Re: SPDX License List coverage for a full distro


Richard Fontana
 

On Tue, Aug 17, 2021 at 3:48 PM Warner Losh <imp@...> wrote:

I would suggest, though, that if we do this we strongly discourage people from using these identifiers
for the 'copyright + SPDX-Identifier but no boilerplate' license scenarios.
Hi Warner,

Can you explain what you mean by "copyright + SPDX-Identifier but no
boilerplate"? Sorry if it's obvious. :-)

Since Fedora--, etc isn't
well standardized, is only a place holder until standardization, and therefore generally expected
to be ephemeral, this may create issues in establishing which license is talked about, especially
if the code is copied away from one of those distributions and a fair amount of time has passed.
It's probably important to note that the current interest in adoption
of SPDX identifiers for Fedora is specifically limited to a
replacement for Fedora's longstanding "Callaway" system of license
identifiers which are pretty much exclusively used in RPM spec file
license metadata, thus analogous to other uses of SPDX or pseudo-SPDX
identifiers in package metadata seen in recent years. Thus I don't
think we are talking about scenarios where there would be copying away
of code in the sense I think you mean, but we could expect derivative
distributions to inherit the use of identifiers in RPM metadata much
as happens today.

It's not totally inconceivable that Fedora-related projects may
someday come to adopt use of the SPDX-License-Identifier construct in
source files to some degree, since some Red Hat engineers (many of
whom of course are active in Fedora-related projects) have begun to do
so. I would guess there is some such use in some Fedora-related
projects already. But historically practices of that sort have been
outside the scope of what Fedora has attempted to provide rules or
guidance on and I'm not sure I would expect that to change.

Richard



Warner

On Tue, Aug 17, 2021 at 11:41 AM Alexios Zavras <alexios.zavras@...> wrote:

Since we're all expressing agreement, let me add mine...
and remind that we have this wonderful construct that can be used for "list of licenses curated by a single entity but not necessarily on the SPDX License List": namespaces!
We can have a couple of hundred "Fedora--" or "Debian--" identifiers immediately, while waiting for the official inclusion in the list.

-- zvr

-----Original Message-----
From: Spdx-legal@... <Spdx-legal@...> On Behalf Of Matija Šuklje
Sent: Tuesday, 17 August, 2021 16:35
To: spdx-legal@...
Subject: Re: SPDX License List coverage for a full distro

Die 16. 08. 21 et hora 19:10 J Lovejoy scripsit:
What do you all think?
I don’t have much to add to what has been said so far, but just want to add a big fat +1 on everything said so far.


cheers,
Matija
--
gsm: tel:+386.41.849.552
www: https://matija.suklje.name
xmpp: matija.suklje@...
sip: matija_suklje@...







Intel Deutschland GmbH
Registered Address: Am Campeon 10, 85579 Neubiberg, Germany
Tel: +49 89 99 8853-0, www.intel.de <http://www.intel.de>
Managing Directors: Christin Eisenschmid, Sharon Heck, Tiffany Doon Silva
Chairperson of the Supervisory Board: Nicole Lau
Registered Office: Munich
Commercial Register: Amtsgericht Muenchen HRB 186928






--

Join Spdx-legal@lists.spdx.org to automatically receive all group messages.