When doing OSS IP Compliance scanning, our own files (such as the basefiles package) should contain a proper license header.
As we don't want to add the full license header in all files and every time, it may be better to use the short SPDX header statements:
https://spdx.github.io/spdx-spec/v2.3/using-SPDX-short-identifiers-in-source-files/
Example 2 with Copyright:
# Copyright 2023 Contributors to the Eclipse Leda project
# Copyright 2023 ETAS GmbH
# SPDX-License-Identifier: Apache-2.0
There are also additional short identifiers, which may be suitable to add:
SPDX-FileType: TEXTSPDX-FileCopyrightText: Copyright 2023 Contributors to the Eclipse Leda project.SPDX-FileContributor: Modified by Mike Haller <mike.haller@bosch.com>
See https://spdx.github.io/spdx-spec/v2.3/file-tags/
When doing OSS IP Compliance scanning, our own files (such as the
basefilespackage) should contain a proper license header.As we don't want to add the full license header in all files and every time, it may be better to use the short SPDX header statements:
https://spdx.github.io/spdx-spec/v2.3/using-SPDX-short-identifiers-in-source-files/
Example 2 with Copyright:
There are also additional short identifiers, which may be suitable to add:
SPDX-FileType: TEXTSPDX-FileCopyrightText: Copyright 2023 Contributors to the Eclipse Leda project.SPDX-FileContributor: Modified by Mike Haller <mike.haller@bosch.com>See https://spdx.github.io/spdx-spec/v2.3/file-tags/