Hi SPDX folks (legal and general list),
I want to tell you about a project I’ve been working on with Aaron Williamson and the Fintech Open Source Foundation (FINOS) that I think many of you may be interested in.
FINOS has announced the initial release of the Open Source License Compliance Handbook. The Handbook is itself an open source project, available on Github. It consists of:
- Structured compliance data about open source licenses, stored in a simple YAML format for easy consumption by machines and lawyers alike (licensed CC-BY-SA-4.0),
- A Python script to compile the license entries and introductory material into an asciidoc-formatted markup document (licensed Apache 2.0), and
- "Binaries" of the document in docx and PDF formats (as well as an intermediate DocBook version) (CC-BY-SA-4.0).
We're excited to get this resource into the hands of the community and get your input and contributions, as well as ideas on the potential to integrate this into all the great open source tooling that is out there. Aaron and I recognize that there's always the potential for ruffled feathers at efforts to "summarize" licenses and I have no doubt some of our efforts are imperfect. But the Handbook is meant for a particular purpose -- not to exhaustively summarize licenses or address every GPL corner case, but to help developers and compliance professionals address the most common requirements in the most common use cases.
Please take a look, file an issue, or submit a pull request :) (Be warned, FINOS requires signing a dreaded CLA first!)