THE SPDX WIKI IS NO LONGER ACTIVE. ALL CONTENT HAS BEEN MOVED TO https://github.com/spdx

Difference between revisions of "Legal Team/License List/Licenses Under Consideration"

From SPDX Wiki
Jump to: navigation, search
 
(35 intermediate revisions by one other user not shown)
Line 1: Line 1:
This table is used to track license list requests and is maintained by the Legal team.
+
The SPDX Legal team tracks new '''License List Requests''' at:  https://docs.google.com/a/nexb.com/spreadsheets/d/11AKxLBoN_VXM32OmDTk2hKeYExKzsnPjAVM7rLstQ8s/edit?pli=1#gid=695212681  <br />
 +
Refer to the "Licenses Readme" worksheet in the document for an explanation of each of the columns in the list.
  
We started tracking license requests in this table after release 1.18 of the License List. Entries submitted prior to that had their Date Submitted arbitrarily set to January 1, 2013.
+
The Legal team also tracks '''License Exceptions List Requests''' in the document at:  https://docs.google.com/a/nexb.com/spreadsheets/d/11AKxLBoN_VXM32OmDTk2hKeYExKzsnPjAVM7rLstQ8s/edit?pli=1#gid=0  <br />
 +
Refer to the "Exceptions Readme" worksheet in the document for an explanation of each of the columns in the list.
 +
 
 +
Older license requests from release 1.20 or earlier are identified in the table below. Entries submitted prior to release 1.18 had their Date Submitted arbitrarily set to January 1, 2013.
  
 
{|  cellspacing=0 align=left valign=top cellpadding=5px  style="background: lightyellow; border: 0px solid gray;"
 
{|  cellspacing=0 align=left valign=top cellpadding=5px  style="background: lightyellow; border: 0px solid gray;"
Line 14: Line 18:
 
|-
 
|-
 
| valign=top |'''On Hold'''  || This means that more research is needed or there are other extenuating factors that have prevented a decision on the addition of the license to be made.  See the Notes for more information.
 
| valign=top |'''On Hold'''  || This means that more research is needed or there are other extenuating factors that have prevented a decision on the addition of the license to be made.  See the Notes for more information.
 +
  
 
|}
 
|}
 +
  
  
 
{| class="wikitable sortable" border="1"
 
{| class="wikitable sortable" border="1"
 
|+  
 
|+  
== Licenses Under Consideration ==
+
== Licenses Accepted in v1.20 ==
  
! align="left" width=12% | License Full Name
+
! align="left" width=14% | License Full Name
! align="left" width=10% | Short Identifier
+
! align="left" width=8% | Short Identifier
 +
! align="left" width=8% | Template Needed
 
! width=8% |Status
 
! width=8% |Status
 
! width=8% | Date Submitted
 
! width=8% | Date Submitted
 
! class="unsortable" | Notes
 
! class="unsortable" | Notes
 
|-
 
|-
| Caldera License (Caldera)
+
| Caldera License  
 
| Caldera
 
| Caldera
 +
| No
 
|  <span style="display: none;">3</span> Accepted in v1.20  
 
|  <span style="display: none;">3</span> Accepted in v1.20  
 
|2014-04-01
 
|2014-04-01
Line 42: Line 50:
 
| Bzip2 License
 
| Bzip2 License
 
| Bzip2
 
| Bzip2
 +
| No
 
|  <span style="display: none;">3</span> Accepted in v1.20
 
|  <span style="display: none;">3</span> Accepted in v1.20
 
|2014-02-10
 
|2014-02-10
Line 47: Line 56:
 
Submitted by Oliver Fendt of Siemens AG. "bzip2 is a popular package and often used, thus an entry in the spdx license list would make life easier."
 
