|
Re: License List v1.2 wiki page created
Peter Williams <peter.williams@...>
On 11/5/10 5:08 AM, Tom Incorvia wrote:
We formerly decided to treat each combination of license + exception as a separate license since the exception can change the terms materially. For instance GPL + Classpath is more permissive than LGPL. From a practical point of view, the exception creates a different license. TomThanks for pointing that out. That agreement must have been reached before i joined the group. I agree that approach makes the most sense. We could make the relationship explicit by defining a dc:hasPart property on the license+exception with the value of the original license. This would allow tools to more easily show how various license are related to one another. Peter Williams www.openlogic.com |
|
|
|
|
|
Re: License List v1.2 wiki page created
Tom Incorvia
Regarding the GPL / LGPL exceptions -- We formerly decided to treat each combination of license + exception as a separate license since the exception can change the terms materially. For instance GPL + Classpath is more permissive than LGPL. From a practical point of view, the exception creates a different license. Tom
toggle quoted message
Show quoted text
Tom Incorvia tom.incorvia@... Direct: (512) 340-1336 Mobile: (408) 499 6850 -----Original Message-----
From: spdx-bounces@... [mailto:spdx-bounces@...] On Behalf Of Peter Williams Sent: Thursday, November 04, 2010 9:39 PM To: spdx@... Subject: Re: License List v1.2 wiki page created On 11/4/10 11:15 AM, Jilayne Lovejoy wrote: *Outstanding Issues/Questions:*We could just have a separate license for GPL+amendment for all the common exceptions. This fits the current license model pretty well. However, it means that an uncommon set of amendments would require a custom license declaration in SPDX file. Another approach that might be to have a LicenseAmendment concept and allow a "composite" license to be defined as a base license plus a set of amendments. This feasible but would require a bit of work in the technical working group to nail down the specifics. * How do we want to handle LGPL/GPL "vXor later" versus LGPL/GPL vX?I think this should not be handled at license level. There is no such license as "GPL v2 or later". Rather, content is licensed under the disjunctive set of all GPL licenses with a version greater than or equal to 2. If licenses expressed their version relationships using dc:isVersionOf and dc:replaces we could leverage that information. Using the version relationships we could define a version based disjunctive license set. This set would specify the minimum acceptable version of the license, e.g. GPLv2. A license would be considered to be part of such a set if it "replaces" and "isVersionOf", either directly or indirectly, the minimum acceptable version. [snip] * Licenses with an alternative name or an associated project inWe could quite easily support an arbitrary number of name for any particular license. Perhaps that would be easier than trying to settle on just one name for these licenses. [snip] Peter Williams www.openlogic.com _______________________________________________ Spdx mailing list Spdx@... https://fossbazaar.org/mailman/listinfo/spdx This message has been scanned for viruses by MailController - www.MailController.altohiway.com |
|
|
|
|
|
Re: License List v1.2 wiki page created
Peter Williams <peter.williams@...>
On 11/4/10 11:15 AM, Jilayne Lovejoy wrote:
*Outstanding Issues/Questions:*We could just have a separate license for GPL+amendment for all the common exceptions. This fits the current license model pretty well. However, it means that an uncommon set of amendments would require a custom license declaration in SPDX file. Another approach that might be to have a LicenseAmendment concept and allow a "composite" license to be defined as a base license plus a set of amendments. This feasible but would require a bit of work in the technical working group to nail down the specifics. * How do we want to handle LGPL/GPL “vXor later” versus LGPL/GPL vX?I think this should not be handled at license level. There is no such license as "GPL v2 or later". Rather, content is licensed under the disjunctive set of all GPL licenses with a version greater than or equal to 2. If licenses expressed their version relationships using dc:isVersionOf and dc:replaces we could leverage that information. Using the version relationships we could define a version based disjunctive license set. This set would specify the minimum acceptable version of the license, e.g. GPLv2. A license would be considered to be part of such a set if it "replaces" and "isVersionOf", either directly or indirectly, the minimum acceptable version. [snip] * Licenses with an alternative name or an associated project inWe could quite easily support an arbitrary number of name for any particular license. Perhaps that would be easier than trying to settle on just one name for these licenses. [snip] Peter Williams www.openlogic.com |
|
|
|
|
|
License List v1.2 wiki page created
Jilayne Lovejoy <Jlovejoy@...>
Hi,
Okay, I uploaded the v1.2 spreadsheet and accompanying guidelines in a word doc as attachments to a new Wiki page here: http://www.spdx.org/wiki/license-list-v12
Disregard my previous email this morning, as I did make a couple minor updates to the uploaded version (but did not rename).
