On Mon, Nov 20, 2023 at 6:26 AM Mark Wielaard <mjw@xxxxxxxxxxxxxxxxx> wrote: > > Hi Richard, > > On Fri, 2023-11-17 at 13:52 -0500, Richard Fontana wrote: > > This seems indeed to match bzip2-1.06 -- Jilayne, I assume the full > > text of what is wrapped in the <copyrightText> tag could be ignored > > for purposes of matching? i.e. > > https://github.com/spdx/license-list-XML/blob/main/src/bzip2-1.0.6.xml#L10-L13 > > > > The SPDX Matching Guidelines say: "To avoid a license mismatch merely > > because the copyright notice (usually found above the actual license > > or exception text) is different. The copyright notice is important > > information to be recorded elsewhere in the SPDX document, but for the > > purposes of matching a license to the SPDX License List, it should be > > ignored because it is not part of the substantive license text." > > > > but this does not define what a "copyright notice" is. If we don't > > hear from Jilayne, I'd go ahead with assuming that this is a perfect > > match. :) > > OK, but can we use a more appropriate tag. bzip2-1.0.6 seems a little > odd (it is a version of bzip2 with a CVE[*] from a couple of years > back). Maybe just call it 'bzip2' or 'Hybrid-BSD' as Fedora used to > call it (although it seems to still use the plain 'BSD' tag for it) > since it seems to be a generic license used by different projects: > https://fedoraproject.org/wiki/Licensing:BSD#Hybrid_BSD_(half_BSD,_half_zlib) We're trying to standardize on using SPDX License List (https://spdx.org/licenses/) license identifiers as much as possible. I think we'd only deviate from that where use of the SPDX identifier would be highly misleading or confusing. There's sort of an example of this: https://gitlab.com/fedora/legal/fedora-license-data/-/blob/main/data/LicenseRef-Bacula.toml?ref_type=heads but that's where there would otherwise be a composite SPDX expression. You could propose this change to the SPDX legal team by submitting an issue at https://github.com/spdx/license-list-XML but historically they've been very resistant to identifier deprecations (with the notable exception of the GPL identifiers :) Richard -- _______________________________________________ legal mailing list -- legal@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe send an email to legal-leave@xxxxxxxxxxxxxxxxxxxxxxx Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/legal@xxxxxxxxxxxxxxxxxxxxxxx Do not reply to spam, report it: https://pagure.io/fedora-infrastructure/new_issue
