Re: valgrind devel headers license tag (bzip2-1.0.6?)

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Hi Mark,

Sorry for not responding sooner on this. I got a bit stuck under some heavy project end of last year and am now finally catching up on fedora-legal-list issues!

I have now responded in detail to the Fedora-license-data issue at: https://gitlab.com/fedora/legal/fedora-license-data/-/issues/422

TL;DR is the SPDX identifier
bzip2-1.0.6 to represent the licenses you found in Valgrind.

A couple other comments below :)

Thanks for your patience!
Jilayne

On 2/19/24 10:25 AM, Mark Wielaard wrote:
Hi Jilayne,

On Wed, 2024-01-17 at 18:45 +0100, Mark Wielaard wrote:
On Sat, 2023-11-25 at 01:49 +0100, Mark Wielaard wrote:
On Fri, Nov 24, 2023 at 01:18:22PM -0500, Richard Fontana wrote:
On Fri, Nov 24, 2023 at 11:36 AM Mark Wielaard <mjw@xxxxxxxxxxxxxxxxx> wrote:
On Mon, 2023-11-20 at 09:41 -0500, Richard Fontana wrote:

            
You could propose this change to the SPDX legal team by submitting an
issue at https://github.com/spdx/license-list-XML but historically
they've been very resistant to identifier deprecations (with the
notable exception of the GPL identifiers :)
that is correct, the SPDX License List has made a very concerted effort to only deprecate license ids under
extenuating circumstances (which includes the changes made to GPL identifiers, to which there was a fair amount of resistance... :)
You could also ask Jilayne Lovejoy
to consider it, she's one of the SPDX-legal leads and also reads this
list.
Great. So yes, that would be nice. So Jilayne, if we could get a
generic identifier for this license statement, maybe just call it
'Hybrid-BSD' [*], that would be really helpful.
This would still be really useful. If you know the history behind the
version specific identifier, which is, as far as I can tell, not even
used by bzip2 itself or by anyone redistributing bzip2, that would be
helpful. There is a subpackage of Valgrind (valgrind-devel) that uses
kind of a similar text, but in valgrind it is used as a kind of file-
based GPL-exception with extra notices at the top and the bottom
explaining what the larger work is for which the exception holds, and a
disclaimer by the organisation that paid for the work (which I believe
isn't legally significant, but Richard thinks is). See also
https://gitlab.com/fedora/legal/fedora-license-data/-/issues/422
I dug a bit on this question, here's what I found:
bzip2-1.0.5 was submitted for inclusion on the SPDX License List in Feb 2014 and accepted for version 1.20 - see https://lists.spdx.org/g/Spdx-legal/topic/22080444#811

The URL provided at that time (which redirects now) used the version number "1.0.5" in the license text, so that is why it is included in the SPDX id (b/c where there is a version number, we use it - makes it easier if there are later versions :)
see https://web.archive.org/web/20140118032813/http://bzip.org/1.0.5/bzip2-manual-1.0.5.html

bzip2-1.0.6 was discussed about 5 months later, as you can see  at https://lists.spdx.org/g/Spdx-legal/topic/22080492#907 and https://wiki.spdx.org/view/Legal_Team/Minutes/2014-06-26 and then added as a distinct license.

and hey look, someone found the same Valgrind files you are looking at and emailed SPDX in 2019: https://lists.spdx.org/g/Spdx-legal/topic/35237515#2685

This question came up again in 2020, see: https://lists.spdx.org/g/spdx/topic/75871014#1330

bzip2-1.0.5 was deprecated as an SPDX identifier as of version 3.16 in 2022 - see https://github.com/spdx/license-list-XML/issues/1223
If you have time to look at the Hybrid-BSD license and which kind of
top/bottom "legal" notices are generic or not that would be really
appreciated.
done! No new id or license needed!

BTW. I happen to be one of the upstream maintainers of bzip2 and of
valgrind, which both use this license variant for some of the code. So
we could do a release that explicitly uses a generic name for this if
that helps.
as noted above, SPDX does not change license ids unless it's an extenuating circumstance. (btw, naming is hard, and it's always easy to have 20/20 hindsight on a "better" name. In any case, anyone is welcome to join the SPDX-legal community and help come up with ids for licenses that are submitted :)

[*]
https://fedoraproject.org/wiki/Licensing:BSD#Hybrid_BSD_(half_BSD,_half_zlib)
Thanks,

Mark


--
_______________________________________________
legal mailing list -- legal@xxxxxxxxxxxxxxxxxxxxxxx
To unsubscribe send an email to legal-leave@xxxxxxxxxxxxxxxxxxxxxxx
Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: https://lists.fedoraproject.org/archives/list/legal@xxxxxxxxxxxxxxxxxxxxxxx
Do not reply to spam, report it: https://pagure.io/fedora-infrastructure/new_issue

[Index of Archives]     [Fedora Users]     [Fedora Desktop]     [Fedora SELinux]     [Big List of Linux Books]     [Yosemite News]     [Gnome Users]     [KDE Users]

  Powered by Linux