On 7/26/23 1:53 PM, Richard Fontana wrote:
Well in my proposal we're really only talking about a handful of license texts that are known to get (typographically) updated only very rarely and in nonsubstantive ways. The idea of having all packages symbolically link to hundreds of SPDX-standardized license texts is much more problematic, though worth thinking about as it may help clarify why we are bothering to include any license files at all. Richard
I think I’m about to say approximately the same thing Richard was saying in the quoted paragraph, but I want to say it differently and more explicitly.
For many common licenses, project-specific details like the name(s) of the copyright holder(s) are substituted into the license text. In some, such as the “MIT family,” a copyright statement is part of the license text and is required to be reproduced with copies. For packages under such licenses, linking to a canonical license file corresponding to the SPDX ID will not be an adequate substitute for shipping the project’s actual license file(s), which will be different in almost every case even though they match the same SPDX “template.”
The licenses in the original proposal, such as the GPL family and Apache-2.0, have in common that they have relatively long texts and that project-specific details generally appear in a separate copyright and license statement, perhaps in source file header comments or a readme, rather than in the same file with the full license text. For both of these reasons, those licenses have the most potential for useful “deduplication.”
_______________________________________________ legal mailing list -- legal@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe send an email to legal-leave@xxxxxxxxxxxxxxxxxxxxxxx Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/legal@xxxxxxxxxxxxxxxxxxxxxxx Do not reply to spam, report it: https://pagure.io/fedora-infrastructure/new_issue