David, Wheeler, David A wrote at 09:40 (EDT) on Thursday: > I agree that once an identifier is given a specific meaning, that > meaning MUST not change. But I don't see a big harm in creating a > new, clearer SPDX identifier for a given license. > > There should be only one "recommended" identifier for a given license, > but you could record older identifiers marking what license they refer > to, noting that it's a deprecated identifier and listing the "better" > ones instead. > > The GPL and LGPL are the most widely used OSS licenses, by most > measures, and its version distinctions really matter for many people. > Having good, clear identifiers for this especially common use case > seems like a reasonable thing to do.
My worry about your text above, which I otherwise agree fully with, is that you may be confusing two different (valid) uses of the term "license" in your explanation above: one meaning "the literal text of the license", as in the text of GPLv2, vs. a usage of GPLv2 in the wild, which could be GPLv2-only, GPLv2-or-later, GPLv2-or-later-with-some-exception, etc. In fact, as I mentioned elsewhere, if you just slap the text of GPLv2 on something and make no other statement, it's automatically GPLv2-or-later. SPDX license list needs to make these distinctions abundantly clear. It *tries* to now, but does a pretty poor job, IMO. -- -- bkuhn _______________________________________________ Spdx-tech mailing list [email protected] https://lists.spdx.org/mailman/listinfo/spdx-tech
