Date   

license name question

Bob Gobeille
 

I just ran into the following license. It is GPL v2 or GPL v3+ KDE exception. Note the absence of GPLv2.1. If 2.1 was included, the name would be GPL-2+-with-KDE-exception, but since it isn't, what is the protocol?

GPL-2or3-with-KDE-exception
???

Here is the code license notice:
/****************************************************************************************
* Copyright (c) 2007 Ian Monroe <ian@...> *
* (c) 2010 Jeff Mitchell <mitchell@...> *
* *
* This program is free software; you can redistribute it and/or modify it under *
* the terms of the GNU General Public License as published by the Free Software *
* Foundation; either version 2 of the License, or (at your option) version 3 or *
* any later version accepted by the membership of KDE e.V. (or its successor approved *
* by the membership of KDE e.V.), which shall act as a proxy defined in Section 14 of *
* version 3 of the license. *
* *
* This program is distributed in the hope that it will be useful, but WITHOUT ANY *
* WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A *
* PARTICULAR PURPOSE. See the GNU General Public License for more details. *
* *
* You should have received a copy of the GNU General Public License along with *
* this program. If not, see <http://www.gnu.org/licenses/>. *
****************************************************************************************/


Thanks,
Bob Gobeille
Hewlett Packard
Open Source Program Office
(http://fossology.org)


Re: Licensing Workshop at LinuxTag 2011 (XML errors)

Juergen Weigert <jw@...>
 

On May 25, 11 15:26:01 +0200, Joerg Schilling wrote:
I am not sure who manages this page, but http://spdx.org/licenses/ISC and some
others cannot be displayed on my firefox as they give a xml parsing error.
Firefox diagnostics are misleading here.
We have https://bugzilla.mozilla.org/show_bug.cgi?id=655661 for this.

The SPDX pages are served with mime-type application/xml, but entities are
used that are illegal in XML. We should either promote to application/html
or get all entities fixed.
Do we have anybody at SPDX, who would want to look into this?

thanks,
JW-

--
o \ Juergen Weigert paint it green! __/ _=======.=======_
<V> | jw@... back to ascii! __/ _---|____________\/
\ | 0911 74053-508 __/ (____/ /\
(/) | _____________________________/ _/ \_ vim:set sw=2 wm=8
SUSE LINUX Products GmbH, GF: Jeff Hawn, J.Guild, F.Immendoerffer, HRB 16746
(AG Nuernberg), Maxfeldstrasse 5, 90409 Nuernberg, Germany

SuSE. Supporting Linux since 1992.


Re: Licensing Workshop at LinuxTag 2011

Joerg Schilling <Joerg.Schilling@...>
 

Ciaran Farrell <cfarrell@...> wrote:

before LinuxTag 2011 I sent around invitations to this workshop "Cross
Distribution Licensing Summit":
http://is.gd/7GF9Ar (linuxtag.org)

Some of you indicated that you would not be able to make it. As it turned out
there was not a huge variety of distributions present there, but I think that
the discussion that we had was nonetheless quite enlightening.
...

Currently, one example of an online collaborative effort (under the auspices
of the Linux Foundation) is SPDX (spdx.org) (which has been adopted by Debian
in DEP5). The workgroup at SPDX.org has come up with a list of commonly used
licenses (see http://www.spdx.org/licenses). The list has many licenses but
not all licenses that distributions will likely need to track and reference.
There should not be a problem with submitting more licenses to SPDX so be
included in that list.
I am not sure who manages this page, but http://spdx.org/licenses/ISC and some
others cannot be displayed on my firefox as they give a xml parsing error.


I'm more than interested in hearing your comments, feedback and opinions.
Also, I've included as many people on the mail thread as I could and I believe
I have reached a large number of distributions. However, if anybody is aware
of a person/company who could be interested, please do forward this mail.

I just had a small discussion with Thomas Gordon who wrote Carneades:

http://carneades.berlios.de/

His software currently uses an interactive questionaire but it could be
enhanced to read specs that contain a list of licenses and code relations as
well as general rules on how to interpret licenses (e.g. whether the GPL is to
be interpreted as being in conflict with US Copyright law title 17 paragraph 106
or not) and then could output a license compatibility report.

