From f8dfb8245b6f372d018739c02f11b0a25b9bf11a Mon Sep 17 00:00:00 2001
From: "Jonathan D.A. Jewell" <6759885+hyperpolymath@users.noreply.github.com>
Date: Tue, 19 May 2026 21:02:30 +0100
Subject: [PATCH] licence(#7): normalise PMPL-1.0 -> PMPL-1.0-or-later (owner
 carve-out, SPDX-only)

Not a relicence; owner-sanctioned standards LICENCE-POLICY A8(1); Refs LICENCE-DEBT-LEDGER-2026-05-18.

Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
---
 .github/workflows/codeql.yml         | 2 +-
 .github/workflows/scorecard.yml      | 2 +-
 .github/workflows/secret-scanner.yml | 2 +-
 3 files changed, 3 insertions(+), 3 deletions(-)

diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml
index 9e32d15..438fe5d 100644
--- a/.github/workflows/codeql.yml
+++ b/.github/workflows/codeql.yml
@@ -1,4 +1,4 @@
-# SPDX-License-Identifier: PMPL-1.0
+# SPDX-License-Identifier: PMPL-1.0-or-later
 name: CodeQL Security Analysis
 
 on:
diff --git a/.github/workflows/scorecard.yml b/.github/workflows/scorecard.yml
index 29853b2..7027732 100644
--- a/.github/workflows/scorecard.yml
+++ b/.github/workflows/scorecard.yml
@@ -1,4 +1,4 @@
-# SPDX-License-Identifier: PMPL-1.0
+# SPDX-License-Identifier: PMPL-1.0-or-later
 name: OSSF Scorecard
 on:
   push:
diff --git a/.github/workflows/secret-scanner.yml b/.github/workflows/secret-scanner.yml
index 8801d53..cb9cdf8 100644
--- a/.github/workflows/secret-scanner.yml
+++ b/.github/workflows/secret-scanner.yml
@@ -1,4 +1,4 @@
-# SPDX-License-Identifier: PMPL-1.0
+# SPDX-License-Identifier: PMPL-1.0-or-later
 # Prevention workflow - scans for hardcoded secrets before they reach main
 name: Secret Scanner