Re: License: spdx-license=IDENTIFIER

David A. Wheeler

Jilayne Lovejoy:
yes, I actually agree. I have long thought that the short identifiers would be better served as:
And logged this as something to bring up, but we have been busy with trying to finish other tasks and it hasn't risen to the surface. Of course, the worry is that changing the short identifiers will screw up people who are already using the SPDX License List (we endeavored to try to never change them...) There is a good number of companies already using it and probably more than we even know of. In any case, if it is going to help reduce confusion or ambiguity and we can figure out a way to make sure this change is well documented, then we need to consider making the change. I will be sure to bring this up at the General Meeting tomorrow and on the next legal call (next Thursday)
I agree that once an identifier is given a specific meaning, that meaning MUST not change. But I don't see a big harm in creating a new, clearer SPDX identifier for a given license.

There should be only one "recommended" identifier for a given license, but you could record older identifiers marking what license they refer to, noting that it's a deprecated identifier and listing the "better" ones instead.

The GPL and LGPL are the most widely used OSS licenses, by most measures, and its version distinctions really matter for many people. Having good, clear identifiers for this especially common use case seems like a reasonable thing to do.

--- David A. Wheeler


Jilayne Lovejoy
SPDX Legal Team lead

Spdx-legal mailing list

Join { to automatically receive all group messages.