RE: Last call for version 3.1 website review

2018-04-13 Thread gary 
FYI - Just created a pull request to fix the issue where deprecated licenses
were not getting the isFsfFree meta data added:
https://github.com/spdx/LicenseListPublisher/pull/27

Gary

> -Original Message-
> From: g...@sourceauditor.com <g...@sourceauditor.com>
> Sent: Friday, April 13, 2018 8:55 AM
> To: 'W. Trevor King' <wk...@tremily.us>
> Cc: 'SPDX-legal' <spdx-legal@lists.spdx.org>
> Subject: RE: Last call for version 3.1 website review
> 
> 
> 
> > -Original Message-
> > From: W. Trevor King <wk...@tremily.us>
> > Sent: Friday, April 13, 2018 12:11 AM
> > To: g...@sourceauditor.com
> > Cc: 'SPDX-legal' <spdx-legal@lists.spdx.org>
> > Subject: Re: Last call for version 3.1 website review
> >
> > On Thu, Apr 12, 2018 at 05:48:07PM -0500, g...@sourceauditor.com
> > wrote:
> > > Please let me know if you know of any issues with the preview
> > > website that could potentially hold up the release.
> >
> > I'd really like to have obsoletedBy exposed [1] to downstream consumers.
> > For example, obsolete-license suggestions in Ruby are blocked by the
> > lack of stable, canonical access to this data [2].  If we can get that
> > information exposed in the next week, I think it's worth pushing the
release
> back.
> > Otherwise, I guess we'll survive for a few more months without it ;).
> >
> [G.O.] Before exposing this, I'd like to get consensus with the tech team
on the
> additional field.  Since this isn't a change to the license list itself
(at least the
> portion visible and readable on the website), I can push a new version
with the
> additional field between license list releases.
> 
> > Comparing the license-list-data diff between v3.0 and the current
> > 31f52f1, I have two minor concerns:
> >
> > * There seems to be missing  around the first lines in html/*.html
[3]
> >   html/0BSD.html seems to have lost a  on its first line [3]
> >
> [G.O.] Let me know if this causes a formatting problem.  If so, I'll fix
for this
> release.  Otherwise, I'd like to do a bit more research on what changed
(see PR
> for more info).
> 
> > * While GPL-3.0-only [4] and GPL-3.0-or-later [5] both have isFsfFree
> >   true, the deprecated GPL-3.0 [6] and GPL-3.0+ [7] have it false.  It
> >   looks like I need to add the deprecated + identifiers to the fsf-api
> >   repo, but that repo *is* currently showing GPL-3.0 as libre:
> >
> > $ curl -s https://wking.github.io/fsf-api/spdx/GPL-3.0.json | jq
.tags
> > [
> >   "gpl-3-compatible",
> >   "libre"
> > ]
> > $ curl -s https://wking.github.io/fsf-api/licenses-full.json | jq
> > '.licenses.GNUGPLv3 | {tags, identifiers}'
> > {
> >   "tags": [
> > "gpl-3-compatible",
> > "libre"
> >   ],
> >   "identifiers": {
> > "spdx": [
> >   "GPL-3.0-or-later",
> >   "GPL-3.0-only",
> >   "GPL-3.0"
> > ]
> >   }
> > }
> May be a generator problem where the deprecated licenses are not updating
the
> property.  I'll look into that.
> 
> Trevor - if you could update the API code and re-generate the JSON file to
pick-
> up the GPL-3.0+ identifier, I'll include the updated tags in the release.
> 
> 
> >
> > Cheers,
> > Trevor
> >
> > [1]: https://github.com/spdx/LicenseListPublisher/issues/12
> > [2]: https://github.com/rubygems/rubygems/pull/2259#issuecomment-
> > 377790912
> > [3]: https://github.com/spdx/license-list-data/issues/32#issuecomment-
> > 381024177
> > [4]: https://github.com/spdx/license-list-
> > data/blob/master/json/details/GPL-3.0-only.json#L3
> > [5]: https://github.com/spdx/license-list-
> > data/blob/master/json/details/GPL-3.0-or-later.json#L3
> > [6]: https://github.com/spdx/license-list-
> > data/blob/master/json/details/GPL-3.0.json#L3
> > [7]: https://github.com/spdx/license-list-
> > data/blob/master/json/details/GPL-3.0%2B.json
> >
> > --
> > This email may be signed or encrypted with GnuPG
> > (http://www.gnupg.org).
> > For more information, see
> > http://en.wikipedia.org/wiki/Pretty_Good_Privacy

___
Spdx-legal mailing list
Spdx-legal@lists.spdx.org
https://lists.spdx.org/mailman/listinfo/spdx-legal

Re: Last call for version 3.1 website review

2018-04-12 Thread W. Trevor King 
On Thu, Apr 12, 2018 at 05:48:07PM -0500, g...@sourceauditor.com wrote:
> Please let me know if you know of any issues with the preview
> website that could potentially hold up the release.