Here are is the list particular things that need some form of resolution:
Outstanding Issues/Questions:
Cheers,
Jilayne Lovejoy | Corporate Counsel
720 240 4545 | phone 720 240 4556 | fax 1 888 OpenLogic | toll free
OpenLogic, Inc. Headquarters, Broomfield, Colorado 80021
|
|
|
|
|
|
Re: updated license list
Jilayne Lovejoy <Jlovejoy@...>
See comments in ALL CAPS below. I will send an email when the latest
toggle quoted message
Show quoted text
License List and Guidelines document has been uploaded to the Wiki so everyone can just look at it there. Jilayne -----Original Message-----
From: spdx-bounces@... [mailto:spdx-bounces@...] On Behalf Of Bruno Cornec Sent: Thursday, November 04, 2010 9:30 AM To: Jilayne Lovejoy Cc: spdx@... Subject: Re: updated license list Hello, Jilayne Lovejoy said on Thu, Nov 04, 2010 at 09:19:54AM -0600: Here is the next version of the license list (v1.2) that includes theupdated the "guidelines" document and listed any changes in this spreadsheetI think there is a problem line 32 of the LicenseList v1.2 file: Column A mentions version 1.0 wheresas column B says 3.0. --> FIXED (good eye!) I wonder if there shouldn't be a mention of the GFDL in this file as well (with the multiple versions)? (CC are there) --> GOOD PONT - ADDED FDL v1.2 AS IT IS THE ONE I'VE SEEN USED MOST OFTEN EVEN THOUGH THERE IS A MORE RECENT VERSION. HOWEVER, THIS SPEAKS TO ONE OF THE "OUTSTANDING ISSUES" - THAT WE DO NOT HAVE OLDER VERSIONS OF A BUNCH OF COMMON LICENSES... (SEE NEXT EMAIL) Speaking of versions, I wonder whether there should'nt always be a version mentioned, to support easily future revisions of the license not having multiple version yet. --> MANY LICENSES ARE ONE-OFFS AND MOST LIKELY WILL NOT HAVE A NEW VERSION. IF THE LICENSE DOESN'T INCLUDE THIS IN ITS TITLE, I DON'T THINK WE SHOULD ADD A VERSION NUMBER For dates, wouldn't it be more interesting (wrt sort, ...) to use the ISO format: 2010-11-04 instead of the European one, which may be confusing for non-european people. --> SO FAR THE DATE IS JUST INCLUDED AS PART OF THE TEXT FIELD FOR "NOTES" ABOUT THE LICENSE, SO PROBABLY DOESN'T MATTER EITHER WAY BEYOND WHATEVER IS GOING TO BE EASIEST TO READ. SOME LICENSES ONLY HAVE A MONTH-YEAR FOR RELEASE DATE INSTEAD OF A FULL DATE IN CASE THAT'S A CONSIDERATION HTH, Bruno. -- Open Source & Linux Profession Lead EMEA / http://opensource.hp.com HP/Intel/Red Hat Open Source Solutions Initiative / http://www.hpintelco.net http://www.HyPer-Linux.org http://mondorescue.org http://project-builder.org La musique ancienne? http://www.musique-ancienne.org http://www.medieval.org _______________________________________________ Spdx mailing list Spdx@... https://fossbazaar.org/mailman/listinfo/spdx |
|
|
|
|
|
Python licenses
Jilayne Lovejoy <Jlovejoy@...>
I agree these licenses are a bit redundant seeming and not well differentiated. However, I think when a license has been approved by the OSI, we need to just stick with the license name they use. Although Tom’s list here is better than what we see “in the field,” I don’t think we should include which versions of the software the license covers (not sure if that is what you were suggesting, anyway).
I have updated the License List (from this morning) to have the two python OSI-approved licenses and checked that the license name listed matches the name OSI uses. If someone thinks the other iterations need to be added, let me know.
Jilayne
From: Tom Incorvia
[mailto:tom.incorvia@...]