Submitted by Oliver Fendt of Siemens AG. "bzip2 is a popular package and often used, thus an entry in the spdx license list would make life easier."
 
|-
 
|-
| Zend Engine v2.0
+
| Creative Commons 4.0 License Family
| Zend-2.0
+
(see details below)
| <span style="display: none;">3</span> On Hold
+
| 2013-01-01
+
| different license for Zend Engine and Zend Framework and variations as such. more research needed. see research done thus far in attachment below
+
|-
+
| "old" MIT
+
 
|
 
|
| <span style="display: none;">3</span> On Hold
+
| <span style="display: none;">3</span> Accepted in v1.20
|2013-01-01
+
| 2013-11-27
| See http://blog.gmane.org/gmane.comp.licenses.spdx.legal/day=20121201
+
| Six new licenses, detailed below. See email from Oliver Fendt.
 +
See discussion here: http://creativecommons.org/weblog/entry/40768 
 +
and access the six variants here: http://creativecommons.org/licenses/  
 
|-
 
|-
| US Gov't works
+
| Creative Commons Attribution 4.0 International Public License
|
+
| CC-BY-4.0
| <span style="display: none;">3</span> On Hold
+
| No
| 2013-01-01
+
| <span style="display: none;">3</span> Accepted in v1.20
| add short identifier to list; see email from David Wheeler
+
| 2014-07-09
 +
| http://creativecommons.org/licenses/by/4.0/
 +
 
|-
 
|-
| GPL-2.0 identifier
+
| Creative Commons Attribution-NoDerivatives 4.0 International Public License
|
+
| CC-BY-ND-4.0
| <span style="display: none;">3</span> On Hold
+
| No
| 2013-01-01
+
| <span style="display: none;">3</span> Accepted in v1.20
| issue of potential confusion with short identifier "GPL-2.0" meaning GPLv2 only; whereas GPLv2 or later, uses short identifier "GPL-2.0+" should short identifier be changed to "GPL-2.0-only" for symmetry and clarity?
+
| 2014-07-09
# what would the ramifications of changing a short identifier be? had said we wouldn't not change short identifiers
+
| http://creativecommons.org/licenses/by-nd/4.0/
# alternatively, could add in Notes field for all GNU licenses that short identifier "GPL-2.0" = GPL v2 only for clarification (but will this be "obvious" enough?
+
 
|-
 
|-
| Unicode
+
| Creative Commons Attribution-NonCommercial 4.0 International Public License
|  
+
| CC-BY-NC-4.0
| <span style="display: none;">3</span> On Hold
+
| No
| 2013-01-01
+
| <span style="display: none;">3</span> Accepted in v1.20
| to add? (from FSF list) - Unicode LIcense Agreement for Data Files and Software – are there other versions or other Unicode licenses? It does not appear so, based on the info on this page: http://www.unicode.org/copyright.html ... → realized that Fedora has a different Unicode license(for Character Database, Fedora uses short identifier: UCD, found here: https://fedoraproject.org/wiki/Licensing:UCD?rd=Licensing/UCD ) than the Unicode license above from the FSF list. '''more research needed''' to see if there are others, so can appropriately name, etc.
+
| 2014-07-09
 +
| http://creativecommons.org/licenses/by-nc/4.0/
 +
 +
|-
 +
| Creative Commons Attribution-NonCommercial-NoDerivatives 4.0 International Public License
 +
| CC-BY-NC-ND-4.0
 +
| No
 +
| <span style="display: none;">3</span> Accepted in v1.20
 +
| 2014-07-09
 +
| http://creativecommons.org/licenses/by-nc-nd/4.0/
 +
 +
|-
 +
| Creative Commons Attribution-NonCommercial-ShareAlike 4.0 International Public License
 +
| CC-BY-NC-SA-4.0
 +
| No
 +
| <span style="display: none;">3</span> Accepted in v1.20
 +
| 2014-07-09
 +
| http://creativecommons.org/licenses/by-nc-sa/4.0/
 +
 +
|-
 +
| Creative Commons Attribution-ShareAlike 4.0 International Public License
 +
| CC-BY-SA-4.0
 +
| No
 +
| <span style="display: none;">3</span> Accepted in v1.20
 +
| 2014-07-09
 +
| http://creativecommons.org/licenses/by-sa/4.0/
 +
 
|-
 
|-
 
| Fedora Good List Licenses  
 
| Fedora Good List Licenses  
 
| (see list)  
 
