|
SPDX in GSoC 2023!
Hi everyone!
As every year, Google runs their Summer of Code program, where contributors get the opportunity to become part of Open Source communities. The SPDX Project has participated in the
Hi everyone!
As every year, Google runs their Summer of Code program, where contributors get the opportunity to become part of Open Source communities. The SPDX Project has participated in the
|
By
Alexios Zavras
·
#3320
·
|
|
Re: SPDX should take a stronger stance against vanity/promotional licenses
I was involved implementing SPDX license IDs as package
license metadata for a few package managers. How to handle
licenses that don't have IDs came up every time.
`LicenseRef-*` would get mentioned,
I was involved implementing SPDX license IDs as package
license metadata for a few package managers. How to handle
licenses that don't have IDs came up every time.
`LicenseRef-*` would get mentioned,
|
By
Kyle Mitchell
·
#3319
·
|
|
regular meeting at top of the hour!
Sorry for the short notice reminder.
Given the end of the month and next release time frame is rapidly approaching, we’ll focus today’s meeting on divvying up work to get licenses added.
I also
Sorry for the short notice reminder.
Given the end of the month and next release time frame is rapidly approaching, we’ll focus today’s meeting on divvying up work to get licenses added.
I also
|
By
J Lovejoy
·
#3318
·
|
|
Re: SPDX should take a stronger stance against vanity/promotional licenses
+1 to everything Steve just wrote, with one comment.
License namespaces were the first thing that came to my mind when reading the thread. Thanks that you confirmed that the proposal was never really
+1 to everything Steve just wrote, with one comment.
License namespaces were the first thing that came to my mind when reading the thread. Thanks that you confirmed that the proposal was never really
|
By
Max Mehl
·
#3317
·
|
|
Re: SPDX should take a stronger stance against vanity/promotional licenses
Thanks all for your comments in this thread. I'm not going to try to reply here to every comment, but wanted to note a few pieces that might be informative to folks who are less deep in the SPDX
Thanks all for your comments in this thread. I'm not going to try to reply here to every comment, but wanted to note a few pieces that might be informative to folks who are less deep in the SPDX
|
By
Steve Winslow
·
#3316
·
|
|
Re: SPDX should take a stronger stance against vanity/promotional licenses
If the idea is really to hunt down every license lurking in
every potentially popular public package, I can see how
distro adoption's a real big deal. Congrats! I worry about
more work for distro
If the idea is really to hunt down every license lurking in
every potentially popular public package, I can see how
distro adoption's a real big deal. Congrats! I worry about
more work for distro
|
By
Kyle Mitchell
·
#3315
·
|
|
Re: SPDX should take a stronger stance against vanity/promotional licenses
By
McCoy Smith
·
#3314
·
|
|
Re: SPDX should take a stronger stance against vanity/promotional licenses
Could I make a suggestion rooted in some engineering history here. In
the early days we tried to make global lists of relevant features (IANA
port numbers, reference constants, etc) and allowed
Could I make a suggestion rooted in some engineering history here. In
the early days we tried to make global lists of relevant features (IANA
port numbers, reference constants, etc) and allowed
|
By
James Bottomley
·
#3313
·
|
|
Re: SPDX should take a stronger stance against vanity/promotional licenses
Maybe start assigning ids for these with a format like vanity-xxx and that might make people think twice about it and actually put some work into really explaining why they need yet-another-license
Maybe start assigning ids for these with a format like vanity-xxx and that might make people think twice about it and actually put some work into really explaining why they need yet-another-license
|
By
Brian Fox
·
#3312
·
|
|
Re: SPDX should take a stronger stance against vanity/promotional licenses
D had always bothered me a little, but mostly in the context of historically preserved licenses. The BSD, CMU and MIT license families have undergone a fair amount of copying with errors and mutation.
D had always bothered me a little, but mostly in the context of historically preserved licenses. The BSD, CMU and MIT license families have undergone a fair amount of copying with errors and mutation.
|
By
Warner Losh
·
#3311
·
|
|
Re: SPDX should take a stronger stance against vanity/promotional licenses
Hi Kyle,
You raise some specific points that highlight some things we have worked on recently, so responding here inline.
Jilayne
On 1/24/23 4:13 PM, Kyle
Hi Kyle,
You raise some specific points that highlight some things we have worked on recently, so responding here inline.
Jilayne
On 1/24/23 4:13 PM, Kyle
|
By
J Lovejoy
·
#3310
·
|
|
Re: SPDX should take a stronger stance against vanity/promotional licenses
Thanks for this write-up, Richard.
