On Fri, Aug 5, 2022 at 6:02 PM Fabio Valentini <decathorpe(a)gmail.com> wrote:
> CC0 has been listed by Fedora as a 'good' license for code and content
> (corresponding to allowed and allowed-content under the new system).
> We plan to classify CC0 as allowed-content only, so that CC0 would no
> longer be allowed for code. This is a fairly unusual change and may
> have an impact on a nontrivial number of Fedora packages (that is not
> clear to me right now), and we may grant a carveout for existing
> packages that include CC0-covered code. While we are moving towards a
> process in which license approvals are going to be done primarily
> through the Fedora license data repository on gitlab.com
, I wanted to
> note this on the mailing list because of the significance of the
I was made aware of this change just today.
Given that this is a "significant" change, would it be possible to announce
this more widely / publicly than the rather obscure "legal" mailing list?
I've now re-posted to the devel list (though reading further I guess
you were suggesting something more widely viewable than that). The
story was actually picked up by the tech press, rather to my surprise
so I'm not sure how to give it more publicity at this point :)
We already have a not insignificant number of packages in Fedora that
are licensed CC0. For example, it's not really a "popular" license for Rust
projects, but we have 22 of them that are licensed CC0:
Should we attempt to inform upstream projects that their code is, going forward, not
going to be considered "FOSS" unless they relicense?
What will happen if a project that we have in Fedora today grows a
dependency on something that's still CC0-licensed? Will that block us from updating
that software until the affected project is re-licensed? Who will convince projects that
this is necessary? Where is publicly visible announcement that they could be pointed to?
(And no, a mailing list post doesn't count.)
The intent is for this change not to cause significant hardship or
disruption for Fedora contributors and users. We will probably need to
grant some time-based or case-specific exceptions. I think though that
we should avoid allowing any new packages with CC0-covered code.
As it is, I consider this change a serious roadblock for getting up-to-date software
(including security fixes) to users.