RE: meta-tag page

I said: David From a programmer's perspective I think the cryptic approach is FAR superior. There are lots of tools that can quickly examine files and return text with the pattern SPDX-License-Identifier: , and other tools that can trivially process the stuff after it. The above alternative

RE: meta-tag page - part II

Wolfgang Denk [mailto:w...@denx.de] But there there is no actual choice. Yes, you take the parts of the project that do not include the GPL code - and you can use this code under the MIT license for other purposes. But as soon as we talk about the thing as a whole (say, the linked

RE: SPDX ID for GPL-2.0+ with addendum ?

Perhaps there's a need to treat the license text not as a single string, but as a set. E.G., GPL-2.0+,preferred-form,link-exception. --- David A. Wheeler -Original Message- From: spdx-legal-boun...@lists.spdx.org [mailto:spdx-legal-boun...@lists.spdx.org] On Behalf Of RUFFIN, MICHEL

RE: call today!

I’m glad to see the new expression syntax, including “+”, “with”, “and”, “or”, and “;”. Big improvement. However, I suggest NOT requiring that expressions be surrounded with parentheses when there is no ambiguity (e.g., a single list of “and” or “or” at the top level). All the examples

RE: Should LGPL-3.0 be an exception rather than a main license?

I agree that the LGPL 3.0 absolutely *should* be on the license list. --- David A. Wheeler From: spdx-legal-boun...@lists.spdx.org [mailto:spdx-legal-boun...@lists.spdx.org] On Behalf Of Alan Tse Sent: Monday, March 23, 2015 7:20 PM To: Dennis Clark; J Lovejoy Cc: SPDX-legal Subject: RE:

RE: Should LGPL-3.0 be an exception rather than a main license?

J Lovejoy: GPL-3.0 WITH LGPL-3.0 (this feels a bit odd, but it would be accurate technically speaking…) [or] LGPL-3.0 I strongly believe “LGPL-3.0” is the correct answer. LGPL-3.0 is much simpler, it's much clearer to non-lawyers, and referring to it as its own name matches

RE: [Bug 1292] New: What is the correct license expression for a project with an additional patent license?

Perhaps the WITH operator's definition needs to be extended. Instead of this definition: The WITH operator semantically implies that a given license applies except under certain special circumstances Perhaps WITH should mean Modify the license listed on the left, by appending the text

RE: Is "+" a valid character of a LicenseRef idstring?

Schuberth, Sebastian wrote: > Using a + is a whart. Licenses that allow the use of other versions do so > explicitly in their texts, the GPL being the most prominent but the EPL comes > to mind too. So there is no such thing as GPL-2.0 or another version: these

RE: Is "+" a valid character of a LicenseRef idstring?

I said: > In particular, "GPL-2.0" is a license identifier, and "GPL-2.0+" is *NOT*. Just a few nitpicks on my previous email: * I realize that "GPL-2.0+" is in the list of "deprecated" license identifiers, so in some sense there is a "GPL-2.0+" license identifier. But I think it's clear what

RE: TPP software provisions

Dennis Clark: > I would be very interested to know if any of you have any thoughts about the > TPP provisions that impact software distribution, particularly source code > redistribution obligations: > http://www.keionline.org/node/2363 The TPP appears to make copylefted software illegal, e.g.,

RE: TPP software provisions

Dennis Clark: > I would be very interested to know if any of you have any thoughts about the > TPP provisions that impact software distribution, particularly source code > redistribution obligations:  > http://www.keionline.org/node/2363  I asked someone else whose legal opinion I respect about

RE: New OSI-approved licenses

Jilayne: > That sounds like a reasonable result, all things considered. I agree. In fact, I think listing both "0BSD" and "FPL-1.0.0" is a great solution, especially if the SPDX website includes notices with each similar to the text at https://opensource.org/licenses/FPL-1.0.0: > Note: There

Please add fields for FSF-approved, Debian-acceptable, and Fedora-good

Can there please *ALSO* be standard fields to report if the license is: * a free license as approved by the Free Software Foundation (FSF) [Proposed field name: “FSF-approved”] * a free license acceptable to Debian main [Proposed field name “Debian-acceptable”] * a "good" license according to

RE: New License/Exception Request: BSD-3-Clause-NoNuclear

> [1] https://www.google.com/search?q="intended for use in the design%2C > construction%2Coperation or maintenance of any nuclear facility" That's a completely different legal text. I agree that "not intended for use in the design, construction, operation, or maintenance of any nuclear

RE: FW: Please add fields for FSF-approved, Debian-acceptable, and Fedora-good

comment about all licenses, and if it’s optional it will be *much* easier to distribute the work. --- David A. Wheeler From: Kate Stewart [mailto:kstew...@linuxfoundation.org] Sent: Friday, April 01, 2016 2:21 PM To: Gary O'Neall Cc: J Lovejoy; SPDX-legal; Wheeler, David A Subject: Re: FW: Please