| (see list)  
| <span style="display: none;">3</span> Under Review
+
| (see list)
 +
| <span style="display: none;">3</span> Accepted in v1.20
 
| 2013-08-01
 
| 2013-08-01
 
| Project to reconcile the "Fedora Good List" at https://fedoraproject.org/wiki/Licensing:Main?rd=Licensing   
 
| Project to reconcile the "Fedora Good List" at https://fedoraproject.org/wiki/Licensing:Main?rd=Licensing   
Line 88: Line 123:
 
|-
 
|-
 
| Ruby License
 
| Ruby License
|
+
| Ruby
| <span style="display: none;">3</span> Removed as of v1.19
+
| No
 +
| <span style="display: none;">3</span> Accepted in v1.20
 
| 2013-09-12
 
| 2013-09-12
 
| see discussion here: http://wiki.spdx.org/view/Legal_Team/Minutes/2013-09-12
 
| see discussion here: http://wiki.spdx.org/view/Legal_Team/Minutes/2013-09-12
 
working with Ruby project to come up with accurate way to identify different license variations  
 
working with Ruby project to come up with accurate way to identify different license variations  
 +
 +
The substantive part of the license text at https://www.ruby-lang.org/en/about/license.txt  will be added/updated in v1.20 of the SPDX License List.
 +
 
|-
 
|-
| Creative Commons 4.0 License Family
+
| Zend Engine License 2.00
|  
+
| Zend-2.00
| <span style="display: none;">3</span> Under Review
+
| No
| 2013-11-27
+
| <span style="display: none;">3</span> Accepted in v1.20
| Six new licenses. See email from Oliver Fendt.  
+
| 2013-01-01
See discussion here: http://creativecommons.org/weblog/entry/40768 
+
| different license for Zend Engine and Zend Framework and variations as such. more research needed. see research done thus far in attachment below
and access the six variants here: http://creativecommons.org/licenses/  
+
 
 +
Zend software is now under the BSD license. See http://framework.zend.com/license 
 +
The older license text is available via wayback:  https://web.archive.org/web/20130517195954/http://www.zend.com/license/2_00.txt
 +
 
 
|-
 
|-
| Do What The F*ck You Want To Public License
+
| Unicode Terms of Use
|  
+
| Unicode-TOU
| <span style="display: none;">3</span> Under Review
+
| No
| 2013-12-27
+
<span style="display: none;">3</span> Accepted in v1.20
| we have version 2.0 on the list, but do not have previous versions. Also question about whether version number should be added to short identifier (i.e., WTFPL-2.0 instead of WTFPL currently)
+
| 2013-01-01
 +
| to add? (from FSF list) - Unicode LIcense Agreement for Data Files and Software – are there other versions or other Unicode licenses? It does not appear so, based on the info on this page: http://www.unicode.org/copyright.html ... → realized that Fedora has a different Unicode license(for Character Database, Fedora uses short identifier: UCD, found here: https://fedoraproject.org/wiki/Licensing:UCD?rd=Licensing/UCD ) than the Unicode license above from the FSF list. '''more research needed''' to see if there are others, so can appropriately name, etc.
 +
 
 +
License on this page will be added: http://www.unicode.org/copyright.html
 +
 
 
|}
 
|}
  
Line 119: Line 165:
 
! width=8% | Date Submitted
 
! width=8% | Date Submitted
 
! class="unsortable" | Notes
 
! class="unsortable" | Notes
 +
 +
|-
 +
| GPL-2.0 identifier
 +
| <span style="display: none;">3</span> Not Accepted
 +
| 2013-01-01
 +
| issue of potential confusion with short identifier "GPL-2.0" meaning GPLv2 only; whereas GPLv2 or later, uses short identifier "GPL-2.0+" should short identifier be changed to "GPL-2.0-only" for symmetry and clarity?
 +
# what would the ramifications of changing a short identifier be? had said we wouldn't not change short identifiers
 +
# alternatively, could add in Notes field for all GNU licenses that short identifier "GPL-2.0" = GPL v2 only for clarification (but will this be "obvious" enough?
 +
 +
The "or later" concept is addressed with the SPDX License Exceptions List in v2.0
 +
 
|-
 
|-
 
| MX4J License
 
| MX4J License
Line 177: Line 234:
 
