Martin - you read my mind, as I was just about to send an update of the outstanding OSI-SPDX License List issues. I'm copying Karl Fogel, John Cowan, as they are on the original string helping with these issues, as well as the "license-discuss" list for OSI.
Complete list (combining yours and mine) of outstanding issues as follows, with past commentary and questions indicated with"-->" 1) Apple Public Source License 1.0 & Apple Public Source License 1.1 > Was this ever OSI approved? Note at top of fedora url says: This > license is non-free. At one point, it could be found at > http://www.opensource.apple.com/apsl/1.0.txt, but that link now > redirects to APSL 2.0. A copy of the license text has been taken > from archive.org's October 01, 2007 revision. > > The Archive shows that APSL 1.2 was approved. Wikipedia claims that > > APSL 1.0 was also approved, but gives no authority for this statement. > > That also matches my recollections (there was a considerable fuss at >the > > time, because it was OSI-approved but not FSF-free, the first of the >new > > licenses with that property). --> do I understand correctly that neither 1.0 nor 1.1 were OSI approved? A little confused by email comments/string, can someone from OSI clarify? 2) Artistic License 1.0 Karl/John/OSI: > OSI approved, but only can find license on the "superseded licenses" > category list. > > Also note that Perl link has 10 clause version of license, whereas > OSI link has 9 clause with note at top about additional clause. for > searching/templating reasons, these should probably be listed as two > different licenses. Suggest naming as follows: > Artistic License 1.0 (Perl) // Artistic-Perl-1.0 > Artistic License 1.0 // Artistic-1.0 > > thoughts? Excellent idea, except maybe we should put the "(Perl)" before the version number, since "Perl" describes a flavor of the license and that flavor could conceivably happen to other versions, though we hope not. That would also match the proposed SPDX short name. Thus Artistic License (Perl) 1.0 // Artistic-Perl-1.0 Artistic License 1.0 // Artistic-1.0 Would that work for you? For now I've renamed http://opensource.org/licenses/artistic-license-1.0 to opensource.org/licenses/Artistic-1.0, edited it to link correctly to the superseding version (Artistic-2.0), and to link to a new page opensource.org/licenses/Artistic-Perl-1.0. Now, independently of the above, there is a serious bug in the Perl clause, and while I understand why it was OSI-approved, I think the OSI approved its *intended* meaning rather than its textual meaning. This should really be a separate thread, but I want to at least write it down here now, so there's a record of it somewhere: The OSI page above says: | Some versions of the artistic license contain the following clause: | | 8. Aggregation of this Package with a commercial distribution is | always permitted provided that the use of this Package is | embedded; that is, when no overt attempt is made to make this | Package's interfaces visible to the end user of the commercial | distribution. Such use shall not be construed as a distribution of | this Package. | | With or without this clause, the license is approved by OSI for | certifying software as OSI Certified Open Source. That's great, except s/commercial/proprietary/ :-(. What the text obviously means is "proprietary", and furthermore, if it were to be interpreted literally as "commercial", then it would (to my mind) be clearly not open source. I'm not sure what to do about this now. I just wanted to mention it. Any review of old licenses, such as you have done, is bound to turn up issues like this. Thank goodness it's an issue with Artistic-Perl-1.0 and not with, say, GPL-2.0 :-). JL/SPDX: in regards to adding a new license/version for Artistic License (Perl) 1.0 this is a good idea and your naming suggestions are inline with the naming protocol for SPDX, so that's all good. BUT one problemŠ the actual license on the Perl site (http://dev.perl.org/licenses/artistic.html ) is not the same as the one here (http://www.opensource.org/licenses/Artistic-Perl-1.0) --> the OSI perl version is simply the Artistic License 1.0 verbatim with the additional clause. However, the license on the Perl site has other differences. I'm attaching a Word document with a merge and compare between the OSI Artistic Perl and the Perl site Artistic Perl licenses --> anyone know what to do about this? I feel like the one on the Perl site should be captured, but what about the OSI variation? For the moment, I'm not adding the Artistic Perl license to the SPDX License List until this is sorted out, as I don't want to add one and then have to change