While reviewing [1], I noticed: 1 text file with license text of GPL-2.0 = GPL-2.0
That makes sense if we're talking about the estimated project license, but the license for the GPL-2.0 content itself (which would go in the *file's* LicenseConcluded [2]) for the is “verbatim copies only” [3]. There are also other works under that license, e.g. [4], which use the exact same language. Everyone is permitted to copy and distribute verbatim copies of this license document, but changing it is not allowed. I recommend we add a new license identifier for that license so we can write SPDX for the license-list-XML repository without having to go beyond official short identifiers. And we may want to add a field to our license XML to express the license which applies to the license itself, as concluded by the SPDX legal team. Proposed full name: Verbatim License Proposed short identifier: Verbatim OSI approved: no (and it clearly does not support the OSI's derived works condition [5]). Cheers, Trevor [1]: https://wiki.spdx.org/index.php?title=Legal_Team/only-operator-proposal [2]: https://spdx.org/spdx-specification-21-web-version#h.2lwamvv [3]: https://github.com/spdx/license-list-XML/blob/f3dc56f2424e8e93732f655637e0542c5557588c/src/GPL-2.0.xml#L29-L30 [4]: https://developercertificate.org/ [5]: https://opensource.org/osd#derived-works -- This email may be signed or encrypted with GnuPG (http://www.gnupg.org). For more information, see http://en.wikipedia.org/wiki/Pretty_Good_Privacy
Everyone is permitted to copy and distribute verbatim copies of this license document, but changing it is not allowed.
signature.asc
Description: OpenPGP digital signature
_______________________________________________ Spdx-legal mailing list [email protected] https://lists.spdx.org/mailman/listinfo/spdx-legal