Discussed on 6/6 legal call: http://wiki.spdx.org/view/Legal_Team/Minutes/2013-06-06
 
Discussed on 6/6 legal call: http://wiki.spdx.org/view/Legal_Team/Minutes/2013-06-06
 
--> conferred with OSI and decided to add Artistic-1.0-cl8 and Artistic-1.0-Perl to reflect all contingencies here
 
--> conferred with OSI and decided to add Artistic-1.0-cl8 and Artistic-1.0-Perl to reflect all contingencies here
 +
 +
|-
 +
| Do What The F*ck You Want To Public License
 +
| <span style="display: none;">3</span> Not Accepted
 +
| 2013-12-27
 +
| we have version 2.0 on the list, but do not have previous versions.  Also question about whether version number should be added to short identifier (i.e., WTFPL-2.0 instead of WTFPL currently)
 +
Insufficient usage.
  
 
|-
 
|-

Latest revision as of 17:11, 16 September 2017

The SPDX Legal team tracks new License List Requests at: https://docs.google.com/a/nexb.com/spreadsheets/d/11AKxLBoN_VXM32OmDTk2hKeYExKzsnPjAVM7rLstQ8s/edit?pli=1#gid=695212681
Refer to the "Licenses Readme" worksheet in the document for an explanation of each of the columns in the list.

The Legal team also tracks License Exceptions List Requests in the document at: https://docs.google.com/a/nexb.com/spreadsheets/d/11AKxLBoN_VXM32OmDTk2hKeYExKzsnPjAVM7rLstQ8s/edit?pli=1#gid=0
Refer to the "Exceptions Readme" worksheet in the document for an explanation of each of the columns in the list.

Older license requests from release 1.20 or earlier are identified in the table below. Entries submitted prior to release 1.18 had their Date Submitted arbitrarily set to January 1, 2013.

Status Name Explanation
Accepted in v__ The license was added to indicated version of the SPDX License List. The SPDX License List version indicated may be yet to be released in the case where a license is accepted in between SPDX License List releases.
Under Review A license addition has been requested and is currently under review.
Not Accepted The license was reviewed by the Legal Team and it was decided to not add the license to the SPDX License List at this time.
On Hold This means that more research is needed or there are other extenuating factors that have prevented a decision on the addition of the license to be made. See the Notes for more information.



Licenses Accepted in v1.20

License Full Name Short Identifier Template Needed Status Date Submitted Notes
Caldera License Caldera No 3 Accepted in v1.20 2014-04-01 See http://www.lemis.com/grog/UNIX/

Submitted by Maciej Wereski. "This license is used in some older software (e.g. The Traditional Vi)."

Per Tom Incorvia: "Due primarily to the licensing information stated prior to the slightly modified BSD-4-Clause, I would recommend that this be reviewed by SPDX as a license distinct from the BSD-4-Clause. The platform limitations, in particular, appear to make this a distinct license."

Because of significant differences in license terms, it was decided to call this license the Caldera License (Caldera) rather than BSD 4-clause Caldera License (BSD-4-Clause-Caldera), even though the text is generally structured in a manner similar to the BSD-4-Clause.

Bzip2 License Bzip2 No 3 Accepted in v1.20 2014-02-10 See http://bzip.org/1.0.5/bzip2-manual-1.0.5.html

Submitted by Oliver Fendt of Siemens AG. "bzip2 is a popular package and often used, thus an entry in the spdx license list would make life easier."

Creative Commons 4.0 License Family (see details below) 3 Accepted in v1.20 2013-11-27 Six new licenses, detailed below. See email from Oliver Fendt.

