Hi SPDX legal and tech teams,
I was trying to get my head around any and all issues/PRs/topics that
are license related. Please let me know if I've missed anything on the
list below!
Given the pending 2.3 release, it feels like a bunch of stuff is
attempting to get shoe-horned into the release, which is not always a
good idea. Also given the tech team spent some time discussing the
namespace proposal on Tuesday and the legal is set to discuss it this
morning, I think we ought to prioritize what we want to work on for 2.3
versus what can be pushed out to 3.0. We can't do everything and
rushing never yields a good result.
I have attempted to make a list below and put in order of priority with
my thoughts as to why:
*
**1. License namespaces: https://github.com/spdx/spdx-spec/pull/681*
This stems from a proposal from some time ago, and has been waiting to
be finalized for awhile as well. I fear that we are getting a bit off
piste from the original proposal (Mark Atwood - can you please weigh in
here and re-center us!?!) but we should try to prioritize closing this out.
*2. Update Matching Guidelines: (no PR yet, I'm working this in a Google
doc first)
*This is may not be on anyone's radar (and has definitely fallen off the
to-do list a few time), but they are woefully out-of-date so I'm moving
this up to visibility and priority! I have begun working on a "draft" of
edits in a Google doc, to then turn into a PR. Will share soon.
*
**3. Snippets and SPDX-License-Identifier tags:
https://github.com/spdx/spdx-spec/pull/464*
This seems like something that may be better discussed in the context of
3.0 ?
*4. Adding NONE to the License Expression syntax:
https://github.com/spdx/spdx-spec*
This has been around for awhile. Given NONE and NOASSERTION are already
defined (if people would read said definitions...) in the Spec, I see
this as a potentially simply lift and move in terms of where they
"live". That being said, it's still a fair amoutn of work ensuring the
wording in several places is right. It also opens up the pandora's box
in that the Annex for license expressions is in need of an overall
update. For these reasons, this seems like something better suited to be
coupled with that effort. That's my gut at this point.
*5. Add profile for multiple SPDX files with short licensing/copyright
info: https://github.com/spdx/spdx-spec/issues/502*
This seems like a lighter version of what will be the licensing profile
in 3.0. As such, maybe we should expend our energy on 3.0 and the
profiles, see where that ends up. And then go back to this?
*6. Specify which licenses are compatible with the "+" operator:
https://github.com/spdx/spdx-spec/issues/689#issuecomment-1135966938*
Admittedly, I have not read through this yet, but from the title alone
it may even be a non-issue, so putting it at bottom of list
Thanks,
Jilayne
-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.
View/Reply Online (#4534): https://lists.spdx.org/g/Spdx-tech/message/4534
Mute This Topic: https://lists.spdx.org/mt/91356638/21656
Group Owner: [email protected]
Unsubscribe: https://lists.spdx.org/g/Spdx-tech/unsub [[email protected]]
-=-=-=-=-=-=-=-=-=-=-=-
