Hi, On 20-02-15 19:30:33, Gabriel Filion wrote: > There's one package that I need to create as a dependency of > puppet-development-kit for which I had some questions pop to mind > about licensing: ruby-spdx-licenses > > The code ships a json file that contains information about all of the > licenses that the library helps with identifying. This json file was > copied from the SPDX web site: > > https://github.com/domcleal/spdx-licenses#spdx-licenses > > From what I could gather, the website specifies that all content is > covered by CC-BY 3.0: > > https://spdx.org/Trademark > https://www.linuxfoundation.org/terms/ > > Then, I also found some mentions about some terms related to the use > of the SPDX name, which would be present in the package name and in > the description, and this is where I feel like I'm in uncertain waters > (at least for me): > > https://spdx.org/frequently-asked-questions-faq-0 > > "Can I use the SPDX trademark? > Yes. It is a registered trademark so don't forget the (r)." > > Do I need to add (r) after the name "SPDX" in the description? Is it > an issue if the name is used in the package name (since it's in the > name of the gem) ?
As far as I understand, this is about a single json file, which copyright foo is unclear. I'm by no means an expert in this field, probably debian-legal@ is able to help. I guess, personally, I would just get rid of this file via a Files-Excluded: stanza in debian/copyright and leveraging the repack feature of debian/watch to repack (to remove said file) the upstream tarball. Cheers, Georg