Doing this automatically on a large number of software projects could be used to
find out whether a specific license intepretation would affect a large number
of OSS projects that are typicallally shipped on distros.

Carneades currently contains basic rules for a few licenses. There would be a
need to refine the rules and to add more licenses but the engine is ready....


Jörg

--
EMail:joerg@... (home) Jörg Schilling D-13353 Berlin
js@... (uni)
joerg.schilling@... (work) Blog: http://schily.blogspot.com/
URL: http://cdrecord.berlios.de/private/ ftp://ftp.berlios.de/pub/schily


Re: Licensing Workshop at LinuxTag 2011

Amanda Brock <amanda.brock@...>
 

Ciaran

Kate Stewart is the Chair of SPDX and represents Canonical on this. I have asked her to respond to this and would be pleased if you could please keep both of us on the thread.

All the best

Amanda

Amanda Brock, General Counsel
Canonical
27 Floor, Millbank Tower
London SW1P 4QP
+44 2076302446
+44 7809389878
Ubuntu - Linux for Human Beings
www.canonical.com

On 25/05/11 12:35, Ciaran Farrell wrote:

Hi,


before LinuxTag 2011 I sent around invitations to this workshop "Cross Distribution Licensing Summit":

http://is.gd/7GF9Ar (linuxtag.org)


Some of you indicated that you would not be able to make it. As it turned out there was not a huge variety of distributions present there, but I think that the discussion that we had was nonetheless quite enlightening.


We saw that there is a variety of ways in which distributions describe the license of a package (or a component of a package) - where the distributions actually mean the same license but have different designations (short names) for their package metadata.


Whereas we didn't actually conclusively decide on anything, we did agree that it would be beneficial if the distributions would adopt a common scheme of designating license names.


Currently, one example of an online collaborative effort (under the auspices of the Linux Foundation) is SPDX (spdx.org) (which has been adopted by Debian in DEP5). The workgroup at SPDX.org has come up with a list of commonly used licenses (see http://www.spdx.org/licenses). The list has many licenses but not all licenses that distributions will likely need to track and reference. There should not be a problem with submitting more licenses to SPDX so be included in that list.


Therefore, I'd like to propose that we evaluate as a group the possibility of standardising how we refer to licenses based on SPDX. I know that there has been considerable criticism of the absence of numerous licenses from the SPDX list, but I believe that if we inform the SPDX working group of the licenses we would like to see included and if they are in fact included, the benefits will be quite substantial.


I'm more than interested in hearing your comments, feedback and opinions. Also, I've included as many people on the mail thread as I could and I believe I have reached a large number of distributions. However, if anybody is aware of a person/company who could be interested, please do forward this mail.


Ciaran


--

Ciaran Farrell __o

cfarrell@... _`\<,_

Phone: +49 (0)911 74053 262 (_)/ (_)




SUSE LINUX Products GmbH,

GF: Jeff Hawn, Jennifer Guild, Felix Imendörffer,

HRB 16746 (AG Nürnberg)

Maxfeldstraße 5

90409 Nürnberg

Germany




/ˈkiː.ræn/




Licensing Workshop at LinuxTag 2011

Ciaran Farrell
 

Hi,


before LinuxTag 2011 I sent around invitations to this workshop "Cross Distribution Licensing Summit":

http://is.gd/7GF9Ar (linuxtag.org)


Some of you indicated that you would not be able to make it. As it turned out there was not a huge variety of distributions present there, but I think that the discussion that we had was nonetheless quite enlightening.


We saw that there is a variety of ways in which distributions describe the license of a package (or a component of a package) - where the distributions actually mean the same license but have different designations (short names) for their package metadata.


Whereas we didn't actually conclusively decide on anything, we did agree that it would be beneficial if the distributions would adopt a common scheme of designating license names.


Currently, one example of an online collaborative effort (under the auspices of the Linux Foundation) is SPDX (spdx.org) (which has been adopted by Debian in DEP5). The workgroup at SPDX.org has come up with a list of commonly used licenses (see http://www.spdx.org/licenses). The list has many licenses but not all licenses that distributions will likely need to track and reference. There should not be a problem with submitting more licenses to SPDX so be included in that list.


