NightOwl888 commented on issue #934: URL: https://github.com/apache/lucenenet/issues/934#issuecomment-2039940326
Lucene.NET is covered under a compound license. There were several separately licensed components that were bundled in Lucene that were ported from Java and then we also added some separately licensed .NET software from 3rd parties. See the [additional licenses](https://github.com/apache/lucenenet/blob/444e6d09ae2451988ff8fcb1d54a00d6a204fd6a/LICENSE.txt#L206-L751) in the LICENSE.txt file. Per the [Apache License Policy](https://www.apache.org/legal/release-policy.html#licensing), we **must** bundle the license file with software distributions. That being said, I don't think that fact precludes us from using an [SPDX](https://spdx.org/licenses/) license expression, but it is going to cause us slightly more maintenance to update both the expression and the license file every time the licensing changes. Perhaps we need to ping infra/legal about this request because I am not sure whether bypassing the license attributions with an SPDX will violate the Apache License Policy. It is pretty specific about including the attributions in the license and AFAIK there is no way to include them in an SPDX. I suspect we could accommodate this request if: 1. Someone works out the compound SPDX expression that we will need. 2. Someone contributes documentation on how to keep the license file and SPDX expression in sync or provides some way that it could be automated (perhaps by embedding the expressions right into the LICENSE.txt file for the additional licenses so they can be combined appropriately and maintained in one place). Either way we should document the procedure because the components that we bundle changes from time to time and we will need to have a procedure to keep it updated. 3. We continue to bundle the LICENSE.txt file in the NuGet packages as per the Apache License Policy. 4. We comply with the Apache License Policy in every other way. We need to work with infra/legal to confirm we can even do this. The SPDX expression for our packages will be quite long. Does that negate the benefit of having one? In the past, I have only used an SPDX for projects that are covered under a single license because I don't know the answer to that question. -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: dev-unsubscr...@lucenenet.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
