On Mon Sep 19, 2022, Richard Fontana wrote: > On Mon, Sep 19, 2022 at 11:22 AM Maxwell G <gotmax@e.email> wrote: > >> I was also curious how many packages are automatically compliant due >> to >> identifiers that are the same between Callaway and SPDX. This yields a >> much larger number. > > This raises the issue of what "automatically compliant" means. > Nominally, "License: MIT" is both Callaway-compliant and > SPDX-compliant, but of course using "MIT" in the Callaway sense is not > what is expected in the SPDX/post-Callaway era. That's a good point; it's impossible to tell whether "MIT" refers to the Callaway umbrella "MIT" or the more narrow SPDX "MIT." I brought up this issue when the licensing Change Proposal was initially proposed. I recall being told that it didn't make sense to explicitly mark packages that converted to SPDX and that the MIT ambiguity wasn't important for the first phase. > Even in those cases where the Callaway identifier is not concei ved as > an 'umbrella' label, I am not sure it is right to view, say, "License: > Apache-2.0" resulting from a superficial translation of "License: ASL > 2.0" as compliant with post-Callaway standards (or even strict > application of Callaway standards, come to think of it). I think > Jilayne may see this differently though. :) I don't think the post-Callaway guidelines are significantly different in this regard. The effective license analysis only applied to GPL family licensing. Searching for packages that were converted and have e.g. "GPL-3.0-or-later" isn't foolproof either; you still can't tell whether the maintainer did a full re-audit to find secondary licenses. Whether or not the multi-licensing is always handled properly (it's not) is orthogonal. My goal wasn't to determine whether every package in this count is fully compliant. I just wanted to see which packages at least use the new license identifiers. That's about as far as you can get with the curren t implementation. For the packages I maintain with "License: MIT" or "License: Unlicense," I'm not going to add a "Adopt new licensing guidelines" changelog entry/commit if there's nothing that changed. -- Best, Maxwell G (@gotmax23) Pronouns: He/Him/His _______________________________________________ legal mailing list -- legal@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe send an email to legal-leave@xxxxxxxxxxxxxxxxxxxxxxx Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/legal@xxxxxxxxxxxxxxxxxxxxxxx Do not reply to spam, report it: https://pagure.io/fedora-infrastructure/new_issue
