Bradley M. Kuhn <bkuhn@...>
Jilayne Lovejoy wrote at 16:05 (EDT) on Wednesday:
Do you expect the SPDX License List to cover every license you find?I'm not clear on what the value of SPDX's license list unless it's
comprehensive. Can you explain how SPDX is still useful if the licenses
for widely distributed and used central-infrastructure programs can't
be listed with SPDX?
Does any list?Other license lists aren't designed to allow for cataloging the details
of a Free Software release, nor are they meant to be grokked by
programs, so they don't need to be perfectly comprehensive. If a
license is missing from SPDX's list, I can't write an accurate SPDX file
for that package, right? Seems like a really big bug in SPDX to me.
This is why I keep renewing my encouragement for the SPDX group to
actually *write* some SPDX files and carry them upstream. Your problems
with SPDX will start to shake out a lot faster if you do that.
Indeed, my offer that I've been making for a year remains open: when
I see that SPDX patch come across the BusyBox mailing list, I'll endorse
it and encourage Denys to put it upstream.... but I still haven't seen
the patch arrive, and when I suggest this to SPDX folks, they tell me
"upstream should be responsible for doing this work". I get worried any
time a bunch of proprietary software companies get together and start
suggesting unfunded mandates for upstream Free Software projects.