Sorry for not responding sooner on this. I got a bit stuck under some heavy project end of last year and am now finally catching up on fedora-legal-list issues!
I have now responded in detail to the Fedora-license-data issue at: https://gitlab.com/fedora/legal/fedora-license-data/-/issues/422
TL;DR is the SPDX identifier bzip2-1.0.6 to represent the licenses you found in Valgrind.
A couple other comments below :)
Thanks for your patience!
Jilayne
On 2/19/24 10:25 AM, Mark Wielaard
wrote:
that is correct, the SPDX License List has made a very concerted effort to only deprecate license ids underHi Jilayne, On Wed, 2024-01-17 at 18:45 +0100, Mark Wielaard wrote:On Sat, 2023-11-25 at 01:49 +0100, Mark Wielaard wrote:On Fri, Nov 24, 2023 at 01:18:22PM -0500, Richard Fontana wrote:On Fri, Nov 24, 2023 at 11:36 AM Mark Wielaard <mjw@xxxxxxxxxxxxxxxxx> wrote:On Mon, 2023-11-20 at 09:41 -0500, Richard Fontana wrote:You could propose this change to the SPDX legal team by submitting an issue at https://github.com/spdx/license-list-XML but historically they've been very resistant to identifier deprecations (with the notable exception of the GPL identifiers :)
extenuating circumstances (which includes the changes made to GPL identifiers, to which there was a fair amount of resistance... :)
I dug a bit on this question, here's what I found:You could also ask Jilayne Lovejoy to consider it, she's one of the SPDX-legal leads and also reads this list.Great. So yes, that would be nice. So Jilayne, if we could get a generic identifier for this license statement, maybe just call it 'Hybrid-BSD' [*], that would be really helpful.This would still be really useful. If you know the history behind the version specific identifier, which is, as far as I can tell, not even used by bzip2 itself or by anyone redistributing bzip2, that would be helpful. There is a subpackage of Valgrind (valgrind-devel) that uses kind of a similar text, but in valgrind it is used as a kind of file- based GPL-exception with extra notices at the top and the bottom explaining what the larger work is for which the exception holds, and a disclaimer by the organisation that paid for the work (which I believe isn't legally significant, but Richard thinks is). See also https://gitlab.com/fedora/legal/fedora-license-data/-/issues/422
bzip2-1.0.5 was submitted for inclusion on the SPDX License List in Feb 2014 and accepted for version 1.20 - see https://lists.spdx.org/g/Spdx-legal/topic/22080444#811
The URL provided at that time (which redirects now) used the version number "1.0.5" in the license text, so that is why it is included in the SPDX id (b/c where there is a version number, we use it - makes it easier if there are later versions :)
see https://web.archive.org/web/20140118032813/http://bzip.org/1.0.5/bzip2-manual-1.0.5.html
bzip2-1.0.6 was discussed about 5 months later, as you can see at https://lists.spdx.org/g/Spdx-legal/topic/22080492#907 and https://wiki.spdx.org/view/Legal_Team/Minutes/2014-06-26 and then added as a distinct license.
and hey look, someone found the same Valgrind files you are looking at and emailed SPDX in 2019: https://lists.spdx.org/g/Spdx-legal/topic/35237515#2685
This question came up again in 2020, see: https://lists.spdx.org/g/spdx/topic/75871014#1330
bzip2-1.0.5 was deprecated as an SPDX identifier as of version 3.16 in 2022 - see https://github.com/spdx/license-list-XML/issues/1223
done! No new id or license needed!If you have time to look at the Hybrid-BSD license and which kind of top/bottom "legal" notices are generic or not that would be really appreciated.
as noted above, SPDX does not change license ids unless it's an extenuating circumstance. (btw, naming is hard, and it's always easy to have 20/20 hindsight on a "better" name. In any case, anyone is welcome to join the SPDX-legal community and help come up with ids for licenses that are submitted :)BTW. I happen to be one of the upstream maintainers of bzip2 and of valgrind, which both use this license variant for some of the code. So we could do a release that explicitly uses a generic name for this if that helps.
[*] https://fedoraproject.org/wiki/Licensing:BSD#Hybrid_BSD_(half_BSD,_half_zlib)Thanks, Mark
-- _______________________________________________ legal mailing list -- legal@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe send an email to legal-leave@xxxxxxxxxxxxxxxxxxxxxxx Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/legal@xxxxxxxxxxxxxxxxxxxxxxx Do not reply to spam, report it: https://pagure.io/fedora-infrastructure/new_issue