it later. --> There also appears to be a "Clarified Artistic License" which is different yet again. That is on the SPDX license list already (and assumed to NOT be OSI approved) 3) GNU Library General Public License v2 > > Was this ever OSI approved? > >I don't know. I suspect the answer to that one would not be so hard >to find, but I want to plough to the end of this spreadsheet right now >and get these responses posted. I did a cursory search on the OSI >site and didn't find any evidence of approval. Anyone here know about >LGPL-2.0? The differences between 2.0 and 2.1, other than the name (GNU Library vs. Lesser Public License) are entirely editorial. I can provide a list of them for anyone who wants it. --> so, is that a yes, it's OSI approved? 4) Zlip/libpng license OSI lists the "zlib/libpng" license as OSI approved here - http://www.opensource.org/licenses/Zlib this text is the same as the actual zlib license, see here: http://zlib.net/zlib_license.html. However, the libpng license, while incorporating some of the same text as the zlib license, has a different disclaimer and additional text, see here: http://www.libpng.org/pub/png/src/libpng-LICENSE.txt As a result, SPDX lists these licenses separately, that is: zlib License (OSI approved) http://spdx.org/licenses/Zlib and libpng License (not OSI approved) http://spdx.org/licenses/Libpng Yet, the libpng license text actually states that it is OSI approved. --> so, first question is: was the libpng license (separately or specifically) OSI approved? If so, can we list it separately? --> Either way, can we name the two licenses to avoid confusion? (see old string re: this naming issue here - http://old.nabble.com/FW%3A--png-mng-implement--zlib-libpng-license-name-td 24275146.html) 5) Jabber Open Source License v1.0 when going through the FSF list, we decided to add and in doing so noticed the archived text here (http://archive.jabber.org/core/JOSL.pdf) is not the same as the OSI has on their site (it was OSI approved). We decided because it's an old license to hold off and not add to list yet - and resolve with OSI (with goal of having on list b/c it was OSI approved and we endeavored to have all OSI licenses on SPDX list, even if old). license text also can be found at: http://code.google.com/p/jabber-net/wiki/FAQ_License --> what to do about this? 5) adding missing OSI-approved licenses to SPDX License List: he MITRE Collaborative Virtual Workspace License (CVW License) and Reciprocal Public License, version 1.1 --> yes, we should add those; will bring it up on call this morning (in a few minutes...) 6) missing short identifiers on OSI website or in OSI urls - I have noted some where the url did not have the short identifier in the spreadsheet version of the SPDX-LL, Martin - I can help you with that, if it's not obvious. I'd love to start getting all of these resolved - OSI folks, please let me know what I can do to facilitate, help, etc.!! Cheers, Jilayne On 2/14/13 10:00 AM, "Martin Michlmayr" <t...@hp.com> wrote: >I just went through the list of OSI Superseded and Retired Licenses at >http://opensource.org/licenses/do-not-use >and updated them to use SPDX identifiers. > >I noticed that a few OSI approved (but superseded/retired) licenses >are not on the SPDX list: > > - Jabber Open Source License > http://opensource.org/licenses/jabberpl > I saw that there has been some discussion on this and needs action >from OSI: > http://lists.spdx.org/pipermail/spdx-legal/2012-November/000713.html > I'll try to find out more in OSI's archives. > > - The MITRE Collaborative Virtual Workspace License (CVW License) > http://opensource.org/licenses/mitrepl > > - Reciprocal Public License, version 1.1 > http://opensource.org/licenses/rpl1.1 > You have version 1.5 but not 1.1. > >Can you consider the last two for inclusion in the SPDX list? Once >you assign an SPDX identifier, I can update the OSI page. > >All licenses on the OSI site (except those mentioned above) should use >SPDX identifiers in their URLs now as well as in the title. If you >notice any where the SPDX identifier is missing, let me know and I'll >fix it. > >I'm aware that the SPDX list contains some OSI-approved licenses that >are not on the OSI web site (e.g. AFL-1.x, AFL-2.x, OSL-2.0). I'll >work on resolving that next. > >-- >Martin Michlmayr >Open Source Program Office, Hewlett-Packard >_______________________________________________ >Spdx-legal mailing list >Spdx-legal@lists.spdx.org >https://lists.spdx.org/mailman/listinfo/spdx-legal > _______________________________________________ Spdx-legal mailing list Spdx-legal@lists.spdx.org https://lists.spdx.org/mailman/listinfo/spdx-legal
