2015-07-09 15:42 GMT+02:00 Tom Callaway <tcallawa@xxxxxxxxxx>: > On 07/09/2015 09:14 AM, Haïkel wrote: >> Currently Suse is using it, they even patched their packaging compliance >> checkers to support it. > > Well, no, actually, they're not. They're using the matching identifiers. > Yes, we're not concerned by the SPDX (sorry for the confusion). I was speaking about the short identifiers, not providing the SPDX files. > I'm hesitant to go down this road for a number of reasons: > > 1) It's a LOT of change for very little benefit. We're talking about > changing practically every single spec. agreed, but automation can lessen the pain, and we could just fix/bump specs without rebuilding. It will be picked up at the next build or mass rebuild. > 2) We simplify license tags in Fedora. We call a lot of functionally > identical licenses BSD and MIT, which the SPDX model insists are unique > and different licenses. We'd have to stop doing that. > 3) Every exception will need a new SPDX tag, we can't just use "GPLv2 > with exceptions" anymore > 4) Every firmware license will need to be listed explicitly. I don't really have an opinion, on that matter, I trust Fedora Legal judgment. And that's what I would consider as a strong blocker. > 5) It implies that we're planning on implementing the full SPDX > specification. And we're not. > Yes, and I'm not sure that as community-led distribution, we could ever do that. It's more about standardizing on the licensing identifiers nomenclature. Moreover, i was also interested in the licensing compliance checking tool which could be leveraged in reviews. H. > For those reasons, I'd vote no on this. > > ~tom > > == > Red Hat -- devel mailing list devel@xxxxxxxxxxxxxxxxxxxxxxx https://admin.fedoraproject.org/mailman/listinfo/devel Fedora Code of Conduct: http://fedoraproject.org/code-of-conduct
