I'm all for it. It looks thorough, sensible and very useful. On zondag 5 januari 2020 16:40:20 CET Andreas Cord-Landwehr wrote: > Hi, I want to propose to allow SPDX-based [5] and REUSE.software [1] > compatible license statements as a new option in our KDE licensing policy. > > For background information about REUSE and SPDX and why it makes sense, I > tried to aggregate the important information in a blog post and will not add > any details in this mail: > https://cordlandwehr.wordpress.com/2019/12/31/reuse-machine-readable-license-information/ > > In order to start porting to SPDX identifiers and to allow license statements > that are compatible with the REUSE specification, a few changes are needed in > our license possibly, which currently is focused on license header statements > [2]. Thus, I propose the following changes: > > 1. Allow SPDX-based license statements by replacing bullet point 3 with: > "Each > source file either must contain SPDX identifiers or licence headers to state > under which terms the software may be used, modified and redistributed. The > SPDX identifiers or licence headers stated below must be used. Inside one > repository all files shall follow the same system for licence statements." > 2. Require REUSE conformance by adding a sub bullet point 3.1 that requires > license text to be added in a REUSE compatible way: "For each used SPDX > identifier, the licence text must be included compatible with the SPDX > specification." > 3. Update all SPDX license identifiers in the policy with their current > versions (e.g. GPL-2.0 was replaces with GPL-2.0-only to stress the > identifier > meaning) > 4. Specify how to state the LicenseRef-KDE-Accepted-LGPL and LicenseRef-KDE- > Accepted-GPL statements. For details see the discussion on the SPDX list [3]. > A very short discussion is also on the OSI license review list about the > question if the statement that KDE acts as a proxy to accept possible > upcoming > GPL/LGPL licenses is a license of its own or not. > > To make these changes easier to review, I prepared a license policy update > draft (note the v2 if you saw my previous draft). My goal is to make the > changes to the policy as small as possible at the moment to keep the review > phase short. (as a side-note, I would like to also talk about a bigger > revision at next Akademy, which focuses on a refactoring between the legal > requirements of allowed licenses and the technical way how to correctly state > licensing information). > > Here is my policy update proposal: > * Proposal: https://community.kde.org/Policies/Licensing_Policy/Draft_SPDX_v2 > * Diff to current policy: https://community.kde.org/index.php? > title=Policies%2FLicensing_Policy%2FDraft_SPDX_v2&type=revision&diff=87138&oldid=87134 > > I would be very happy to receive feedback if this proposal goes into the > right > direction and if we shall go forward this way. Also (mostly for the legal > experts), I would be glad if you could carefully read the LicenseRef-KDE- > Accepted-LGPL and LicenseRef-KDE-Accepted-GPL statements and give me > feedback. > Those are based on our current license statements but try to better integrate > with the SPDX based license statements. > > Cheers, > Andreas > > [1] https://reuse.software/ > [2] https://community.kde.org/Policies/Licensing_Policy > [3] https://github.com/spdx/license-list-XML/issues/928#issuecomment-562945646 > [4] http://lists.opensource.org/pipermail/license-review_lists.opensource.org/ > 2019-December/004454.html > [5] https://spdx.org/ > > >
-- https://www.valdyas.org | https://www.krita.org