Hi Mark,
Sorry for not responding sooner on this. I got a bit stuck under some
heavy project end of last year and am now finally catching up on
fedora-legal-list issues!
I have now responded in detail to the Fedora-license-data issue at:
https://gitlab.com/fedora/legal/fedora-license-data/-/issues/422
TL;DR is the SPDX identifier bzip2-1.0.6 to represent the licenses you
found in Valgrind.
A couple other comments below :)
Thanks for your patience!
Jilayne
On 2/19/24 10:25 AM, Mark Wielaard wrote:
Hi Jilayne,
On Wed, 2024-01-17 at 18:45 +0100, Mark Wielaard wrote:
On Sat, 2023-11-25 at 01:49 +0100, Mark Wielaard wrote:
On Fri, Nov 24, 2023 at 01:18:22PM -0500, Richard Fontana wrote:
On Fri, Nov 24, 2023 at 11:36 AM Mark Wielaard<[email protected]> wrote:
On Mon, 2023-11-20 at 09:41 -0500, Richard Fontana wrote:
You could propose this change to the SPDX legal team by submitting an
issue athttps://github.com/spdx/license-list-XML but historically
they've been very resistant to identifier deprecations (with the
notable exception of the GPL identifiers :)
that is correct, the SPDX License List has made a very concerted effort
to only deprecate license ids under
extenuating circumstances (which includes the changes made to GPL
identifiers, to which there was a fair amount of resistance... :)
You could also ask Jilayne Lovejoy
to consider it, she's one of the SPDX-legal leads and also reads this
list.
Great. So yes, that would be nice. So Jilayne, if we could get a
generic identifier for this license statement, maybe just call it
'Hybrid-BSD' [*], that would be really helpful.
This would still be really useful. If you know the history behind the
version specific identifier, which is, as far as I can tell, not even
used by bzip2 itself or by anyone redistributing bzip2, that would be
helpful. There is a subpackage of Valgrind (valgrind-devel) that uses
kind of a similar text, but in valgrind it is used as a kind of file-
based GPL-exception with extra notices at the top and the bottom
explaining what the larger work is for which the exception holds, and a
disclaimer by the organisation that paid for the work (which I believe
isn't legally significant, but Richard thinks is). See also
https://gitlab.com/fedora/legal/fedora-license-data/-/issues/422
I dug a bit on this question, here's what I found:
bzip2-1.0.5 was submitted for inclusion on the SPDX License List in Feb
2014 and accepted for version 1.20 - see
https://lists.spdx.org/g/Spdx-legal/topic/22080444#811
The URL provided at that time (which redirects now) used the version
number "1.0.5" in the license text, so that is why it is included in the
SPDX id (b/c where there is a version number, we use it - makes it
easier if there are later versions :)
see
https://web.archive.org/web/20140118032813/http://bzip.org/1.0.5/bzip2-manual-1.0.5.html
bzip2-1.0.6 was discussed about 5 months later, as you can see at
https://lists.spdx.org/g/Spdx-legal/topic/22080492#907 and
https://wiki.spdx.org/view/Legal_Team/Minutes/2014-06-26 and then added
as a distinct license.
and hey look, someone found the same Valgrind files you are looking at
and emailed SPDX in 2019:
https://lists.spdx.org/g/Spdx-legal/topic/35237515#2685
This question came up again in 2020, see:
https://lists.spdx.org/g/spdx/topic/75871014#1330
bzip2-1.0.5 was deprecated as an SPDX identifier as of version 3.16 in
2022 - see https://github.com/spdx/license-list-XML/issues/1223
If you have time to look at the Hybrid-BSD license and which kind of
top/bottom "legal" notices are generic or not that would be really
appreciated.
done! No new id or license needed!
BTW. I happen to be one of the upstream maintainers of bzip2 and of
valgrind, which both use this license variant for some of the code. So
we could do a release that explicitly uses a generic name for this if
that helps.
as noted above, SPDX does not change license ids unless it's an
extenuating circumstance. (btw, naming is hard, and it's always easy to
have 20/20 hindsight on a "better" name. In any case, anyone is welcome
to join the SPDX-legal community and help come up with ids for licenses
that are submitted :)
[*]
https://fedoraproject.org/wiki/Licensing:BSD#Hybrid_BSD_(half_BSD,_half_zlib)
Thanks,
Mark
--
_______________________________________________
legal mailing list -- [email protected]
To unsubscribe send an email to [email protected]
Fedora Code of Conduct:
https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives:
https://lists.fedoraproject.org/archives/list/[email protected]
Do not reply to spam, report it:
https://pagure.io/fedora-infrastructure/new_issue
