Currently the SPDX identifier of Jaybird is listed in README.md. Expand this to all files and the JAR itself.

Things to do (NOTE: this is not necessarily the order these operations should be performed):

1. Replace current LGPL license notice in individual source files with

   Firebird Open Source JDBC Driver

   SPDX-License-Identifier: LGPL-2.1-or-later

   All individual contributions remain the Copyright (C) of those
   individuals. Contributors to this file can be obtained from a source
   control history command.

   All rights reserved.

   Note the removal of "This file was created by members of the firebird development team.", as this is not always true: some files are or were created by outside contributors.

   Before applying this change, double check if removing the current header is appropriate and allowed by their respective licenses, otherwise the SPDX identifier should be added to the current header, instead of the header replaced.

2. Replace current BSD-3 clause license notice in individual source files with:

   Public Firebird Java API.

   SPDX-License-Identifier: BSD-3-Clause

   or, as we claim the intent is to dual-license these API interfaces/classes, but the current license header doesn't do that, check if we can do (as in, are we authorized to expand the license given those historic claims, or does the actual license prevail; taking into account historic authorship):

   Public Firebird Java API.

   SPDX-License-Identifier: LGPL-2.1-or-later OR BSD-3-Clause

   If this is appropriate, the global SPDX identifier becomes "LGPL-2.1-or-later OR LGPL-2.1-or-later AND BSD-3-Clause" instead of "LGPL-2.1-or-later AND BSD-3-Clause".

   Before applying this change, double check if removing the current header is appropriate and allowed by their respective licenses, otherwise the SPDX identifier should be added to the current header, instead of the header replaced.

3. Replace or rename LICENSE with LICENSES/GPL-2.1-or-later.txt with the appropriate text (and make sure it is appropriately included in the JAR/dist-zip) (NOTE: Currently the directory is named licenses, and must be renamed to LICENSES)

4. Add LICENSES/BSD-3-Clause.txt with the appropriate text (and make sure it is appropriately included in the JAR/dist-zip)

5. Check how to handle some of the "separately" licensed files (only LegacyHash.java comes to mind right now, there might be more), and its effects on the SPDX identifier

6. If point 2 or 5 changes the global identifier, update the README.md, and check if we also need to change information elsewhere (e.g. with Tidelift)

7. Add Bundle-License: LGPL-2.1-or-later AND BSD-3-Clause to the JAR manifest (see also point 2 and 5, identifier may change)

8. Maybe add a new LICENSE.txt or LICENSE file explaining licensing structure and referring to the individual license files

9. Check if and how we can include the SPDX identifier in the POM and Gradle modules file generated by Gradle

10. Create a JDP document detailing licensing and how to include the license information in individual files