Therefore, I'd like to propose that we evaluate as a group the possibility of standardising how we refer to licenses based on SPDX. I know that there has been considerable criticism of the absence of numerous licenses from the SPDX list, but I believe that if we inform the SPDX working group of the licenses we would like to see included and if they are in fact included, the benefits will be quite substantial.


I'm more than interested in hearing your comments, feedback and opinions. Also, I've included as many people on the mail thread as I could and I believe I have reached a large number of distributions. However, if anybody is aware of a person/company who could be interested, please do forward this mail.


Ciaran


--

Ciaran Farrell __o

cfarrell@... _`\<,_

Phone: +49 (0)911 74053 262 (_)/ (_)




SUSE LINUX Products GmbH,

GF: Jeff Hawn, Jennifer Guild, Felix Imendörffer,

HRB 16746 (AG Nürnberg)

Maxfeldstraße 5

90409 Nürnberg

Germany




/ˈkiː.ræn/





Typo 'Nauman' in spreadsheet

Juergen Weigert <jw@...>
 

Hi SPDX-team!

I just downloaded spdx_lienelist_v1.11.ods and spotted this

Naumen Public License
Nauman
http://www.opensource.org/licenses/naumen.php

I figure the short name should say 'Naumen', right?

cheers,
JW-

--
o \ Juergen Weigert paint it green! __/ _=======.=======_
<V> | jw@... back to ascii! __/ _---|____________\/
\ | 0911 74053-508 __/ (____/ /\
(/) | _____________________________/ _/ \_ vim:set sw=2 wm=8
SUSE LINUX Products GmbH, GF: Jeff Hawn, J.Guild, F.Immendoerffer, HRB 16746
(AG Nuernberg), Maxfeldstrasse 5, 90409 Nuernberg, Germany

SuSE. Supporting Linux since 1992.


Agenda for Thursday SPDX General Meeting

Philip Odence
 

Meeting Time: May 19, 8am PDT / 10 am CDT / 11am EDT / 15:00 UTC. http://www.timeanddate.com/worldclock/converter.html

Conf call dial-in:
Conference code:  7812589502
Toll-free dial-in number (U.S. and Canada):  (877) 435-0230
International dial-in number: (253) 336-6732
For those dialing in from other regions, a list of toll free numbers can be found: 
https://www.intercallonline.com/portlets/scheduling/viewNumbers/viewNumber.do?ownerNumber=6053870&audioType=RP&viewGa=false&ga=OFF

 
Administrative Agenda
Attendance
Technical Team Report - Kate

Business Team Report - Kim

Legal Team Report - Rockett/Karen


Cross Functional Issues – Discussion
Website update- Kirsten/Pierre/Steve

Action Items

Most of the action items belong with the Teams. So, in
addition to statusing, we will dispatch them to the respective teams and
will not continue to track in this meeting. Action items for this
meeting will be cross functional.

  • Kate- Beta collateral: Examples in XML and spreadsheet form. PENDING 
  • MartinM- Report back on # of people on respective mailing lists. ONGOING


Re: Question on SampleRDF

Mario Tokarz <mario@...>
 

Hi Peter,

On Fri, May 13, 2011 at 10:48:31AM -0600 , Peter Williams wrote:
Hope these explanations clarify these issues. Any suggestions as to
how the documentation might be modified to clarify these issues are
very welcome.
Thanks for the clarifications. I am going to have a closer look at it again.

I might have been working on a slightly outdated version of your
specification though. When reading through, I noticed some minor
issues but I would rather write those down for an official version of
the document, e.g. the next beta release. Is there another version
scheduled for relase yet?

Best,
Mario

--
BMW Car IT GmbH
http://www.bmw-carit.de


Re: Question on SampleRDF

Peter Williams <peter.williams@...>
 

Hi Mario,

Thanks so much for reviewing these documents. This sort of feedback
is very helpful.

On Fri, May 13, 2011 at 6:45 AM, Mario Tokarz <mario@...> wrote:
I am just reading into the SPDX sample you offered for download. I
have two questions (I read the sample in connection with SPDX Version
Draft 20110411).
It might also be useful to look at <http://spdx.org/rdf/terms>. This
is the formal OWL ontology for SPDX. This information is being
integrated into the spec at this time. The complete spec will be
available shortly.


