Hi SPDX-legal,

I've been chatting to some of the Fedora folks about adopting the use of SPDX license identifiers in its package spec files. I just posted a comment/ proposal to a PR that was opened some time ago, See  https://pagure.io/packaging-committee/pull-request/971#

As some of you may remember, SPDX-legal undertook adding many licenses on the Fedora Good list back in 2013-14 time frame. I have since looked at the current Fedora Good list and updated a comparison doc, see: https://docs.google.com/spreadsheets/d/1fi5SVzyCAL0UDravvkS6Us4lFwRiQy-l3qTUEkY92U0/edit#gid=243613621

The good news is that the vast majority (~80%) of the Fedora Good licenses can already be represented with SPDX identifiers or expressions. Research will be needed for Fedora licenses that are not on the SPDX License List and we will likely see some additional requests for new licenses.

For any of you who are here and Fedora enthusiasts, help with researching some of the licenses and (eventually) updating existing Fedora package license info once this all moves forward would be greatly appreciated. It would also be good to think about ways to collaborate into ways to automate any cross-functional processes going forward so that we stay in sync.

Ideas there are greatly welcome!  Stay tuned!

Jilayne

Dear Jilayne,

I've been chatting to some of the Fedora folks about adopting the use
of SPDX license identifiers in its package spec files. I just posted a
comment/ proposal to a PR that was opened some time ago, See
https://pagure.io/packaging-committee/pull-request/971#

That's great news! I have been using Fedora for about two years as my
primary operating system, so hearing about this development is
particularly interesting to me.

As some of you may remember, SPDX-legal undertook adding many licenses
on the Fedora Good list back in 2013-14 time frame. I have since
looked at the current Fedora Good list and updated a comparison doc,
see:
https://docs.google.com/spreadsheets/d/1fi5SVzyCAL0UDravvkS6Us4lFwRiQy-l3qTUEkY92U0/edit#gid=243613621

For any of you who are here and Fedora enthusiasts, help with
researching some of the licenses and (eventually) updating existing
Fedora package license info once this all moves forward would be
greatly appreciated. It would also be good to think about ways to
collaborate into ways to automate any cross-functional processes going
forward so that we stay in sync.

Wow - that's an extensive spreadsheet you have there! I'll be able to
offer some information on the 'Teeworlds license' listed in the
spreadsheet at tomorrow's, shall we say, Legal 'Teem' meeting :)

Best wishes,

Sebastian

Hi Sebastian,

I knew/hoped there'd be some SPDX'ers who were also Fedora fans!

See comment below on where folks familiar with SPDX could be of most help:

As some of you may remember, SPDX-legal undertook adding many licenses
on the Fedora Good list back in 2013-14 time frame. I have since
looked at the current Fedora Good list and updated a comparison doc,
see:
https://docs.google.com/spreadsheets/d/1fi5SVzyCAL0UDravvkS6Us4lFwRiQy-l3qTUEkY92U0/edit#gid=243613621

For any of you who are here and Fedora enthusiasts, help with
researching some of the licenses and (eventually) updating existing
Fedora package license info once this all moves forward would be
greatly appreciated. It would also be good to think about ways to
collaborate into ways to automate any cross-functional processes going
forward so that we stay in sync.

Wow - that's an extensive spreadsheet you have there! I'll be able to
offer some information on the 'Teeworlds license' listed in the
spreadsheet at tomorrow's, shall we say, Legal 'Teem' meeting :)

For any of the licenses marked as "NO" (not on SPDX License List, but identified on the Fedora good list) - there is a need to:
1) see if the license is still used in Fedora - this can be done by a search for the Fedora identifier (if it's unique)
2) if so, then finding the actual text of the license in the source files and seeing if it happens to already be a match to something on SPDX License List
3) if not, submit to add

I have a notes column going to track any research as needed in the interim and am happy to add anyone with edit access who wants to help work on this. I think this is probably best done by folks who are pretty familiar with SPDX (the license list generally and matching guidelines)

Thanks,
Jilayne

Quoting J Lovejoy (2021-08-05 05:52:13)

Hi Sebastian,

I knew/hoped there'd be some SPDX'ers who were also Fedora fans!

See comment below on where folks familiar with SPDX could be of most help:

On 8/4/21 4:00 PM, Sebastian wrote:

As some of you may remember, SPDX-legal undertook adding many
licenses on the Fedora Good list back in 2013-14 time frame. I have
since looked at the current Fedora Good list and updated a
comparison doc, see:
https://docs.google.com/spreadsheets/d/1fi5SVzyCAL0UDravvkS6Us4lFwRiQy-l3qTUEkY92U0/edit#gid=243613621

For any of you who are here and Fedora enthusiasts, help with
researching some of the licenses and (eventually) updating existing
Fedora package license info once this all moves forward would be
greatly appreciated. It would also be good to think about ways to
collaborate into ways to automate any cross-functional processes
going forward so that we stay in sync.

Wow - that's an extensive spreadsheet you have there! I'll be able
to offer some information on the 'Teeworlds license' listed in the
spreadsheet at tomorrow's, shall we say, Legal 'Teem' meeting :)

For any of the licenses marked as "NO" (not on SPDX License List, but
identified on the Fedora good list) - there is a need to:
1) see if the license is still used in Fedora - this can be done by a
search for the Fedora identifier (if it's unique)
2) if so, then finding the actual text of the license in the source
files and seeing if it happens to already be a match to something on
SPDX License List
3) if not, submit to add

Since I assume it is not only relevant if those licenses identified by
Fedora exists "in the wild" only _distributed_ by Fedora, I can suggest
to also make use of https://codesearch.debian.net/


- Jonas

--
* Jonas Smedegaard - idealist & Internet-arkitekt
* Tlf.: +45 40843136 Website: http://dr.jones.dk/

[x] quote me freely [ ] ask before reusing [ ] keep private