On Tue, May 2, 2023 at 7:59 AM Justin W. Flory (he/him) <jwf@xxxxxxxxxx> wrote: > > Hi David, > > To the best of my knowledge, "MIT License" matches "MIT:Modern Style with sublicense". Someone else on the list should probably confirm though. > > The reason for the several MIT mappings is that often, projects claim to use the MIT License but then add extra language that is not the standard license text. So, there are various flavors of the MIT License. The unusual flavors are often specific to a smaller project or group of projects. Perhaps it would be better to distinguish the Allowed Licenses list to better communicate which SPDX tag should be used as the "default" MIT license. I also thought the docs were unclear for someone who isn't immersed in licensing. In SPDX, the identifier "MIT" is defined in this XML file: https://github.com/spdx/license-list-XML/blob/main/src/MIT.xml which should be understood in conjunction with the SPDX Matching Guidelines: https://spdx.github.io/spdx-spec/v2.3/license-matching-guidelines-and-templates/ (not sure if there is a later authoritative version of this) As an aside I think SPDX should do more to explain this issue of how the precise definitions of identifiers are the XML files along with the Matching Guidelines. I recently made this comment on an issue: https://github.com/spdx/license-list-XML/issues/1935#issuecomment-1519092889 Anyway, what Fedora used to call (under the Callaway system) "MIT Modern Style with Sublicense" as one common example of what the Callaway name "MIT" covered matches exactly to SPDX "MIT". The SPDX License Diff browser plugin is pretty useful for verifying things like this, though I'm pretty sure even this tool does not fully implement the SPDX matching guidelines or the XML definitions of the various SPDX license identifiers. This "MIT" happens to encompass the most widely used license commonly thought of as "the MIT License", probably due to the earlier influence of the OSI. I guess it would be helpful to point this out in the Fedora legal docs somewhere or on the allowed license list itself. But the fact that "MIT license" usually is something that maps to SPDX "MIT" is not really relevant for a large number of Fedora packages. Richard _______________________________________________ legal mailing list -- legal@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe send an email to legal-leave@xxxxxxxxxxxxxxxxxxxxxxx Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/legal@xxxxxxxxxxxxxxxxxxxxxxx Do not reply to spam, report it: https://pagure.io/fedora-infrastructure/new_issue