1. In http://spdx.org/rdf/terms#Package there are references to
licenses in the fields 'licenseInfoFromFiles' and
'licenseCondluded'. Both are defined with Cardinality 1..*. However
they differ in the implementation: licenseInfoFromFiles references
directly either known-liceneses as rdf:resource or
rdf:node. licenseCondluded refers to a ConjunctiveLicenseSet with
members referring to rdf:resource or rdf:node.  Could you please
evaluate on this difference? There does not seem to be a formal
definition for the ConjunctiveLicenseSet.
A formal definition of ConjunctiveLicenseSet is in the
<http://spdx.org/rdf/terms> document.

`licenseInfoFromFiles` and `licenseInfoInFiles` are simple inventories
of the licensing related text found in a package or file,
respectively. The declared and concluded license fields provide a way
for the producer of an SPDX file to state the actual and complete
licensing regime of an item.

For example, a package might allow copiers to choose between two
licenses because it is dual licensed, or might require copiers to
comply with two licenses because it contains some content under each
license. The `licenseInfoFromFiles` properties would be
indistinguishable in those two cases. (Both licenses would be
listed.) The declared and concluded licenses would be quite
different. In the choose between two licenses scenario it would be a
DisjunctiveLicenseSet and in the second scenario it would be a
ConjunctiveLicenseSet.


2. The artifactOf field refers to a node which is defined as
http://usefulinc.com/ns/doap#Project. This seems a bit broken to me,
because the element is not declared as an SPDX internal type.  On a
syntax level your example contains

<rdf:Description rdf:nodeID="A12">
   <j.0:homepage>http://www.openjena.org/</j.0:homepage>
   <j.0:name>Jena</j.0:name>
   <rdf:type rdf:resource="http://usefulinc.com/ns/doap#Project"/>
 </rdf:Description>

I would have expected somthing like this:
 <rdf:Description rdf:nodeID="A12">
   <homepage>http://www.openjena.org/</homepage>
   <name>Jena</name>
   <rdf:type rdf:resource="http://spdx.org/rdf/terms#ArtifactOf"/>
 </rdf:Description>
I think the RDF in Gary's example is correct. The homepage and name
properties are in the DOAP namespace. We utilize the existing
definitions of project homepage and name, rather than creating our own
very similar properties. (No need to reinvent the wheel.) The SPDX
ontology imports the DOAP schema so those properties and class are
available directly.

Hope these explanations clarify these issues. Any suggestions as to
how the documentation might be modified to clarify these issues are
very welcome.

Peter
openlogic.com


Re: Question on SampleRDF

Mario Tokarz <mario@...>
 

Hi Gary,

short correction:

On Fri, May 13, 2011 at 02:45:58PM +0200 et move = no, Mario Tokarz wrote:

1. In http://spdx.org/rdf/terms#Package there are references to
licenses in the fields 'licenseInfoFromFiles' and
'licenseCondluded'. Both are defined with Cardinality 1..*. However
The latter one should be 'licenseDeclared', containing a reference to
"rdf:nodeID=A8" in the sample.

Best,
Mario


Question on SampleRDF

Mario Tokarz <mario@...>
 

Hello Gary,

I am just reading into the SPDX sample you offered for download. I
have two questions (I read the sample in connection with SPDX Version
Draft 20110411).

1. In http://spdx.org/rdf/terms#Package there are references to
licenses in the fields 'licenseInfoFromFiles' and
'licenseCondluded'. Both are defined with Cardinality 1..*. However
they differ in the implementation: licenseInfoFromFiles references
directly either known-liceneses as rdf:resource or
rdf:node. licenseCondluded refers to a ConjunctiveLicenseSet with
members referring to rdf:resource or rdf:node. Could you please
evaluate on this difference? There does not seem to be a formal
definition for the ConjunctiveLicenseSet.

2. The artifactOf field refers to a node which is defined as
http://usefulinc.com/ns/doap#Project. This seems a bit broken to me,
because the element is not declared as an SPDX internal type. On a
syntax level your example contains

<rdf:Description rdf:nodeID="A12">
<j.0:homepage>http://www.openjena.org/</j.0:homepage>
<j.0:name>Jena</j.0:name>
<rdf:type rdf:resource="http://usefulinc.com/ns/doap#Project"/>
</rdf:Description>

I would have expected somthing like this:
<rdf:Description rdf:nodeID="A12">
<homepage>http://www.openjena.org/</homepage>
<name>Jena</name>
<rdf:type rdf:resource="http://spdx.org/rdf/terms#ArtifactOf"/>
</rdf:Description>

Again I would be grateful for some hint.