See discussion here: http://creativecommons.org/weblog/entry/40768 and access the six variants here: http://creativecommons.org/licenses/

Creative Commons Attribution 4.0 International Public License CC-BY-4.0 No 3 Accepted in v1.20 2014-07-09 http://creativecommons.org/licenses/by/4.0/
Creative Commons Attribution-NoDerivatives 4.0 International Public License CC-BY-ND-4.0 No 3 Accepted in v1.20 2014-07-09 http://creativecommons.org/licenses/by-nd/4.0/
Creative Commons Attribution-NonCommercial 4.0 International Public License CC-BY-NC-4.0 No 3 Accepted in v1.20 2014-07-09 http://creativecommons.org/licenses/by-nc/4.0/
Creative Commons Attribution-NonCommercial-NoDerivatives 4.0 International Public License CC-BY-NC-ND-4.0 No 3 Accepted in v1.20 2014-07-09 http://creativecommons.org/licenses/by-nc-nd/4.0/
Creative Commons Attribution-NonCommercial-ShareAlike 4.0 International Public License CC-BY-NC-SA-4.0 No 3 Accepted in v1.20 2014-07-09 http://creativecommons.org/licenses/by-nc-sa/4.0/
Creative Commons Attribution-ShareAlike 4.0 International Public License CC-BY-SA-4.0 No 3 Accepted in v1.20 2014-07-09 http://creativecommons.org/licenses/by-sa/4.0/
Fedora Good List Licenses (see list) (see list) 3 Accepted in v1.20 2013-08-01 Project to reconcile the "Fedora Good List" at https://fedoraproject.org/wiki/Licensing:Main?rd=Licensing

with the SPDX License List. Review status details are available at https://docs.google.com/a/nexb.com/spreadsheet/ccc?key=0AmVnI0dGKEo1dENVVHFNeG5hQjAyYjQ3bm1VVUdjOFE#gid=1

Ruby License Ruby No 3 Accepted in v1.20 2013-09-12 see discussion here: http://wiki.spdx.org/view/Legal_Team/Minutes/2013-09-12

working with Ruby project to come up with accurate way to identify different license variations

The substantive part of the license text at https://www.ruby-lang.org/en/about/license.txt will be added/updated in v1.20 of the SPDX License List.

Zend Engine License 2.00 Zend-2.00 No 3 Accepted in v1.20 2013-01-01 different license for Zend Engine and Zend Framework and variations as such. more research needed. see research done thus far in attachment below

Zend software is now under the BSD license. See http://framework.zend.com/license The older license text is available via wayback: https://web.archive.org/web/20130517195954/http://www.zend.com/license/2_00.txt

Unicode Terms of Use Unicode-TOU No 3 Accepted in v1.20 2013-01-01 to add? (from FSF list) - Unicode LIcense Agreement for Data Files and Software – are there other versions or other Unicode licenses? It does not appear so, based on the info on this page: http://www.unicode.org/copyright.html ... → realized that Fedora has a different Unicode license(for Character Database, Fedora uses short identifier: UCD, found here: https://fedoraproject.org/wiki/Licensing:UCD?rd=Licensing/UCD ) than the Unicode license above from the FSF list. more research needed to see if there are others, so can appropriately name, etc.

License on this page will be added: http://www.unicode.org/copyright.html


Processed License Requests

License Status Date Submitted Notes
GPL-2.0 identifier 3 Not Accepted 2013-01-01 issue of potential confusion with short identifier "GPL-2.0" meaning GPLv2 only; whereas GPLv2 or later, uses short identifier "GPL-2.0+" should short identifier be changed to "GPL-2.0-only" for symmetry and clarity?
  1. what would the ramifications of changing a short identifier be? had said we wouldn't not change short identifiers
  2. alternatively, could add in Notes field for all GNU licenses that short identifier "GPL-2.0" = GPL v2 only for clarification (but will this be "obvious" enough?

The "or later" concept is addressed with the SPDX License Exceptions List in v2.0

MX4J License 3 Not Accepted 2014-04-04 See http://mx4j.sourceforge.net/docs/ch01s06.html

Submitted by vanek909@gmail.com via bugzilla. "The MX4J license is a license that is identified by multiple license scanning tools (including Ninka and FOSSology), but it is not included in the SPDX 1.2 Standard License List. Consider including this license in the 2.0 spec?"

