SPDX Legal Team co-lead [email protected]
> On Oct 13, 2017, at 12:02 PM, W. Trevor King <[email protected]> wrote: > > On Fri, Oct 13, 2017 at 10:20:33AM -0700, Gary O'Neall wrote: >> There is a request by the FSF and approved by the legal team to add >> a property to the listed licenses isFsfFree to indicate if a license >> is identified by the Free Software Foundation as a Free / Libre >> license. This would be a simple Boolean type. > > I am against this in license-list-XML, for the same reasons I am > against our current osi-approved type: SPDX should not be a canonical > source of whether *someone else* has approved a license or not. I'd > much rather provide tools for Alice to start with an SDPX ID and > lookup Bob's notes for a given license. More on this in [1]. This is not really a for or against issue :) It is something that has been asked for by the SPDX community (David Wheeler, last person who asked) and discussed as something that would be nice to have, but we’d need help from the FSF to organize and maintain. Now that the FSF has asked for this directly, we are adding it. SPDX is not claiming to be a canonical source here, just reflect the same info found elsewhere. Given anyone will be able to submit a pull request, the expectation once the initial work is done, will be that the FSF will help keep this current if there are changes. As for the OSI information - this was decided to be included very very early on (probably 2010, or 2011 - SPDX License List got going in fall of 2010, if memory serves) and again as a joint decision with the OSI. At that time, they did not have the API. if there is some improved way to get to the same end point (of identifying on the SPDX license list, which licenses have been OSI-approved), then we can look into that, but I’d think it’d take some work from both SPDX and OSI to do so. > > And the OSI API [2] *already* supports lookups by SPDX ID [3]: > > $ curl -s https://api.opensource.org/license/SPDX/BSD-3-Clause | jq .keywords > [ > "osi-approved", > "popular", > "permissive" > ] > > I think the FSF should provide a similar API to expose its > license-categorization information in a structured way. Then we can > include FSF IDs in our license metadata (ideally generated through > automated matching [4]) and/or they can provide SPDX IDs in their > license metadata. User agents could ask the FSF if they consider a > license GPL-compatible, GPL-incompatible, free, non-free, > for-a-viewpoint, etc., etc. [5] in a machine-readable way. This sounds like a nice idea… but we have to work with what we have and FSF does not have such an API - what they have is what you see on the HTML page with the list of licenses they consider free/libre. > >> The field will be accessible in the JSON, RDFa, RDF/Turtle, RDF/XML, >> and RDFa formats of the license in addition to being exposed through >> the SPDX Tool Java libraries. > > I'm fine with exposing whatever you want downstream for convenience, > but I think the only thing that should go in license-list-XML and > spdx-spec is the FSF license ID. > > Cheers, > Trevor > > [1]: https://github.com/spdx/license-list-XML/issues/417 > [2]: https://opensource.org/node/822 > [3]: > https://github.com/OpenSourceOrg/api/blob/master/doc/endpoints.md#licenseschemeidentifier > [4]: https://github.com/spdx/license-list-XML/issues/418 > [5]: https://www.gnu.org/licenses/license-list.html > > -- > This email may be signed or encrypted with GnuPG (http://www.gnupg.org). > For more information, see http://en.wikipedia.org/wiki/Pretty_Good_Privacy > _______________________________________________ > Spdx-legal mailing list > [email protected] > https://lists.spdx.org/mailman/listinfo/spdx-legal _______________________________________________ Spdx-tech mailing list [email protected] https://lists.spdx.org/mailman/listinfo/spdx-tech