Thanks + Best Regards,
Mario


SPDX Mini Webinar

Philip Odence
 

At the Linux Foundation's behest, we recorded a ~3 minute, mini-webinar giving an overview of SPDX:

There is a link to it from the SPDX home page (along with the existing white paper link). As you engage with others in your organization or the community, this might provide a useful intro.

Note: It's currently hosted by Black Duck but will eventually be hosted by the Linux Foundation.


Spreadsheet and tools

Gary O'Neall
 

Attached is a sample SPDX spreadsheet.  This isn’t a full analysis (the files list is quite abbreviated), but it should give you a good idea of the format and structure.  Please let me know any feedback.

 

Also, if you would like to try the tools yourself, they are available at http://www.spdx.org/wiki/sandbox-tools

 

I will be updating these tools over the weekend (5/15) with the results the license terms discussion.

 

Thanks,

Gary

 

 


Re: Agenda for Thursday SPDX General Meeting

Kim Weins
 

Hi Phil

I’m going to be late for the call.  Here’s my update in case I’m not there.

  1. Beta kickoffs are slated to start next week.  Need to validate that all is ready on the technical side and that training materials are updated.  Kate is to add tag value info to training slides.  I will update final terminology (field names).  Kirsten is updating tools docs.



On Wed 5/4/11 2:50 PM, "Philip Odence" <podence@...> wrote:

Meeting Time: May 5 (Cinco de Mayo), 8am PDT / 10 am CDT / 11am EDT / 15:00 UTC. http://www.timeanddate.com/worldclock/converter.html

Conf call dial-in:
Conference code:  7812589502
Toll-free dial-in number (U.S. and Canada):  (877) 435-0230
International dial-in number: (253) 336-6732
For those dialing in from other regions, a list of toll free numbers can be found: https://www.intercallonline.com/portlets/scheduling/viewNumbers/viewNumber.do?
<https://www.intercallonline.com/portlets/scheduling/viewNumbers/viewNumber.do?> ownerNumber=6053870&audioType=RP&viewGa=false&ga=OFF

 
Administrative Agenda
Attendance
Approval of minutes http://www.spdx.org/wiki/20110421-general-meeting-minutes

Technical Team Report - Kate

Business Team Report -
Kim

Legal Team Report -
Rockett/Karen


Cross Functional Issues –
Discussion
Website update- Kirsten/Pierre

Action Items
Most of the action items belong with the Teams. So, in
addition to statusing, we will dispatch them to the respective teams and
will not continue to track in this meeting. Action items for this
meeting will be cross functional.
  • Kate- Beta collateral: Examples in XML and spreadsheet form. PENDING
  • MartinM- Report back on # of people on respective mailing lists. ONGOING



_______________________________________________
Spdx mailing list
Spdx@...
https://fossbazaar.org/mailman/listinfo/spdx


Kim Weins |
Senior Vice President, Marketing
kim.weins@...
Follow me on Twitter @KimAtOpenLogic

650 279 0410  |  cell
www.openlogic.com
Follow OpenLogic on Twitter @openlogic


Re: Update on spdx subscriber numbers

Martin Michlmayr
 

Here's another update on the mailing list numbers:

spdx: 102
spdz-biz: 21
spdx-legal: 27
spdx-tech: 23

--
Martin Michlmayr
Open Source Program Office, Hewlett-Packard


Agenda for Thursday SPDX General Meeting

Philip Odence
 

Meeting Time: May 5 (Cinco de Mayo), 8am PDT / 10 am CDT / 11am EDT / 15:00 UTC. http://www.timeanddate.com/worldclock/converter.html

Conf call dial-in:
Conference code:  7812589502
Toll-free dial-in number (U.S. and Canada):  (877) 435-0230
International dial-in number: (253) 336-6732
For those dialing in from other regions, a list of toll free numbers can be found: 
https://www.intercallonline.com/portlets/scheduling/viewNumbers/viewNumber.do?ownerNumber=6053870&audioType=RP&viewGa=false&ga=OFF

 
Administrative Agenda
Attendance
Technical Team Report - Kate

Business Team Report - Kim

Legal Team Report - Rockett/Karen


Cross Functional Issues – Discussion
Website update- Kirsten/Pierre

Action Items

Most of the action items belong with the Teams. So, in
addition to statusing, we will dispatch them to the respective teams and
will not continue to track in this meeting. Action items for this
meeting will be cross functional.

