THE SPDX WIKI IS NO LONGER ACTIVE. ALL CONTENT HAS BEEN MOVED TO https://github.com/spdx
Difference between revisions of "Legal Team/Minutes/2017-09-28"
(Created page with "== Attendees == * Bradlee Edmondson * Gary O’Neall * Alexios Zavras * Steve Winslow * Karen Copenhaver * Dennis Clark * Matija * Trevor * Richard Fontana * Mike Dolan * Paul...") |
(→Agenda) |
||
(3 intermediate revisions by the same user not shown) | |||
Line 23: | Line 23: | ||
* we discussed our last proposal (which was summarized here: https://wiki.spdx.org/view/Legal_Team/only-operator-proposal) with Richard Stallman and John Sullivan as to concerns the FSF, as steward of the GNU licenses. As a result, we came up with the following modified proposal: | * we discussed our last proposal (which was summarized here: https://wiki.spdx.org/view/Legal_Team/only-operator-proposal) with Richard Stallman and John Sullivan as to concerns the FSF, as steward of the GNU licenses. As a result, we came up with the following modified proposal: | ||
− | Proposal: | + | '''Proposal:''' |
SPDX will incorporate modifiers (as described below) to be used with license identifiers (and expressions). The guidance from SPDX as to the use of the modifiers will be as follows: | SPDX will incorporate modifiers (as described below) to be used with license identifiers (and expressions). The guidance from SPDX as to the use of the modifiers will be as follows: | ||
− | + | # The modifiers can be used with any license identifier and we encourage people to use them where doing so provides clarity as needed. | |
− | + | # Specifically, with the GNU family of licenses, you MUST use one of the modifiers; use of the plain license identifier (e.g., “GPL-2.0”) will be considered an invalid license expression going forward. | |
− | + | GNU family of licenses = all versions of GPL, LGPL, AGPL, FDL (SPDX will list all license identifiers to be clear) | |
Modifiers: | Modifiers: | ||
Line 36: | Line 36: | ||
* ? = “unclear version” - this will be a new modifier to indicate there is a lack of clarity as to the license version regarding if any version, or later, or only applies, e.g., I found the text of GPLv2, but I’m not sure if it’s “only “ or “or later” because there is no other information. Need further input on the exact word to use here, i.e, “unclear” “maybe” “ambiguous" | * ? = “unclear version” - this will be a new modifier to indicate there is a lack of clarity as to the license version regarding if any version, or later, or only applies, e.g., I found the text of GPLv2, but I’m not sure if it’s “only “ or “or later” because there is no other information. Need further input on the exact word to use here, i.e, “unclear” “maybe” “ambiguous" | ||
− | Discussion on call: | + | '''Discussion on call:''' |
* discussion about required use of operator for GNU licenses and how to implement "invalidity": | * discussion about required use of operator for GNU licenses and how to implement "invalidity": | ||
** Philippe: ok to have a warning when bare identifier is ok, but an error is a problem b/c that has been practice now for years | ** Philippe: ok to have a warning when bare identifier is ok, but an error is a problem b/c that has been practice now for years | ||
Line 54: | Line 54: | ||
* Alexios: if don’t have + or only, then it’s unqualified and unclear | * Alexios: if don’t have + or only, then it’s unqualified and unclear | ||
* Mark: on first round, we took real world examples - we should have very clear source code examples; Mark to send out examples from when we did operators to begin with | * Mark: on first round, we took real world examples - we should have very clear source code examples; Mark to send out examples from when we did operators to begin with | ||
− | * Bradley: might not always use it in context of SPDX, might want to have that ambiguity | + | * Bradley: might not always use it in context of SPDX, might want to have that ambiguity; he had assumed there were clear conclusions |
− | he had assumed there were clear conclusions | + | |
* Matija: what if someone writes code and says, “this is under GPL”. someone else forks it and copies into difference project with GPLv2 | * Matija: what if someone writes code and says, “this is under GPL”. someone else forks it and copies into difference project with GPLv2 | ||