RE: New License/Exception Request: BSD-3-Clause-NoNuclear

Eric Weddington [mailto:eric_wedding...@trimble.com]: > Where SPDX is at now, is that it says one thing, but does another. > Yes, the website says that the SPDX License List is a list of "commonly found > open source licenses".  But if we're going to talk about restriction use then > it's too

RE: Software Package Data Exchange (SPDX) specification for Public Domain, Government Works? Possible New License/Exception Request

Gisi, Mark: > The absence of Public Domain from the license list was not an oversight. A > fair amount of discussion took place to decide how to handle a public domain > designation. The current practice is to create a LicenseRef (a user defined > license reference that is local to an SPDX

RE: HPND & NTP

Jilayne’s recommendation makes sense to me…! --- David A. Wheeler From: spdx-tech-boun...@lists.spdx.org [mailto:spdx-tech-boun...@lists.spdx.org] On Behalf Of J Lovejoy Sent: Friday, October 07, 2016 4:21 AM To: SPDX-legal Cc: spdx-t...@lists.spdx.org Subject: HPND & NTP Hi All, During the

New License Request: FB-Patents-2.0

Based on feedback from W. Trevor King (thank you!!), here is round 2. Here I propose this Facebook rider as a new *license* instead of separate license *exception*. The proposal is below; I'm including a modified "INTRODUCTION" to give context. INTRODUCTION: Many Facebook projects, including the

RE: Your license: full name and identifier - BSD-2-Clause-Patent?

> From: Richard Fontana [mailto:font...@opensource.org] > BSD+Patent is not the React license. React uses the 3-clause BSD > license along with a patent license grant with some termination language in a > separate file: > https://github.com/facebook/react/blob/master/PATENTS (which has been >

RE: Your license: full name and identifier - BSD-2-Clause-Patent?

Is the final formal SPDX name for React, etc., going to be "BSD-2-Clause-Patent"? That's what is listed here: https://opensource.org/licenses/BSDplusPatent Thanks. --- David A. Wheeler > -Original Message- > From: spdx-legal-boun...@lists.spdx.org [mailto:spdx-legal- >

New License/Exception Request: ANY-PATENT-ASSERTION-TERMINATES-2.0 as a new exception

INTRODUCTION: Many Facebook projects, including the widely-used React.js, have a different license approach than others: They use a stock OSS license *with* a special patent-related rider (in the case of React.js, this is in a file named PATENTS). This patent rider is asymmetric, which has led

RE: Your license: full name and identifier - BSD-2-Clause-Patent?

Smith, McCoy [mailto:mccoy.sm...@intel.com] > Adding to the confusion is that FB frequently refers to their React.js > license as > "BSD+Patents" (plural), although that nomenclature appears somewhat > recent (and, I think, post-dates the submission of the "BSD+Patent" -- > singular -- license to

RE: minutes, summary, next steps

W. Trevor King: > Is this proposal different from [1]? The only think I can see is that the old > “GPL-2.0 by itself is unclear” issue is now being explicitly embraced (while > [1] > listed it as a potential issue). > > Also, do we have a preferred phrasing for a grant like: > > This program

RE: New License/Exception Request: EPL-2.0

Kate Stewart: > Possibly you're using WITH (which is restricted to only refer to exceptions > when you mean to use AND?? > Does the following look like what you're trying to represent? > EPL-2.0 > EPL-2.0 AND GPL-2.0 > EPL-2.0 AND (GPL-2.0 with Classpath-exception-2.0) Those are *syntactically*

Two kinds of license version number ambiguity

The call yesterday revealed to me that there are *two* kinds of license version ambiguity in SPDX license expressions. I don't know if this is actually a problem, or if it is, that solving it is worth the trouble. For many people the "second kind" is probably immaterial. However, I want to

RE: minutes, summary, next steps

Gary @ sourceauditor.com: > Since "-" is an allowed character for a license ID, it would be more > challenging to write a parser for the "-only" operator since we would have to > determine if the "-" is part of the ID or is part of the operator. BTW "+" > is not > allowed in the license ID and

RE: [spdx-tech] various threads on "only" suffix (for GPL)

J Lovejoy: > Thanks Bradley. Your point re: other licenses building in a de facto “or > later” > clause versus the GPL family of licenses leaving the choice to the copyright > holders is exactly the thing I wanted to confirm and is also (I think, but > need > to do more thinking on this) why

RE: New OSI approved license (BSD+Patent)

> So basically “use an exception when the author asks for it, otherwise use a > new license”. Typically the "WITH" clauses are for a separate fragment of text that can be added to the "end" of a base license as a "rider". It looks like this license text has it all merged in a single document.