  • Kate- Beta collateral: Examples in XML and spreadsheet form. PENDING 
  • MartinM- Report back on # of people on respective mailing lists. ONGOING


Updated Invitation: SPDX Legal Workstream Call 11ET/10CT/8PT @ Wed May 11 8am - 9am (spdx@fossbazaar.org)

Esteban Rockett <mgia3940@...>
 

This event has been changed.

SPDX Legal Workstream Call 11ET/10CT/8PT

Changed: All:

Sorry for the late notice. My flights have gotten re-routed and I will be in flight during this call. Hence, I am moving to next week with this notice.

My apologies for the last minute notice.

Many thanks,

Rockett


Motorola Inc.
E.A. Rockett
Senior Counsel
Software, Applications &
Digital Content Licensing
(408)541-6703 (O)
(408)541-6900 (F)
(415)508-7625 (M)
rockett@...

When
Changed: Wed May 11 8am – 9am Pacific Time
Where
Conference Bridge 1.877.825.8522 PIN:0376146 (map)
Calendar
spdx@...
Who
Esteban Rockett - organizer
amanda.brock@...
tony.gomes@...
sadams@...
feb.cabrasawan@...
jmcbroom@...
rfontana@...
linda.shih@...
Alexandra.Siegel@...
mpierovi@...
kathleen.mullins@...
JOHN ELLIS
rtiller@...
alastern@...
Mikko.Amper@...
adcohn@...
paul.madick@...
ilardi@...
areid@...
tom.incorvia@...
Mansour Ghomeshi
smortin@...
owen.james.boyle@...
scott.k.peterson@...
Guy.Colpitts@...
bgieseman@...
pmcbride@...
spaek@...
tcarlson@...
andrew.wilson@...
barbara.reilly@...
jwacha@...
bkahin@...
vmah@...
andrew.updegrove@...
mrc@...
mccoy.smith@...
ssemel@...
gsjones@...
kcopenhaver@...
spdx-legal-request@...
spdx@...

Going?   Yes - Maybe - No    more options »

Invitation from Google Calendar

You are receiving this courtesy email at the account spdx@... because you are an attendee of this event.

To stop receiving future notifications for this event, decline this event. Alternatively you can sign up for a Google account at https://www.google.com/calendar/ and control your notification settings for your entire calendar.


Upcoming events page out of date

Martin Michlmayr
 

The upcoming events page at http://spdx.org/about/spdx/events is quite
out of date. I just moved all past talks from the "upcoming talks" to
the "previous talks" section and added one upcoming talk. It would be
good to talk about future events at the next general (of business)
SPDX call.

--
Martin Michlmayr
Open Source Program Office, Hewlett-Packard


W3C provenance working group

Peter Williams <peter.williams@...>
 

The W3C recently started a working group to develop a provenance
information exchange format[1]. This working group is not try to
achieve exactly what SPDX does but their work seems likely to be
germane, and there might even be some overlap. The exact scope their
effort does not appear to be set yet but the incubator group, which
precede the working group, worked on topics like basic provenance,
provenance of changes, trust relationships and entailment (evidence
for provenance assertions). These are a lot of the same areas that we
have mentioned wanting to attack in future versions of SPDX.

It might be worth having some SPDX representation on the provenance
working group.

[1]: <http://www.w3.org/2011/prov/wiki/Main_Page>

Peter
openlogic.com


General Meeting Minutes from 20110421

Kirsten Newcomer
 

Hi all,

The General Meeting minutes from 20110421 have been posted here: http://spdx.org/wiki/20110421-general-meeting-minutes

Apologies for the delay.

Please send corrections / additions as needed. Thanks!

Kirsten

Kirsten Newcomer
Senior Product Manager
Black Duck Software, Inc.

knewcomer@...
Office: +1.781.810.1839 Mobile: +1.781-710-2184

1221 - 1240 of 1604