* Paul: what if we put all three on license list, would that fix the issue? (asks FSF) | * Paul: what if we put all three on license list, would that fix the issue? (asks FSF) |
Latest revision as of 19:54, 12 October 2017
Attendees
- Bradlee Edmondson
- Gary O’Neall
- Alexios Zavras
- Steve Winslow
- Karen Copenhaver
- Dennis Clark
- Matija
- Trevor
- Richard Fontana
- Mike Dolan
- Paul Madick
- Bradley Kuhn
- John Sullivan
- Philippe Ombredanne
- Mark Gisi
- Alan Tse
NOTE: had to use alternative dial-in due to number limit on the regular one
Agenda
1) only / or later clarification and proposal:
- we discussed our last proposal (which was summarized here: https://wiki.spdx.org/view/Legal_Team/only-operator-proposal) with Richard Stallman and John Sullivan as to concerns the FSF, as steward of the GNU licenses. As a result, we came up with the following modified proposal:
Proposal:
SPDX will incorporate modifiers (as described below) to be used with license identifiers (and expressions). The guidance from SPDX as to the use of the modifiers will be as follows:
- The modifiers can be used with any license identifier and we encourage people to use them where doing so provides clarity as needed.
- Specifically, with the GNU family of licenses, you MUST use one of the modifiers; use of the plain license identifier (e.g., “GPL-2.0”) will be considered an invalid license expression going forward.
GNU family of licenses = all versions of GPL, LGPL, AGPL, FDL (SPDX will list all license identifiers to be clear)
Modifiers: There are two sets listed: one that involves a single character (to be consistent with existing +) and one that is more human-readable:
- + = "or later” - same meaning as now
- # = "only" - this will be a new modifier to indicate ‘this version only’. Need further input as to one character configuration, if needed
- ? = “unclear version” - this will be a new modifier to indicate there is a lack of clarity as to the license version regarding if any version, or later, or only applies, e.g., I found the text of GPLv2, but I’m not sure if it’s “only “ or “or later” because there is no other information. Need further input on the exact word to use here, i.e, “unclear” “maybe” “ambiguous"
Discussion on call:
- discussion about required use of operator for GNU licenses and how to implement "invalidity":
- Philippe: ok to have a warning when bare identifier is ok, but an error is a problem b/c that has been practice now for years
don’t want to gate on trying to make everything right now, license identifier has already been used for many years; when doing validation of license expression - and have just GPL-2.0, this should not be a validation error, but a warning so it doesn’t stop of flow of process
- Kate: could do transition for a year and then make it an error. also have factor of license list version - so can say for this point forward
- Philippe: not everyone may be tracking which version of license list they are using
- Trevor: could just make it a warning, don’t have to decide when to have it an error, but can do in future
- John: would want to see timeline for this transition
- Mark wants to version the list and be able to continue to use 2.0 version until can use new version as he sees fit
- Gary: issue with using # in tag value. Trevor: might be easier to use words. Bradley agreed.
- Dennis: under what circumstance would I declare / use GPL-2.0?
- Kate: commented on wide range of how people declare GPL applies as she’s seen in kernel
- Mark: why not be no assertion
- J: should GPL-2.0? be used in “concluded field” ever?
- Kate: we have concluded and detected - should we say that ? can only be used in detected fields?
- Alexios: if don’t have + or only, then it’s unqualified and unclear
- Mark: on first round, we took real world examples - we should have very clear source code examples; Mark to send out examples from when we did operators to begin with
- Bradley: might not always use it in context of SPDX, might want to have that ambiguity; he had assumed there were clear conclusions
- Matija: what if someone writes code and says, “this is under GPL”. someone else forks it and copies into difference project with GPLv2
- Paul: what if we put all three on license list, would that fix the issue? (asks FSF)
- John: idea of ? is to satisfy what others have raised not what FSF has raised
- Bradley: his concern, this seems clean, but problem is that 2.0 did mean only, so ...
- Mark: 2.0 means - what the text say