Broken link on contact page and how to contribute to spdx.org

Browsing around spdx.org today, I ran across a broken link on [1] pointing at [2], which is currently down: $ curl -sI https://www.linuxfoundation.org/collaborative-projects | head -n1 HTTP/1.1 404 Not Found It seems like the current location is [3]. It looks like there are a handful of

Re: [spdx-tech] SPDX file naming

On Sat, Aug 12, 2017 at 11:27:51AM -0700, g...@sourceauditor.com wrote: > 3) [packename].spdx where packagename is the name of the package > > Note that #3 is currently in use. My concern with the current SPDXParser.spdx [1] is that it is not immediately obvious that the file applies to the

Re: [spdx-tech] minutes, summary, next steps

On Thu, Aug 17, 2017 at 03:03:15PM -0600, J Lovejoy wrote: > As promised, the summary of where we got to is here under Current Proposed > Solution: > https://wiki.spdx.org/view/Legal_Team/or-later-vs-unclear-disambiguation Is this proposal different from [1]? The only think I can see is that

Re: [spdx-tech] Short question about downwards and upwards compatibility

On Thu, Sep 14, 2017 at 10:32:37AM +0200, Maximilian Huber wrote: > But since we currently only use features which were already in 2.0 > present, it is still an open question for me. Generating files by > some older (but compatible) specification makes it easier for people > to parse the generated

[spdx-tech] OSI vs. FSF (was: Providing access to FSF license metadata)

On Fri, Oct 13, 2017 at 03:56:55PM -0400, Richard Fontana wrote: > I've been thinking about this because there's been some interest > among the FSF and OSI in seeing where exactly the lists of > FSF-recognized-as-free and OSI-approved licenses disagree. This is definitely something that would be

[spdx-tech] Allow + for license references in SPDX License Expressions

Cross-posting from [1], at Gary's suggestion [2]. I'd like to allowed + for license-ref (it's currently only for license-id [3]). There could be external licenses which offer a choice between only-this-version and or-later grants, and allowing + for license-ref makes it easier to support those

[spdx-tech] Providing access to FSF license metadata (was: Issues added based on this weeks Legal Call)

On Fri, Oct 13, 2017 at 10:20:33AM -0700, Gary O'Neall wrote: > There is a request by the FSF and approved by the legal team to add > a property to the listed licenses isFsfFree to indicate if a license > is identified by the Free Software Foundation as a Free / Libre > license. This would be a

Re: [spdx-tech] Providing access to FSF license metadata

y identical to the OSI MIT license and also does not match the > SPDX license "MIT", but does match the SPDX license "X11". They also list the Expat license as free and GPL-compatible [5], and it matches the SPDX MIT [6]. So you can say the FSF considers the SPDX MIT free and GPL

Re: [spdx-tech] Short question about downwards and upwards compatibility

On Tue, Sep 12, 2017 at 07:54:31AM -0500, Kate Stewart wrote: > Of concern, there are new fields added in 2.1 that are > not present in 2.0 (backwards compatibility), its best > the file is correctly labeled. If you use the new-in-2.1 properties [1], you need to declare 2.1. But if you don't use

Re: [spdx-tech] Proposed license test files directory

On Tue, Oct 03, 2017 at 05:05:24PM +, Manbeck, Jack via Spdx-tech wrote: > 0BSD-id-good.[c|sh|js| whatever] > 0BSD-id-bad.[c|sh|js| whatever] To address your “How will people feel about being a "bad" example” [1] I think we want to use match/no-match instead of good/bad [2]. > licenseid/ >

Re: [spdx-tech] OSI vs. FSF

On Tue, Oct 24, 2017 at 01:38:49AM -0700, W. Trevor King wrote: > "Artistic-1.0": { > "osi": { > "id": "Artistic-1.0", > "tags": [ > "osi-approved", > "discour

Re: [spdx-tech] Proposed topic for this week's tech call: Extend license expressions to include OR-MAYBE

On Mon, Nov 27, 2017 at 10:17:22PM -0800, Gary O'Neall wrote: > > binary-confidence-expression-operator = "AND" > > confidence-expression = license-expression space "CONFIDENCE" space "0." > > 1*DIGIT > > confidence-list = confidence-expression *(space confidence-expression) > > [space