RE: New License Request: The Glasgow Haskell Compiler License

Richard Fontana: > The way I read the matching guidelines this license does not actually match > to BSD-3-Clause, even though it obviously should. I think the problem is > that I am reading the matching guidelines more literally than they may be > intended to be read, but given that this is

RE: New License Request: The Glasgow Haskell Compiler License

David Parrish: > 1. Provide a proposed Full Name for the license or exception. > The Glasgow Haskell Compiler License > 2. Provide a proposed Short Identifier. > ghc >3. Provide a functioning url reference to the license or exception text, >either from the author or a community recognized source.

RE: New license proposal: Verbatim

J Lovejoy: > I think this may be solving a problem we don’t have. While you are precise > here, I think the operative goal is to understand the license for the code... I agree. I think the point of SPDX is to enable people to understand the licenses of the software being used (or under

RE: GPLv2 - Github example

W. Trevor King: > >> But you can't define a LicenseRef in sitations (like npm [1]) where > >> the only thing you can set is a license expression and you don't have > >> access to the broader SPDX spec. > >> [1]: https://docs.npmjs.com/files/package.json#license > Gisi, Mark: > This is not a

RE: GPLv2 - Github example

Mark Gisi: > LicenseRefs are critical for creating SPDX files. I disagree, for at least two reasons: 1. A vast amount of software does *NOT* require weird special-case licenserefs. 2. Many people who use SPDX will never see nor use a SPDX file. Instead, many people use SPDX *exclusively* for

RE: "unclear version" and OR-MAYBE operators (was: reminder: call Thursday)

W. Trevor King: > > ? = “unclear version” - this will be a new modifier to indicate there > > is a lack of clarity as to the license version regarding if any > > version, or later, or only applies, e.g., I found the text of GPLv2, > > but I’m not sure if it’s “only “ or “or later” because there is

RE: New License/Exception Request: EPL-2.0

Regarding EPL-2.0 at ... Richard Fontana: > I think you're right about the intent. The  annoying thing here is the > ceremonial wording of Exhibit A says nothing about compatibility as such and > instead seems to merely express the traditional concept of

RE: only/or later and the goals of SPDX

John Sullivan: > A key part is missing in the description of the original FSF proposal here > though -- which is deprecating the existing GPL-2.0 and similar "plain" > identifiers for GNU licenses so that the identifiers used always indicate > whether the version is "only" or "any later". > > As I

RE: signifigance of nested parenthesis with only ORs? (was: OpenJ9 license)

Bradley M. Kuhn: > Could you explain a bit further why the extra parenthesis grouping is > needed when only ORs are involved? As you guessed, the parentheses are not *needed*. The SPDX spec says that parentheses SHOULD be used when there are multiple license identifiers or license refs, but

RE: signifigance of nested parenthesis with only ORs? (was: OpenJ9 license)

Bradley M. Kuhn: > So you can confirm there is *absolutely* no semantic licensing difference > between a series of OR expressions with or without parenthetical > groupings? I don't speak for SPDX :-). But I can read, and hopefully that's something :-). I don't see anything in the SPDX

RE: Spec recommendation for paren encapsulation? (was: signifigance of nested parenthesis with only ORs?)

W. Trevor King [mailto:wk...@tremily.us]: > The Appendix V wording for that is: > > Representing Multiple Licenses > > Multiple licenses can be represented using a SPDX license expression > as defined in Appendix IV. A set of licenses must be enclosed in > parentheses (this is a

RE: Spec recommendation for paren encapsulation? (was: signifigance of nested parenthesis with only ORs?)

Gary O'Neall [mailto:g...@sourceauditor.com]: > If we have more than one line for a compound set of licenses, it would be > ambiguous if the text following the first line of a compound license is part > of the license expression or just some other text. To solve this ambiguity, > we introduced

RE: update on only/or later etc.

David A. Wheeler: > > To answer that question, "it's at least GPL-2.0, and might be more" > > s important information, and I think it's information that the SPDX > > license expression should include. Philippe Ombredanne [mailto:pombreda...@nexb.com] > Is this really important to know this fact

RE: update on only/or later etc.

J Lovejoy: > Do NOT add a identifier or operator, etc. for the found-license-text-only > scenario where you don’t know if the intent of the copyright holder was “only > or “or later” and are thus left to interpret clause I disagree, sorry. > - we don’t need to solve this right now and we can

RE: update on only/or later etc.

J Lovejoy [mailto:opensou...@jilayne.com]: > If this is a potential problem once GPL-2.0 is changed to GPL-2.0-only, then > it is currently a problem. Yes indeed, that's my point :-). > And perhaps by altering the current identifier (GPL-2.0) to be more explicit > (GPL-2.0-only) we will expose

RE: Some problems discovered with CC BY-SA license identifiers

Bradley M. Kuhn: > I therefore suggest two changes to the SPDX License List: > > * Change existing Full Names to: > "Creative Commons Attribution Share Alike 4.0 International" > for the 4.0 version and, > "Creative Commons Attribution Share Alike Unported" > for the