Having spent an exorbitant amount of my time over the years of my involvement in SPDX trying to politely say "no" to licenses for the reasons
Thanks for this write-up, Richard.
Having spent an exorbitant amount of my time over the years of my involvement in SPDX trying to politely say "no" to licenses for the reasons
|
By
J Lovejoy
·
#3309
·
|
|
Re: SPDX should take a stronger stance against vanity/promotional licenses
+1 to Richard!
By
Ria Schalnat (HPE)
·
#3308
·
|
|
Re: SPDX should take a stronger stance against vanity/promotional licenses
If distros are seeing packaged-but-not-identified licenses
in numbers to the point of pain, I'd suggest addressing that
pain directly. Perhaps by laying a wider pipe from distros'
workflows to
If distros are seeing packaged-but-not-identified licenses
in numbers to the point of pain, I'd suggest addressing that
pain directly. Perhaps by laying a wider pipe from distros'
workflows to
|
By
Kyle Mitchell
·
#3307
·
|
|
SPDX should take a stronger stance against vanity/promotional licenses
As I've been following the issue queue for
github.com/spdx/license-list-XML/issues over the past several months,
it seems to me that you get a significant number of license
submissions like this
As I've been following the issue queue for
github.com/spdx/license-list-XML/issues over the past several months,
it seems to me that you get a significant number of license
submissions like this
|
By
Richard Fontana
·
#3306
·
|
|
[ANNOUNCE] License and Security Compliance tools users and developers meeting on Feb. 3rd 2023, one day before FOSDEM in Brussels
Hi:
If you drop by FOSDEM, there is this one day event before FOSDEM, on
Feb. 3rd 2023, in
Hi:
If you drop by FOSDEM, there is this one day event before FOSDEM, on
Feb. 3rd 2023, in
|
By
Philippe Ombredanne
·
#3305
·
|
|
New version of the SPDX Online Tools
I just finished publishing a new version of the SPDX online tools.
It solves a couple of issues with the license submission utility and upgrades the NTIA Conformance Checker with an improved
I just finished publishing a new version of the SPDX online tools.
It solves a couple of issues with the license submission utility and upgrades the NTIA Conformance Checker with an improved
|
By
Gary O'Neall
·
#3304
·
|
|
joint legal and tech call Thursday, Jan 12th - Change Proposal: ExceptionRef
Hi all,
This is a reminder that Thursday, Jan 12th at the regular legal-team call time, we will have a joint call for the tech and legal teams to discuss the change
Hi all,
This is a reminder that Thursday, Jan 12th at the regular legal-team call time, we will have a joint call for the tech and legal teams to discuss the change
|
By
J Lovejoy
·
#3303
·
|
|
Invitation: SPDX Legal Team - 4th Thursdays 2023 @ Monthly from 12pm to 1pm on the fourth Thursday from Thu Jan 26 to Mon Jan 1, 2024 (EST) (spdx-legal@lists.spdx.org)
SPDX Legal Team - 4th Thursdays 2023
https://meet.jit.si/SPDXLegalMeeting
https://meet.jit.si/SPDXLegalMeeting
WhenMonthly from 12pm to 1pm on the fourth Thursday from Thursday Jan 26 to Monday
SPDX Legal Team - 4th Thursdays 2023
https://meet.jit.si/SPDXLegalMeeting
https://meet.jit.si/SPDXLegalMeeting
WhenMonthly from 12pm to 1pm on the fourth Thursday from Thursday Jan 26 to Monday
|
By
Steve Winslow
·
#3302
·
|
|
Invitation: SPDX Legal Team - 2nd Thursdays 2023 @ Monthly from 12pm to 1pm on the second Thursday from Thu Jan 12 to Mon Jan 1, 2024 (EST) (spdx-legal@lists.spdx.org)
SPDX Legal Team - 2nd Thursdays 2023
https://meet.jit.si/SPDXLegalMeeting
https://meet.jit.si/SPDXLegalMeeting
WhenMonthly from 12pm to 1pm on the second Thursday from Thursday Jan 12 to Monday
SPDX Legal Team - 2nd Thursdays 2023
https://meet.jit.si/SPDXLegalMeeting
https://meet.jit.si/SPDXLegalMeeting
WhenMonthly from 12pm to 1pm on the second Thursday from Thursday Jan 12 to Monday
|
By
Steve Winslow
·
#3301
·
|