THE SPDX WIKI IS NO LONGER ACTIVE. ALL CONTENT HAS BEEN MOVED TO https://github.com/spdx
Legal Team/Current Projects and Issues
SPDX Legal Team projects for 2014
This page will be updated throughout the year. We will try to not delete items, but mark them as "DONE" to serve as a record of progress over the course of the year.
LAST UPDATED: 17 Jan 2014
Contents
- 1 Licenses Under Review
- 2 License Matching Guidelines - create license templates
- 3 Legal Team recruitment
- 4 License Expression Review & GPL exceptions
- 5 Alignment with other license lists
- 6 Moving SPDX License List to Git repository
- 7 OSI outstanding issues
- 8 License Ref short identifiers
- 9 Recommendations or guidance on how to best determine license for a particular file
Licenses Under Review
This is an on-going task, which is tracked here: http://wiki.spdx.org/view/Legal_Team/License_List/Licenses_Under_Consideration Owner for updating/tracking: Dennis However, this list highlights the immediate or more complex tasks that need to be tackled
Various outstanding issues:
- Ruby License issue - Jilayne sent a detailed email to Sam from the Ruby project (also copying the SPDX Legal List and Bob Gobielle of FOSSology) on Jan 4th, with no response as of yet. See: http://article.gmane.org/gmane.comp.licenses.spdx.legal/796/
- Next step: Legal Team to come up with definitive naming proposal?
- need to resolve immediately and for v1.20 release of License List
- add older Do What the F*ck You Want license - short identifier issue
Fedora List
Owner: Zac Under review via Google doc, here: https://docs.google.com/spreadsheet/ccc?key=0AmVnI0dGKEo1dENVVHFNeG5hQjAyYjQ3bm1VVUdjOFE#gid=1 (if you don't have access, just ask)
- overriding principle: inclined to add Fedora "good" licenses to SPDX License List, unless very compelling reason not to; and create short-name comparison matrix (to track where short identifiers may not align)
- we need to step the pace on this - how?
- could we get through "good" list by first week of Feb?
License Matching Guidelines - create license templates
Owner: Jilayne
- go through licenses to determine which ones need markup as per License Matching Guidelines and provide information to Daniel so he can create actual template file
- discuss any issues or questions to this end on Jan 16 and Feb 6 call as needed
- goal to complete by early February and release full set of templates with v1.20 of SPDX License List
Legal Team recruitment
- how do we get more people involved?
- who to target and how to reach them?
- ask for help from LF or via grassroots effort or both? other ideas?
License Expression Review & GPL exceptions
Owner: Mark Gisi & Tom Vidal
- Review of how SPDX spec deals with expressing various licensing scenarios in totality; e.g. using "and" and "or" for conjunctive and disjunctive license; how short identifiers play into this; revisit "or later" / "only" version issue and license exceptions
- We don't have all or the GPL exceptions - need to add to SPDX-LL. There are also the issue of inconsistencies "in the wild" among named exceptions and actual text (i.e. not all exceptions found called Foo exception have the exact same text; how do we deal with this?)
- Mark Gisi to schedule special call for initial discussion
Alignment with other license lists
Coordinate with various other license lists to make sure SPDX has licenses from these lists and check short name matching (or create "translation" document if different) Here are some other lists we may want to look at once Fedora is completed:
FOSSology
owner: TBD assigned
- coordinate with Bob Gobeille, see http://www.fossology.org/projects/fossology/wiki/MatchSPDXLicenceIDs
Gentoo
owner: TBD assigned
Suse
owner: TBD assigned
- list found here: https://docs.google.com/spreadsheet/pub?key=0AqPp4y2wyQsbdGQ1V3pRRDg5NEpGVWpubzdRZ0tjUWc (courtesy of Ciaran Farrell from 6/27/12 email list thread)
Other "side" projects
Moving SPDX License List to Git repository
- to work on after release of v1.20
- Jilayne to coordinate with Gary
OSI outstanding issues
- zlib/ libpng license clarification
- Jabber Open Source License v1.0 – archived text here (http://archive.jabber.org/core/JOSL.pdf) is not the same as the OSI has on their site (it was OSI approved). What do we do about this? need to resolve with OSI (with goal of having on list b/c it was OSI approved and we endeavored to have all OSI licenses on SPDX list, even if old). license text also can be found at: http://code.google.com/p/jabber-net/wiki/FAQ_License
- various OSI approved (but old or deprecated) licenses don't have corresponding link on OSI site; OSI to update and then SPDX to add link to SPDX-LL - check this??
License Ref short identifiers
better way to identify licenses not on SPDX-LL (spec issue) or to reference other external license list that have greater set of licenses than SPDX-LL
Recommendations or guidance on how to best determine license for a particular file
'how to identify the license for an open source project - ex. Within the file versus whether there's a copying file on top of the directory ? provide guidance/suggstion (industry practice?) that license in the file is more determinate than the license in the directoryShould the legal group aggregate industry best practices and come up with a group of guidelines and provide some influence on that?