On Mon, Jul 25, 2016 at 01:31:58PM -0400, Tom Callaway wrote:
I've been working on and off with SPDX to ensure that there is
as
minimal as possible deviation between our two lists.
If we did want to move forward with this, we'd need to figure out how to
resolve the inconsistencies with BSD/MIT between Fedora and SPDX.
Additionally, since pretty much every single package would need to be
touched for this change (as well as every package awaiting review), this
would not be a small effort, and I am _not_ volunteering to undertake it
alone, as I do not have the time.
I tend be of the opinion that the work involved vastly outweighs the
benefit, but if others disagree (and are willing to volunteer their time
to work on this), I could be convinced.
The main problem is exemplified by the BSD/MIT case, but it's not
limited to that. We have a number of instances where a Fedora license
tag refers to a set of things that are (usefully, I increasingly
believe) treated as multiple licenses in the SPDX universe. BSD and
MIT are just the extremes. I.e. it's not just a case of conceptually
equivalent standards that just happen to use different tokens for
things.
Would it be possible to gradually evolve towards the SPDX system, say
on a voluntary basis (by package maintainer), making use of the
existing RPM license field? For example, say some Fedora package foo
today has "License: LGPLv2+" and let's further say that the code is
clearly licensed under LGPL version 2.1 or later. Could we move to a
voluntary system where the foo package maintainer can opt to change
that to "License: LGPLv2+ (SPDX: LGPL-2.1+)"? Or does that not even
make sense?
Richard