Sent: Thursday, October 21, 2010 8:51 AM To: Tom "spot" Callaway Cc: Jilayne Lovejoy; kate.stewart@...; spdx@... Subject: RE: License List spreadsheet v1.1
FYI, I did a compare of Python 3.2 LICENSE to the much earlier 2.0.1 AFTER removing the history information – so the compare started with the statement “TERMS AND CONDITIONS FOR ACCESSING OR OTHERWISE USING PYTHON”.
The licenses are the same other than adding to the list of copyright years and changing the title “CWI PERMISSIONS STATEMENT AND DISCLAIMER” TO “CWI LICENSE AGREEMENT FOR PYTHON 0.9.0 THROUGH 1.2”. I have attached the compare.
I also noticed that the license link for particular versions of the Python software don’t always match. For instance the link http://www.python.org/download/releases/2.4.6/license/ links to a license titled 2.4.4 license. Similarly the URL for 3.0.1 points to a license titled 2.6.1. There are others.
Between versions 2.4.4 and 2.5 “Version 2” is added to the license. But the changes continue to be limited to extensions of the copyright years.
I believe that the discrete licenses are:
- CWI LICENSE AGREEMENT FOR PYTHON 0.9.0 THROUGH 1.2 - CNRI LICENSE AGREEMENT FOR PYTHON 1.6.1 - Python Version 1 (Covers Python after 1.6.1 and prior to 2.5) - Python Version 2 (Covers Python 2.5 and after)
Tom W, what do you think – some of the specificity in versions and release is removed as the licenses get newer. I have not looked for language re self-superseding.
Thanks,
Tom
Tom Incorvia Direct: (512) 340-1336 Mobile: (408) 499 6850
-----Original
Message-----
On 10/20/2010 02:56 PM, Tom Incorvia wrote: > - The Python license may have versions – I am not certain -- > they take the time to restate the license with each release – however, I > comparisons of some of the “official licenses” and they were the same. > Anyway, we will need to dig into Python a bit in terms of versioning and > relationship to CNRI – I don’t have the bandwidth for this right now, > but hopefully there is someone on the team who is deep into Python licensing
To the best of my understanding, there have been several different Python license versions, but the licenses are self-superseding, in that as new versions arrive, they automatically apply.
~tom
This message has been scanned for viruses by MailController - www.MailController.altohiway.com |
|
|
|
|
|
Re: updated license list
Bruno Cornec <Bruno.Cornec@...>
Hello,
Jilayne Lovejoy said on Thu, Nov 04, 2010 at 09:19:54AM -0600: Here is the next version of the license list (v1.2) that includes theI think there is a problem line 32 of the LicenseList v1.2 file: Column A mentions version 1.0 wheresas column B says 3.0. I wonder if there shouldn't be a mention of the GFDL in this file as well (with the multiple versions)? (CC are there) Speaking of versions, I wonder whether there should'nt always be a version mentioned, to support easily future revisions of the license not having multiple version yet. For dates, wouldn't it be more interesting (wrt sort, ...) to use the ISO format: 2010-11-04 instead of the European one, which may be confusing for non-european people. HTH, Bruno. -- Open Source & Linux Profession Lead EMEA / http://opensource.hp.com HP/Intel/Red Hat Open Source Solutions Initiative / http://www.hpintelco.net http://www.HyPer-Linux.org http://mondorescue.org http://project-builder.org La musique ancienne? http://www.musique-ancienne.org http://www.medieval.org |
|
|
|
|
|
updated license list
Jilayne Lovejoy <Jlovejoy@...>
Here is the next version of the license list (v1.2) that includes the license text and some other changes discussed via email. I also updated the “guidelines” document and listed any changes in this spreadsheet over License List v1.1 there.
Jilayne Lovejoy | Corporate Counsel
720 240 4545 | phone 720 240 4556 | fax 1 888 OpenLogic | toll free
OpenLogic, Inc. Headquarters, Broomfield, Colorado 80021
|
|
|
|
|
|
Update from OWF
Kim Weins
Sorry this is a little late, although I shared some of this data on previous calls.
