Initial version of pre-commit "Check SPDX-License-Identifier"

[rwgk]

Description

Closes #586

Minimalistic implementation: toolshed/check_spdx.py

New .spdx-ignore: enumerates all files that do not contain SPDX-License-Identifier:

[copy-pr-bot]

Auto-sync is disabled for draft pull requests in this repository. Workflows must be run manually.

Contributors can view more details about this message here.

[copy-pr-bot]

Auto-sync is disabled for ready for review pull requests in this repository. Workflows must be run manually.

Contributors can view more details about this message here.

[rwgk]

@kkraus14 @leofang Currently we have:

$ git ls-files | wc -l
340

$ tail -n +2 .spdx-ignore | wc -l
195

Do you want to do the cleanup (add missing SPDX identifiers) in this PR, or separately?

[leofang]

Let's exclude the following files:

• .gitattributes & .gitignore: it is just odd to even touch Git-related files
• .github/BACKPORT_BRANCH: adding comments to this file requires fixing parsing logics
• all markdown (.md) files: I've never see copyright statements or spdx identifiers added to them
• all LICENSE files: ditto, they need to be presented exactly with the verbatim from legal as-is
• all binary files (ex: .png)
• all files under cuda_bindings/examples:
  • this is a @aterrel @kkraus14 question that we might also need to check with Rob A internally: All CUDA C/C++ samples are under BSD-3 in the original repo: https://github.com/NVIDIA/cuda-samples, so do we really need to make their Python counterparts proprietary?
• cuda_core/cuda/core/experimental/dlpack.h: this is vendored from the public repo, we should not change its license

[rwgk]

Let's exclude the following files:

• .gitattributes & .gitignore: it is just odd to even touch Git-related files

• .github/BACKPORT_BRANCH: adding comments to this file requires fixing parsing logics

• all markdown (.md) files: I've never see copyright statements or spdx identifiers added to them

• all LICENSE files: ditto, they need to be presented exactly with the verbatim from legal as-is

• all binary files (ex: .png)

• all files under cuda_bindings/examples:

  • this is a @aterrel @kkraus14 question that we might also need to check with Rob A internally: All CUDA C/C++ samples are under BSD-3 in the original repo: https://github.com/NVIDIA/cuda-samples, so do we really need to make their Python counterparts proprietary?

• cuda_core/cuda/core/experimental/dlpack.h: this is vendored from the public repo, we should not change its license

All done.

This is a full cleanup now:

• The .spdx-ignore file is much smaller now, and uses the exact same syntax as .gitignore (implemented via pathspec.PathSpec.from_lines("gitwildmatch", lines)).

• I fixed up all other files. Please see the individual commits for the steps.

• As the last step, I removed the EULA paragraphs, thinking that they are obsolete after adding the SPDX-License-Identifier lines. (That's easy to undo, if necessary.)

Could you please do a full review?

After this PR is approved I will:

• Trigger GitHub Actions. — To not waste CI runner time, I only tested locally thus far; it seems pretty unlikely that the changes here cause breakages.

• Backport the changes here to the code generator inputs (and verify that the code generator outputs match what we have here).

• Wait for you to review the code generator changes, then merge everything in short succession.

[leofang]

Thanks a lot for the cleanup, Ralf!

As the last step, I removed the EULA paragraphs, thinking that they are obsolete after adding the SPDX-License-Identifier lines.

Yes, I agree this makes it cleaner. The two lines (copyright & SPDX license identifier) are enough.

[rwgk]

/ok to test 85e0182

[kkraus14]

If we're doing a big cleanup here, we should also move the copyright statements to use SPDX copyright statements instead. I.e. SPDX-FileCopyrightText.

[rwgk]

If we're doing a big cleanup here, we should also move the copyright statements to use SPDX copyright statements instead. I.e. SPDX-FileCopyrightText.

Sounds good. I could try to squeeze that in later (another weekend). I wouldn't know what exactly to do though. Could you please describe the exact requirements in an issue?

[kkraus14]

Might be worth trying this pre-commit hook as well: https://github.com/espressif/check-copyright

It looks to have the ability to automatically update files that don't meet the check as well?

[rwgk]

It looks to have the ability to automatically update files that don't meet the check as well?

We have the unusual situation that we have to backport to the code generators (in two different repos), which is probably 99% of the manual work, as it stands.

I want to propose to take one step at a time.

• Let's get into a clean(er) state with something straightforward like this PR. — This PR takes care of SPDX-License-Identifier and is basically done already, except for the work to backport.

• Follow-on PR to take care of SPDX-License-Identifier. (Whenever I get to it, considering main priorities; currently CCCL C: NVRTC and nvJitLink should be loaded at run-time instead of dynamically linked cccl#3979)

• Then maybe swap out the (really small) toolshed script with an off-the-shelf pre-commit hook.

[rwgk]

/ok to test 9c54b37

[rwgk]

@leofang Assuming testing here passes as expected, this PR and the cython-gen update are ready for merging.

[rwgk]

Forgot to add: no changes needed for cybind

[leofang]

Everything as before, but using -DCMAKE_BUILD_TYPE=MinSizeRel, I'm also getting the double free or corruption error.

I am not sure I follow -- what's this for?

[rwgk]

Oops sorry I was jumping between PRs. Please ignore! (This was for pybind11) Get Outlook for iOS<https://aka.ms/o0ukef>

…

________________________________ From: Leo Fang ***@***.***> Sent: Tuesday, May 13, 2025 6:30:26 PM To: NVIDIA/cuda-python ***@***.***> Cc: Ralf Grosse Kunstleve ***@***.***>; Assign ***@***.***> Subject: Re: [NVIDIA/cuda-python] Initial version of pre-commit "Check SPDX-License-Identifier" (PR #625) [https://avatars.githubusercontent.com/u/5534781?s=20&v=4]leofang left a comment (NVIDIA/cuda-python#625)<#625 (comment)> Everything as before, but using -DCMAKE_BUILD_TYPE=MinSizeRel, I'm also getting the double free or corruption error. I am not sure I follow -- what's this for? — Reply to this email directly, view it on GitHub<#625 (comment)>, or unsubscribe<https://github.com/notifications/unsubscribe-auth/AAFUZACJTFTGSPM34H6KXJ326KMDFAVCNFSM6AAAAAB46Q46ECVHI2DSMVQWIX3LMV43OSLTON2WKQ3PNVWWK3TUHMZDQNZYGM3TAMJRHE>. You are receiving this because you were assigned.Message ID: ***@***.***>

[rwgk]

/ok to test 33f5a49

[rwgk]

I didn't trigger the CI because the only file changed since the last full run is .pre-commit-config.yaml. pre-commit.ci - pr runs immediately on push, and succeeded. If there are no further changes, this could be admin-merged.

The codegen PR is in sync, and I ran the codegen for all modules (driver, runtime, nvrtc) to be sure there are no overlooked sideeffects anymore.

[github-actions]

Doc Preview CI
Preview removed because the pull request was closed or merged.