[Fedora-legal-list] [RFC] Switching to SPDX in license tags

Haïkel hguemar at fedoraproject.org
Thu Jul 9 14:07:22 UTC 2015

2015-07-09 15:42 GMT+02:00 Tom Callaway <tcallawa at redhat.com>:
> On 07/09/2015 09:14 AM, Haïkel wrote:
>> Currently Suse is using it, they even patched their packaging compliance
>> checkers to support it.
> Well, no, actually, they're not. They're using the matching identifiers.

Yes, we're not concerned by the SPDX (sorry for the confusion).
I was speaking about the short identifiers, not providing the SPDX files.

> I'm hesitant to go down this road for a number of reasons:
> 1) It's a LOT of change for very little benefit. We're talking about
> changing practically every single spec.

agreed, but automation can lessen the pain, and we could just fix/bump
specs without rebuilding. It will be picked up at the next build or
mass rebuild.

> 2) We simplify license tags in Fedora. We call a lot of functionally
> identical licenses BSD and MIT, which the SPDX model insists are unique
> and different licenses. We'd have to stop doing that.
> 3) Every exception will need a new SPDX tag, we can't just use "GPLv2
> with exceptions" anymore
> 4) Every firmware license will need to be listed explicitly.

I don't really have an opinion, on that matter, I trust Fedora Legal judgment.
And that's what I would consider as a strong blocker.

> 5) It implies that we're planning on implementing the full SPDX
> specification. And we're not.

Yes, and I'm not sure that as community-led distribution, we could ever
do that. It's more about standardizing on the licensing identifiers
Moreover, i was also interested in the licensing compliance checking
tool which could
be leveraged in reviews.


> For those reasons, I'd vote no on this.
> ~tom
> ==
> Red Hat

More information about the devel mailing list