I'd really like to have obsoletedBy exposed [1] to downstream
consumers.  For example, obsolete-license suggestions in Ruby are
blocked by the lack of stable, canonical access to this data [2].  If
we can get that information exposed in the next week, I think it's
worth pushing the release back.  Otherwise, I guess we'll survive for
a few more months without it ;).

Comparing the license-list-data diff between v3.0 and the current
31f52f1, I have two minor concerns:

* There seems to be missing  around the first lines in html/*.html [3]
  html/0BSD.html seems to have lost a  on its first line [3]

* While GPL-3.0-only [4] and GPL-3.0-or-later [5] both have isFsfFree
  true, the deprecated GPL-3.0 [6] and GPL-3.0+ [7] have it false.  It
  looks like I need to add the deprecated + identifiers to the fsf-api
  repo, but that repo *is* currently showing GPL-3.0 as libre:

$ curl -s https://wking.github.io/fsf-api/spdx/GPL-3.0.json | jq .tags
[
  "gpl-3-compatible",
  "libre"
]
$ curl -s https://wking.github.io/fsf-api/licenses-full.json | jq 
'.licenses.GNUGPLv3 | {tags, identifiers}'
{
  "tags": [
"gpl-3-compatible",
"libre"
  ],
  "identifiers": {
"spdx": [
  "GPL-3.0-or-later",
  "GPL-3.0-only",
  "GPL-3.0"
]
  }
}

Cheers,
Trevor

[1]: https://github.com/spdx/LicenseListPublisher/issues/12
[2]: https://github.com/rubygems/rubygems/pull/2259#issuecomment-377790912
[3]: https://github.com/spdx/license-list-data/issues/32#issuecomment-381024177
[4]: 
https://github.com/spdx/license-list-data/blob/master/json/details/GPL-3.0-only.json#L3
[5]: 
https://github.com/spdx/license-list-data/blob/master/json/details/GPL-3.0-or-later.json#L3
[6]: 
https://github.com/spdx/license-list-data/blob/master/json/details/GPL-3.0.json#L3
[7]: 
https://github.com/spdx/license-list-data/blob/master/json/details/GPL-3.0%2B.json

-- 
This email may be signed or encrypted with GnuPG (http://www.gnupg.org).
For more information, see http://en.wikipedia.org/wiki/Pretty_Good_Privacy


signature.asc
Description: OpenPGP digital signature
___
Spdx-legal mailing list
Spdx-legal@lists.spdx.org
https://lists.spdx.org/mailman/listinfo/spdx-legal

Last call for version 3.1 website review

2018-04-12 Thread gary 
Greetings legal team,

 

Tomorrow (Friday) I plan to update the main SPDX website with the 3.1
version of the license list which can be viewed at
https://spdx.org/licenses/preview/

 

Please let me know if you know of any issues with the preview website that
could potentially hold up the release.

 

There are three pull requests for the tool that generates the website
currently outstanding:

1.  Add JSON-LD files to the website
(https://github.com/spdx/LicenseListPublisher/pull/25) - This should not
have any impact on the website look and feel.  It enables a more efficient
machine-readable version of our license list to be available online.  The
next release of the SPDX tools is dependent on this change.
2.  Update the copyright in the footer to be consistent with the rest of
the SPDX website (https://github.com/spdx/LicenseListPublisher/pull/26) 
3.  Update the text for the deprecated licenses to indicate the license
ID's are what is being deprecated
(https://github.com/spdx/LicenseListPublisher/pull/24)

 

If no one objects, I plan on incorporating #1 and #2 in the next release.  I
would like to hold off on number to give us more time for review.

 

If anyone objects to the inclusions or exclusions please let me know.

 

Thanks,

Gary

 

-

Gary O'Neall

Principal Consultant

Source Auditor Inc.

Mobile: 408.805.0586

Email:   g...@sourceauditor.com

 

___
Spdx-legal mailing list
Spdx-legal@lists.spdx.org
https://lists.spdx.org/mailman/listinfo/spdx-legal