The SPDX presentation at OWF went well. We had about 40 people or so, and most of them stayed an hour over the allotted time to discuss. There was a lot of interest and positive feedback on the whole idea of SPDX. Much of the discussion centered around some of the challenges we might face when it rolls out. The issues raised were mostly around whether this would be harder/easier for the OSS communities and Linux distros to produce an SPDX file for their projects. We talked about the need for tooling to help automate this. We also said that usage may start with companies who then start using SPDX files with their supply chains. That in turn may incent OSS communities to adopt SPDX. There was also some discussion about the issue of SPDX files becoming “out of date” as soon as any change was made to the underlying code or anytime there was a new release. We pointed out that information in the SPDX file could stay the same for many files, assuming that not all files in the distro had changed. Martin & Phillipe Ombredanne may be able to add to this. Kim Kim Weins | Senior Vice President, Marketing kim.weins@... Follow me on Twitter @KimAtOpenLogic 650 279 0410 | cell www.openlogic.com Follow OpenLogic on Twitter @OpenLogic OpenLogic, Inc. Headquarters, Broomfield, Colorado |
|
|
|
|
|
Web for call
Philip Odence
Big power outage in the Black Duck neighborhood so I may not be able to start up the web session. I'll be on my cell phone for the audio part. Please try to log in but don't be surprised if it doesn't work.
|
|
|
|
|
|
Nov 4 SPDX Call Agenda
Philip Odence
Meeting Time: Nov4, 8am PDT / 10 am CDT / 11am EDT / 15:00 UTC. NOTE THAT EUROPE HAS TURNED CLOCKS BACK TO STD TIME, BUT THE US HAS NOT YET, SO THE TIME DIFF FROM US TO EUROPE IS 1 HR LESS THAN NORMAL. http://www.timeanddate.com/worldclock/converter.html Conf call dial-in: Conference code: 7812589502 Toll-free dial-in number (U.S. and Canada): (877) 435-0230 International dial-in number: (253) 336-6732 For those dialing in from other regions, a list of toll free numbers can be found: https://www.intercallonline.com/portlets/scheduling/viewNumbers/viewNumber.do?ownerNumber=6053870&audioType=RP&viewGa=false&ga=OFF Web: Note, we will be using a different URL for each meeting for purposes of taking attendance. When you login PLEASE INCLUDE YOUR FULL NAME IN THIS FORM: Phil Odence, Black Duck Software so I can just copy/paste into minutes. THX. Administrative Agenda
Legal Update - Rockett Action Items Note: Drafting related action items are embedded in the Wiki. http://www.spdx.org/wiki/spdx/specification
Technical Agenda
L. Philip Odence Vice President of Business Development Black Duck Software, inc. 265 Winter Street, Waltham, MA 02451 Phone: 781.810.1819, Mobile: 781.258.9502
|
|
|
|
|
|
SPDX RDF Sub-group Mtg 8 concall / gotomeeting details
Bill Schineller
Today's call dial-in details:
SPDX RDF Sub-group Mtg 8 (TODAY) Tuesday October 26, 11AM eastern time Toll-free dial-in number (U.S. and Canada): (877) 435-0230 International dial-in number: (253) 336-6732 Conference code: 7833942033 URL to join meeting: http://blackducksoftware.na6.acrobat.com/r13794172/ Bill Schineller Knowledge Base Manager Black Duck Software Inc. T: +1.781.810.1829 F: +1.781.891.5145 E: bschineller@... http://www.blackducksoftware.com |
|
|
|
|
|
Proposals wiki page
Peter Williams <peter.williams@...>
I created a page in the wiki to list spec change proposals, <http://www.spdx.org/wiki/proposals>. New proposal should be added to this list when they are created. Once we get an issue tracker up and running, this will probably go away. Until then it should help us keep track of the active proposals.
