Re: Combined version of LGPL + GPL 3.0
(I mistyped the spdx-tech address, fixed here)
~ Philippe Ombredanne [2021-07-28 12:04 +0200]:
On Wed, Jul 28, 2021 at 11:01 AM Max Mehl <max.mehl@...> wrote:The ticket in the reuse-tool is public, the discussions with FSF wereIn the scope of REUSE we've noticed [^1] that just providing LPGL-3.0* –Has this been discussed publicly?
private with John Sullivan and Donald Robertson.
Sorry if this has been unclear. I do not request a new licenseNow my request: can we get this combined version into SPDX' license listI think that you stated explicitly this is not a new license, just a
identifier but an amendment of the full text version. LGPL-3.0* requires
the GPL-3.0 text, and FSF has officially provided a concatenated
For SPDX and other downstreams it would just make sense to use the
"complete" version IMHO, as it meets users expectations.
Some examples of the new and updated clarity issues this brings:The top of the file quite clearly states that this is about the LGPL.
But of course, just from this text it's unclear how the actual code is
licensed, but that's a common problem in repos using multiple licenses.
That's why SPDX license identifiers make a lot of sense, and also why
the REUSE way of storing license texts is so useful.
It's very clear if you store the above license text under
`LICENSES/LGPL-3.0-or-later.txt` and mark the files with
What if a project contains both GPL3 and LGPL 3-licensed code? TheyWell, in the example above, that wouldn't be any problem. You can have
both GPL and LGPL licensed code in your repo, and by using SPDX
expressions you can even dual-license selected files if you wanted.
Again, just by having a LICENSE file things are ambiguous anyway.
And what's the alternative for LGPL-3.0? Just using the text that SPDX
provides currently is not compliant as the license requires the GPL-3.0
to be present. What changed now is that there is an official upstream
combined version, so SPDX should use it.
Now say the author added a license identifier in the code saying thatI get your point, and it's also not the most ideal outcome, but as
written above I think the situation improved.
And of course we need explicit statements, and thanks to the combination
of SPDX and REUSE that's a common best practice.
Max Mehl - Programme Manager - Free Software Foundation Europe
Contact and information: https://fsfe.org/about/mehl | @mxmehl
Become a supporter of software freedom: https://fsfe.org/join