Per Dennis Clark: "Opinion: A quick glance at the MX4J license text indicates that it is really Apache 1.1, even though the authors have given it the specific name of The MX4J License, Version 1.0. Rather than perpetuate the redundant license name, it might be better for scanning tools to recognize this as Apache 1.1." This request will be reviewed by the SPDX Legal Working Group.

It was determined that the MX4J text is the same as the Apache 1.1, which allows for variations in Year, Owner and Contact, so it is already covered by that license and there is no need to add this one.

Microsoft patterns & practices License (MSPPL) 3 Not Accepted 2014-03-05 See http://msdn.microsoft.com/en-us/library/gg405489(v=pandp.40).aspx

Submitted by Oliver Fendt. "This license is used quite frequently in the context of the programming language C#"

The major concern regarding this license text is the lack of a specific Version designation for this text by Microsoft, which could change the text at any time without providing a new unique identifier. This is a common situation with many free proprietary licenses that are specific to a vendor and contain various restrictions that tie the license to that vendor only. It would be better to capture the specific applicable text using the SPDX License Ref option when specifying that this license applies to a software package being used.

Eclipse Distribution License - v 1.0 3 Not Accepted 2014-03-03 See http://www.eclipse.org/org/documents/edl-v10.php

Submitted by Mike Milinkovich of the Eclipse Foundation. "The EDL-1.0 is used by Eclipse projects with the approval of the Eclipse Board of Directors." The license is used in multiple Eclipse projects.

However, the license text is the same as the SPDX BSD-3-Clause, which allows for variations in Year and Owner, so it is already covered by that license and there is no need to add this one.

IBM PowerPC Initialization and Boot Software (IBM-pibs) 2 Accepted in v1.19 2013-7-30 http://git.denx.de/?p=u-boot.git;a=blob;f=arch/powerpc/cpu/ppc4xx/4xx_pci.c

A disjunctive license offering a choice of GPL 2.0 or an IBM open source license. Also see: http://thread.gmane.org/gmane.comp.boot-loaders.u-boot/166449

Sun Industry Standards Source License 1.2 (SISSL-1.2) 2 Accepted in v1.19 2013-7-18 http://gridscheduler.sourceforge.net/Gridengine_SISSL_license.html

" It also seems that there is a 1.2 version of this license (http://gridscheduler.sourceforge.net/Gridengine_SISSL_license.html )." from Camille Moulin camille.moulin@alterway.fr via lists.spdx.org, in the context of a discussion about whether the ID for SISSL (which has no version suffix) should be changed. Also see: http://spdx.org/licenses/SISSL and http://www.openoffice.org/licenses/sissl_license.html

Artistic License (Perl) 1.0 2 Accepted in v1.19 2013-6-03 http://thread.gmane.org/gmane.comp.licenses.spdx.legal/557

Even though, the ‘Artistic License – 1.0’ and ‘Artistic License – 2.0’ are included in the SPDX License List, I feel a need to also include the ‘‘Artistic License (Perl) – 1.0’. The ‘Artistic License (Perl) - 1.0’ contains an extra clause and is used in a wide range of PERL based programs. Discussed on 6/6 legal call: http://wiki.spdx.org/view/Legal_Team/Minutes/2013-06-06 --> conferred with OSI and decided to add Artistic-1.0-cl8 and Artistic-1.0-Perl to reflect all contingencies here

Do What The F*ck You Want To Public License 3 Not Accepted 2013-12-27 we have version 2.0 on the list, but do not have previous versions. Also question about whether version number should be added to short identifier (i.e., WTFPL-2.0 instead of WTFPL currently)

Insufficient usage.

Unlicense 3 Accepted in v1.19 2013-01-01 see thread here: http://search.gmane.org/?query=unlicenseamp group=gmane.comp.licenses.spdx.legal
FLORA 4 Not Accepted 2013-01-01 decided not to add at this point in time, pending completion of license inclusion guidelines. see http://blog.gmane.org/gmane.comp.licenses.spdx.legal/month=20121101 for most recent thread on the topic and meeting minutes where discussed at: Legal_Team/Minutes/2012-10-31