Can someone with more privileges add it to the link list on <http://www.spdx.org/wiki/spdx/spec-development>. Peter Williams <http://openlogic.com> |
|
|
|
|
|
File origin info proposals
Peter Williams <peter.williams@...>
The proposals for surfacing information regarding the origin a files are
* <http://www.spdx.org/wiki/proposal-2010-10-21-2-file-origin> : Two new properties of File that store the name and URL of the origin project of the file * <http://www.spdx.org/wiki/proposal-2010-10-21-3-artifactof> : A new (repeatable) property storing a description of a project of which this file is an artifact. We need to decide between them. Peter Williams <http://openlogic.com> |
|
|
|
|
|
Kim's slides from OWF
Martin Michlmayr
As requested, I've uploaded Kim's slides from Open World Forum:
http://spdx.org/system/files/kim_weins-spdx.pdf -- Martin Michlmayr Open Source Program Office, Hewlett-Packard |
|
|
|
|
|
License Review Meeting
Kim Weins
9:00 AM - 10:00 AM November 12, 2010 |
|
|
|
|
|
Re: License List spreadsheet v1.1
Tom Incorvia
FYI, I did a compare of Python 3.2 LICENSE to the much earlier 2.0.1 AFTER removing the history information – so the compare started with the statement “TERMS AND CONDITIONS FOR ACCESSING OR OTHERWISE USING PYTHON”.
The licenses are the same other than adding to the list of copyright years and changing the title “CWI PERMISSIONS STATEMENT AND DISCLAIMER” TO “CWI LICENSE AGREEMENT FOR PYTHON 0.9.0 THROUGH 1.2”. I have attached the compare.
I also noticed that the license link for particular versions of the Python software don’t always match. For instance the link http://www.python.org/download/releases/2.4.6/license/ links to a license titled 2.4.4 license. Similarly the URL for 3.0.1 points to a license titled 2.6.1. There are others.
Between versions 2.4.4 and 2.5 “Version 2” is added to the license. But the changes continue to be limited to extensions of the copyright years.
I believe that the discrete licenses are:
- CWI LICENSE AGREEMENT FOR PYTHON 0.9.0 THROUGH 1.2 - CNRI LICENSE AGREEMENT FOR PYTHON 1.6.1 - Python Version 1 (Covers Python after 1.6.1 and prior to 2.5) - Python Version 2 (Covers Python 2.5 and after)
Tom W, what do you think – some of the specificity in versions and release is removed as the licenses get newer. I have not looked for language re self-superseding.
Thanks,
Tom
Tom Incorvia Direct: (512) 340-1336 Mobile: (408) 499 6850
-----Original Message-----
From: Tom "spot" Callaway [mailto:tcallawa@...] Sent: Wednesday, October 20, 2010 2:03 PM To: Tom Incorvia Cc: Jilayne Lovejoy; kate.stewart@...; spdx@... Subject: Re: License List spreadsheet v1.1
On 10/20/2010 02:56 PM, Tom Incorvia wrote: > - The Python license may have versions – I am not certain -- > they take the time to restate the license with each release – however, I > comparisons of some of the “official licenses” and they were the same. > Anyway, we will need to dig into Python a bit in terms of versioning and > relationship to CNRI – I don’t have the bandwidth for this right now, > but hopefully there is someone on the team who is deep into Python licensing
To the best of my understanding, there have been several different Python license versions, but the licenses are self-superseding, in that as new versions arrive, they automatically apply.
~tom
This message has been scanned for viruses by MailController - www.MailController.altohiway.com |
|
|
|
|
|
Reminder: SPDX meeting Oct 21 at 8am PDT/11AM EDT/15:00 UTC
kate.stewart@...
|
|
|
|
|
|
SPDX Oct 21 call
Philip Odence
Last week's meeting was out of the normal every 2 weeks rhythm, and we are now back on normal schedule. The call is Oct 21 at 8am PDT/11AM EDT/15:00 UTC. Once again, I apologize in advance for missing, but I have a Board meeting that's been scheduled since the beginning of the year. Kate will ably host and will provide an agenda at the beginning of the meeting. We will not have a webshare for this one. Dial in:
She will post the minutes from the Oct 14 meeting at: http://www.spdx.org/wiki/spdx-meeting-minutes Thanks for your understanding. Best regards, Phil L. Philip Odence Vice President of Business Development Black Duck Software, inc. 265 Winter Street, Waltham, MA 02451 Phone: 781.810.1819, Mobile: 781.258.9502
|
|
|
|
|
|
Re: License List spreadsheet v1.1
Tom "spot" Callaway
On 10/20/2010 02:56 PM, Tom Incorvia wrote:
- The Python license may have versions – I am not certain --To the best of my understanding, there have been several different Python license versions, but the licenses are self-superseding, in that as new versions arrive, they automatically apply. ~tom |
|
|
|