Re: [spdx-tech] Combined version of LGPL + GPL 3.0
I think this has nothing to do with spdx-tech and it's probably best addressed by opening a ticket at https://github.com/spdx/license-list-XML/issues.toggle quoted messageShow quoted text
I think we could have the LGPL-3.0* texts be the current ones plus an optional concatenation of the GPL-3.0 text.
Max, the new combined text does not seem to be referenced in https://www.gnu.org/licenses (yet?). Do you know if they plan to update the page to include a link to it?
From: Spdx-tech@... <Spdx-tech@...> On Behalf Of Max Mehl
Sent: Wednesday, 28 July, 2021 12:35
Cc: SPDX-legal <spdx-legal@...>; spdx-tech@...
Subject: Re: [spdx-tech] Combined version of LGPL + GPL 3.0
(I mistyped the spdx-tech address, fixed here)
~ Philippe Ombredanne [2021-07-28 12:04 +0200]:
On Wed, Jul 28, 2021 at 11:01 AM Max Mehl <max.mehl@...> wrote:The ticket in the reuse-tool is public, the discussions with FSF were private with John Sullivan and Donald Robertson.In the scope of REUSE we've noticed [^1] that just providingHas this been discussed publicly?
Sorry if this has been unclear. I do not request a new license identifier but an amendment of the full text version. LGPL-3.0* requires the GPL-3.0 text, and FSF has officially provided a concatenated version.Now my request: can we get this combined version into SPDX' licenseI think that you stated explicitly this is not a new license, just a
For SPDX and other downstreams it would just make sense to use the "complete" version IMHO, as it meets users expectations.
Some examples of the new and updated clarity issues this brings:The top of the file quite clearly states that this is about the LGPL.
But of course, just from this text it's unclear how the actual code is licensed, but that's a common problem in repos using multiple licenses.
That's why SPDX license identifiers make a lot of sense, and also why the REUSE way of storing license texts is so useful.
It's very clear if you store the above license text under `LICENSES/LGPL-3.0-or-later.txt` and mark the files with
What if a project contains both GPL3 and LGPL 3-licensed code? TheyWell, in the example above, that wouldn't be any problem. You can have both GPL and LGPL licensed code in your repo, and by using SPDX expressions you can even dual-license selected files if you wanted.
Again, just by having a LICENSE file things are ambiguous anyway.
And what's the alternative for LGPL-3.0? Just using the text that SPDX provides currently is not compliant as the license requires the GPL-3.0 to be present. What changed now is that there is an official upstream combined version, so SPDX should use it.
Now say the author added a license identifier in the code saying thatI get your point, and it's also not the most ideal outcome, but as written above I think the situation improved.
And of course we need explicit statements, and thanks to the combination of SPDX and REUSE that's a common best practice.
Max Mehl - Programme Manager - Free Software Foundation Europe Contact and information: https://fsfe.org/about/mehl | @mxmehl Become a supporter of software freedom: https://fsfe.org/join
Intel Deutschland GmbH
Registered Address: Am Campeon 10, 85579 Neubiberg, Germany
Tel: +49 89 99 8853-0, www.intel.de <http://www.intel.de>
Managing Directors: Christin Eisenschmid, Sharon Heck, Tiffany Doon Silva
Chairperson of the Supervisory Board: Nicole Lau
Registered Office: Munich
Commercial Register: Amtsgericht Muenchen HRB 186928