tool, so explain the function.

Ideally, we think of a way to integrate the different knowledge bases, so

• readthedocs
• helper texts inside of the tool
• FAQ on reuse.software

This popped up in #90.

The tool currently goes by the following names:

• reuse --- Its name in the codebase and on the CLI, and on Docker
• fsfe-reuse --- Its name on PyPI because reuse was taken #75
• reuse-tool --- Its name on GitHub, which is never(?) used anywhere else
• REUSE helper tool --- Its name on the REUSE website

If this could somehow be shrunk down to one name, that would be fantastic. But I'm not sure it can be shrunk down to one. Its name should remain reuse on the CLI, barring a better alternative. But reuse is not a very good name outside of the context of the CLI.

When running reuse lint not inside the repository but at least one level above, reuse lint does complain about missing files in LICENSES/, although they are in the given directory,

Situation:

/home/max/
|─ reuse-example
|─ some_other_dir

When running reuse lint inside of /home/max/reuse-example, everything is fine.

When running reuse lint reuse-example inside of /home/max, it fails. The same if I run reuse lint ../reuse-example when running it inside the some_other_dir:

# MISSING LICENSES

'CC-BY-4.0' found in:
* reuse-example/img/cat.jpg

'CC0-1.0' found in:
* reuse-example/.gitignore

'GPL-3.0-or-later' found in:
* reuse-example/Makefile
* reuse-example/README.md
* reuse-example/img/dog.jpg
* reuse-example/src/main.c


# SUMMARY

* Bad licenses:
* Missing licenses: CC-BY-4.0, CC0-1.0, GPL-3.0-or-later
* Unused licenses:
* Used licenses:
* Read errors: 0
* Files with copyright information: 6 / 6
* Files with license information: 6 / 6

Not sure how a good solution could look like since I assume that it is not trivial for the tool to detect what's the root of the project, especially when submodules are included.

The README says that the project is licensed under GPL-3.0-or-later, which is true, but not the whole truth.

If I add the following to a comment header:

# SPDX-License-Identifier: hello

Then I get this as output from reuse lint:

# BAD LICENSES

'hello' found in:
* src/reuse/templates/default_template.jinja2


# SUMMARY

* Bad licenses: hello
* Missing licenses:
* Unused licenses:
* Used licenses: Apache-2.0, CC-BY-SA-4.0, CC0-1.0, GPL-3.0-or-later
* Read errors: 0
* Files with copyright information: 56 / 56
* Files with license information: 56 / 56

Unfortunately, your project is not compliant with version 3.0 of the REUSE Specification :-(

It should probably be under "missing licenses" as well.

According to the SPDX page: AGPL-3.0 and GPL-3.0-or-later are correct identifiers.

What is interesting AGPL, is actually as AGPL-1.0 in source of reuse, but no matter what I try, it says the identifier is invalid.

$> reuse init
Initializing project for REUSE.

What license is your project under? Provide the SPDX License Identifier.
To stop adding licenses, hit RETURN.
AGPL-1.0

'AGPL-1.0' is not a valid SPDX License Identifier

What license is your project under? Provide the SPDX License Identifier.
To stop adding licenses, hit RETURN.
AGPL-3.0

'AGPL-3.0' is not a valid SPDX License Identifier

What license is your project under? Provide the SPDX License Identifier.
To stop adding licenses, hit RETURN.
GPL-3.0

'GPL-3.0' is not a valid SPDX License Identifier

What license is your project under? Provide the SPDX License Identifier.
To stop adding licenses, hit RETURN.
GNU Affero General Public License v3.0

'GNU Affero General Public License v3.0' is not a valid SPDX License Identifier

What license is your project under? Provide the SPDX License Identifier.
To stop adding licenses, hit RETURN.
GPL-3.0-or-later

What other license is your project under? Provide the SPDX License Identifier.
To stop adding licenses, hit RETURN.
GNU General Public License v3.0 or later

'GNU General Public License v3.0 or later' is not a valid SPDX License Identifier

What other license is your project under? Provide the SPDX License Identifier.
To stop adding licenses, hit RETURN.