Yev Bronshteyn: > How do you imagine this change working for everyone who used the > SPDX-License-Identifier format in code? Is “SPDX-License-Identifier: GPL-2.0” > now to be interpreted as “I’m licensing this under GPL 2.0 and not telling > you whether later is ok or not”? Because clearly this is not what the > developer intended to convey in using “GPL-2.0” prior to this change. > -1 on any proposal to modify the meanings of any current license identifiers. > If tools or practitioners want to be sloppy, perhaps we should add new syntax > for them (e.g. “GPL-2.0?”)....
That is *not* clear. The *spec* is clear, but it doesn't exist in a vacuum. It appears that many tools will report "GPL-2.0" when they see the GPL 2.0 license. Which means that in *practice* GPL-2.0's meaning appears to mean "GPL-2.0 at least and later ones *might* be okay but we don't know." Trying to enforce the spec's meaning may be, to many people, a change in the meaning of the license identifier (!). How common is this? I don't know. A survey might help. > That’s the thing that cannot currently be expressed, so why are we changing > what currently works instead of adding what’s missing? It's not clear it "currently works". If this change in the spec happens, it would be because it's acknowledging actual practice. --- David A. Wheeler _______________________________________________ Spdx-tech mailing list [email protected] https://lists.spdx.org/mailman/listinfo/spdx-tech
