Date
1 - 1 of 1
License Identifiers - FOSSology & SPDX
Roger Meier <roger@...>
Hi all
I'm interested in using FOSSology and the SPDX standard for future projects.
It would be great to have at least one well supported open source software
solution like FOSSology which is using the SPDX standard. This will help all
of us to be license compliant and economic whenever we use open source
software.
However, SPDX is still in definition phase and it probably does not fit
perfectly to FOSSology.
The license meta data is a very important thing required to automate license
analysis and that's the place where I've identified a mismatch, the license
short name or license identifier.
FOSSology has some very nice metadata for each license, e.g.
Date: 2004-01-01 00:00:00
URL: http://www.apache.org/licenses/LICENSE-2.0.txt
shortname: ASL v2.0
fullname: Apache Software License v2.0
OSIapproved: Yes
FSFfree: Yes
GPLv2compatible: No
GPLv3compatible: Yes
copyleft: No
notes: ....
for further details see
http://fossology.svn.sourceforge.net/viewvc/fossology/trunk/fossology/agents
/license_files/Apachev2.0.meta?revision=HEAD&view=markup
SPDX is using its own license identifier:
Full name of License: Apache License 2.0
License Identifier: Apache-2
Source/URL: http://www.apache.org/licenses/LICENSE-2.0
Notes: This version was released: January 2004, This license is OSI
certified
for further details see
http://www.spdx.org/wiki/working-version-license-list
Are there any plans to align these identifiers?
Does somebody know some other standards used for license meta data?
-roger
I'm interested in using FOSSology and the SPDX standard for future projects.
It would be great to have at least one well supported open source software
solution like FOSSology which is using the SPDX standard. This will help all
of us to be license compliant and economic whenever we use open source
software.
However, SPDX is still in definition phase and it probably does not fit
perfectly to FOSSology.
The license meta data is a very important thing required to automate license
analysis and that's the place where I've identified a mismatch, the license
short name or license identifier.
FOSSology has some very nice metadata for each license, e.g.
Date: 2004-01-01 00:00:00
URL: http://www.apache.org/licenses/LICENSE-2.0.txt
shortname: ASL v2.0
fullname: Apache Software License v2.0
OSIapproved: Yes
FSFfree: Yes
GPLv2compatible: No
GPLv3compatible: Yes
copyleft: No
notes: ....
for further details see
http://fossology.svn.sourceforge.net/viewvc/fossology/trunk/fossology/agents
/license_files/Apachev2.0.meta?revision=HEAD&view=markup
SPDX is using its own license identifier:
Full name of License: Apache License 2.0
License Identifier: Apache-2
Source/URL: http://www.apache.org/licenses/LICENSE-2.0
Notes: This version was released: January 2004, This license is OSI
certified
for further details see
http://www.spdx.org/wiki/working-version-license-list
Are there any plans to align these identifiers?
Does somebody know some other standards used for license meta data?
-roger