Hi Kate and Jilayne, Rats. I was hoping for a quick answer.
FWIW, I was trying to submit FOSSology results in your tools shoot out, but our use of characters SPDX disapproves of shut me down. I’m trying to get these all resolved for our 3.0 release Oct 5. If you are interested I’ve pasted in the email I sent to our developer list showing all the instances where we violate the SPDX character set and what my proposal is to fix them. Note that my suggestion for conjunctive and disjunctive licenses does not match what SPDX wants. Please ignore those. They are the subject of another thread Michael Jaeger started with SPDX-legal. Thanks, Bob Gobeille [email protected] > Begin forwarded message: > > From: "Gobeille, Robert" <[email protected]> > Subject: non-SPDX valid license name characters > Date: August 18, 2015 at 4:39:43 PM MDT > To: [email protected] > > We are close to our RC1 date so I need comments on this quickly. > > Concerning https://github.com/fossology/fossology/issues/492 - Invalid > characters in license names > I’ve identified the following reported licenses that need to have their short > named changed to be compliant with SPDX 2 allowed characters in license > names. Note that some of these may be legacy names and no longer reported. > The list came from two different fossology installations and not from parse.c. > > The SPDX allowed characters are 'a'-'z', 'A'-'Z', '0'-'9', '+', '_', '.', and > '-'. > I’ve found the following non-SPDX allowed characters in our short names: > ()/!'&:?[] > > I propose the following: > > 1) remove ‘!’ from the name. This effects: > Aladdin(Closed-Source!) > Non-commercial! > Non-profit! > Not-for-sale! > Not-Free! > Not-OpenSource! > Proprietary! > Example: “Proprietary" > > 2) Replace ‘/‘ with ‘-‘ (dash). This effects: > Helix/RealNetworksEULA > Helix/RealNetworks-EULA > JPEG/netpbm > MIT/BSD > MPL/TPL-1.0 > MySQL/FLOSS > Novell/SUSE > X/Open-style > zlib/libpng > zlib/libpng-possibility > Example: “zlib-libpng-possibility" > > 3) Replace ‘(‘ with an underscore. This effects: > > Adaptec(RESTRICTED) > AGFA(RESTRICTED) > Aladdin(Closed-Source!) > Aladdin(RESTRICTED) > AndroidFraunhofer(Commercial) > AndroidSDK(Commercial) > Apple(FontForge) > Apple(Sample) > ATT(Non-commercial) > Baekmuk(Hwan) > Broadcom(Commercial) > CECILL(dual) > Genivia(Commercial) > GNU-style(EXECUTE) > ImageMagick(Apache) > Intel(Commercial) > Intel(RESTRICTED) > Public-domain(C) > QT(Commercial) > RedHat(Non-commercial) > SCO(commercial) > See-doc(OTHER) > See-file(COPYING) > See-file(copyright|license) > See-file(LICENSE) > See-file(README) > Skype(Non-commercial) > Sleepycat(Non-commercial) > SugarCRM(attribution) > Sun(Non-commercial) > Sun(RESTRICTED) > Sun(tm) > UnclassifiedLicense(PS) > USC(Non-commercial) > U-Wash(Free-Fork) > WTI(Not-free) > YaST(SuSE) > > 3) Remove ‘)‘. This effects the same names as above for ‘(‘ > Example: “YaST_SuSE" > > 4) Remove single quotes. This effects: > > Gov't-rights > Gov't-work > O'Reilly > O'Reilly-style > Example: “OReilly-style" > > 5) Replace ‘&’ with “-and-“. This effects: > GPL-2.0+&GPL-3.0+ > MIT&BSD > Example: “MIT_and_BSD" > > 6) Replace ‘:’ with “_or_“. This effects: > > GPL-2.0:3.0 > GPL-2.0+:3.0 > Example: "GPL-2.0+_or_3.0" > > 7) Remove ‘?’. This effects: > > GPL-3? > LGPL-3? > Example: “LGPL-3" > > 8) For the square brackets, remove them so that: > CopyLeft[1] > CopyLeft[2] > becomes “CopyLeft” > > and for the following replace the leading bracket “[“ with an underscore and > remove the trailing bracket. So > > GPL-2.1[sic] > GPL-2.1+[sic] > becomes GPL-2.1_sic, and GPL-2.1+_sic > > Comments? > > Thanks, > Bob Gobeille > > > ——————————— MASTER LIST OF NON SPDX COMPATIBLE LICENSE NAMES ———————— > Adaptec(RESTRICTED) > AGFA(RESTRICTED) > Aladdin(Closed-Source!) > Aladdin(RESTRICTED) > AndroidFraunhofer(Commercial) > AndroidSDK(Commercial) > Apple(FontForge) > Apple(Sample) > ATT(Non-commercial) > Baekmuk(Hwan) > Broadcom(Commercial) > CECILL(dual) > Genivia(Commercial) > GNU-style(EXECUTE) > Gov't-rights > Gov't-work > GPL-2.0:3.0 > GPL-2.0+:3.0 > GPL-2.0+&GPL-3.0+ > GPL-2.1[sic] > GPL-2.1+[sic] > GPL-3? > Helix/RealNetworksEULA > Helix/RealNetworks-EULA > ImageMagick(Apache) > Intel(Commercial) > Intel(RESTRICTED) > JPEG/netpbm > LGPL-3? > MIT/BSD > MIT&BSD > MPL/TPL-1.0 > MySQL/FLOSS > Non-commercial! > Non-profit! > Not-for-sale! > Not-Free! > Not-OpenSource! > Novell/SUSE > O'Reilly > O'Reilly-style > Proprietary! > Public-domain(C) > QT(Commercial) > RedHat(Non-commercial) > SCO(commercial) > See-doc(OTHER) > See-file(COPYING) > See-file(copyright|license) > See-file(LICENSE) > See-file(README) > Skype(Non-commercial) > Sleepycat(Non-commercial) > SugarCRM(attribution) > Sun(Non-commercial) > Sun(RESTRICTED) > Sun(tm) > UnclassifiedLicense(PS) > USC(Non-commercial) > U-Wash(Free-Fork) > WTI(Not-free) > X/Open-style > YaST(SuSE) > zlib/libpng > zlib/libpng-possibility > On Aug 19, 2015, at 12:05 PM, Kate Stewart <[email protected]> > wrote: > > Hi Bob, > Good flag. This is a bug. > > I'll get it into the system, and will bring it up for discussion on > the next tech call. > > Kate > > On Wed, Aug 19, 2015 at 12:50 PM, J Lovejoy <[email protected] > <mailto:[email protected]>> wrote: > Hi Bob, > > I’m copying the SPDX tech team on this, as I suspect they will be better > suited to answer your question or address any issues here :) > > Thanks, > Jilayne > > SPDX Legal Team co-lead > [email protected] <mailto:[email protected]> > > > > On Aug 19, 2015, at 11:41 AM, Gobeille, Robert <[email protected] > > <mailto:[email protected]>> wrote: > > > > We (FOSSology) have discovered some of our license short names that violate > > your list of allowed characters. For example, here is the output from your > > verification tool when I ran it against your three sample packages from the > > backoff this week: > > > > bobg$ java -jar spdx-tools-2.0.2-jar-with-dependencies.jar Verify > > SPDX2_time_1439848453.rdf > > WARN [main] (ListedLicenses.java:342) - Unable to access the SPDX listed > > licenses at http://www.spdx.org/licenses <http://www.spdx.org/licenses>. > > Using local file copy of SPDX listed licenses > > This SPDX Document is not valid due to: > > Invalid license id 'LicenseRef-Gov't-work'. Must start with > > 'LicenseRef-' and made up of the characters from the set 'a'-'z', 'A'-'Z', > > '0'-'9', '+', '_', '.', and '-'. > > Invalid license id 'LicenseRef-JPEG/netpbm'. Must start with > > 'LicenseRef-' and made up of the characters from the set 'a'-'z', 'A'-'Z', > > '0'-'9', '+', '_', '.', and '-'. > > Invalid license id 'LicenseRef-See-doc(OTHER)'. Must start with > > 'LicenseRef-' and made up of the characters from the set 'a'-'z', 'A'-'Z', > > '0'-'9', '+', '_', '.', and '-'. > > Invalid license id 'LicenseRef-Non-profit!'. Must start with > > 'LicenseRef-' and made up of the characters from the set 'a'-'z', 'A'-'Z', > > '0'-'9', '+', '_', '.', and '-'. > > > > But Appendix IV http://spdx.org/sites/spdx/files/SPDX-2.0.pdf > > <http://spdx.org/sites/spdx/files/SPDX-2.0.pdf> says that the valid > > characters for idstring are: > > > > idstring = 1*(ALPHA / DIGIT / “-" / ".” ) > > > > I realize you consider the ‘+’ to be an expression operator, as in GPL-2.0+ > > so that is ok to use in our license names. But what about the underscore? > > The verifier says that an underscore is a valid character but I don’t see > > that it is allowed in the SPDX 2 spec. What am I missing? > > > > Thanks, > > Bob Gobeille > > [email protected] <mailto:[email protected]> > > _______________________________________________ > > Spdx-legal mailing list > > [email protected] <mailto:[email protected]> > > https://lists.spdx.org/mailman/listinfo/spdx-legal > > <https://lists.spdx.org/mailman/listinfo/spdx-legal> > > _______________________________________________ > Spdx-legal mailing list > [email protected] <mailto:[email protected]> > https://lists.spdx.org/mailman/listinfo/spdx-legal > <https://lists.spdx.org/mailman/listinfo/spdx-legal> >
_______________________________________________ Spdx-tech mailing list [email protected] https://lists.spdx.org/mailman/listinfo/spdx-tech