Re: [spdx-tech] Proposed topic for this week's tech call: Extend license expressions to include OR-MAYBE

On Mon, Nov 27, 2017 at 08:49:08PM +, Wheeler, David A wrote: > g...@sourceauditor.com: > > - Do we agree the "OR-MAYBE" should be added? > > I agree… Philippe's recent points about weighted confidence (e.g. [1]) suggests that, even if we decide to support incomplete conclusions, an

Re: [spdx-tech] SPDX VSD

On Tue, Jun 12, 2018 at 09:59:05AM -0700, James Neushul wrote: > 1. What's up with "IsFsfLibre" .. it's in lots of licences but not > in SPDX.rdf The FSF wanted that information in our published license list [1], where we'd have an existing "OSI Approved?" column. There was lots of discussion

Re: [spdx-tech] SPDX License List 3.0 is now live!

On Fri, Dec 29, 2017 at 03:26:47PM -0500, Neal Gompa wrote: > Aww man, you've got to be kidding? You got rid of the "+" signifier > and now we have to write out words?! > > I really don't like this change. It makes things more verbose for no > benefit. This issue has seen a a lot of discussion

Re: [spdx-tech] standardLicenseHeader for EPL-1.0

On Thu, Dec 28, 2017 at 10:53:02PM +0100, Philippe Ombredanne wrote: > You may want to check out ScanCode [1]. Since I use it with top Linux > maintainers to clarify the kernel licensing and set SPDX ids, it must > not be too shabby as a license detection engine. It detects headers > alright and

Re: [spdx-tech] standardLicenseHeader for EPL-1.0

On Wed, Dec 27, 2017 at 08:18:32PM -0500, Thanh Ha wrote: > The other options available licenseText and standardLicenseTemplate seems > to have the full license header rather than what's recommended by the > Eclipse project to include a short header message [1] in code files. > … > [1]

Re: [spdx-tech] Reminder: Upcoming SPDX tech call today - topic: License Expressions

On Tue, Apr 10, 2018 at 10:43:28AM -0500, Kate Stewart wrote: > The github issues to review prior to the meeting are at: #49 > … This issue, about moving NONE to license expressions, is very similar to [1], which is about moving NOASSERTION to license

Re: [spdx-tech] SPDX short-form IDs site

On Wed, Apr 11, 2018 at 09:52:39PM +, Wheeler, David A wrote: > W. Trevor King: > > I think that would be clearer if, instead of scoping this as “SPDX > > IDs”, you scoped it as “SPDX License Expression Comments” or some > > such. > > Agreed. Perhaps call these &quo

Re: [spdx-tech] SPDX short-form IDs site

On Wed, Apr 11, 2018 at 02:59:20PM -0600, Jilayne Lovejoy wrote: > No problem, Steve. I think this all looks great, but we definitely > need to be consistent. The advice we came up with in Appendix V was > pretty well vetted, so I think that’s safe to stay within those > boundaries. > > Along the

Re: [spdx-tech] SPDX short-form IDs site

On Wed, Apr 11, 2018 at 02:56:38PM -0400, Steve Winslow wrote: > I've been working on a few pages on the SPDX website on why and how > to use SPDX short-form IDs. This looks good to me :). A few minor nits: > This is intended to be developer-focused, usable by someone who > isn't otherwise

Re: [spdx-tech] SPDX short-form IDs site

On Wed, Apr 11, 2018 at 01:39:03PM -0700, W. Trevor King wrote: > The centered entries in the table from [11] caught me out, and I > initially thought the beginning ong the “Apache-2.0 AND (MIT OR > GPL-2.0-only)” explanation was a later paragraph in the “Apache-2.0 > AND MIT” expla

Re: [spdx-tech] SPDX short-form IDs site

On Thu, Apr 12, 2018 at 08:14:30PM -0700, Bradley M. Kuhn wrote: > I suggest modifying the tutorial at https://spdx.org/ids to address > the issue head-on, with perhaps a explanation on why you would carry > license information in individual files at all. The *only* reason > it's useful to do so