Closed coenjacobs closed 9 years ago
coenjacobs
commented
9 years ago @GaryJones I merged your changes in here as well. What I wonder though, is if the notation of the @license in f36a7ba4f3376fd2bc695f79cb097ef68e9eb68a matters. Can this be made more clear? What are the conventions for providing a link to the actual license that its being released under?
Rarst
commented
9 years ago See @license in PSR-5.
GaryJones
commented
9 years ago SPDX identifiers are also recommended for use in NPM packages too.
coenjacobs
commented
9 years ago Alright, so if I understand this correctly, the GPL-2.0+ license/notation is deprecated, but no idea what we should replace it with?
GaryJones
commented
9 years ago First I've heard of that being deprecated, but http://wiki.spdx.org/view/Legal_Team/Decisions/license_expression_syntax seems to be relevant.
GaryJones
commented
9 years ago From that wiki page:
The license GPL-2.0+ will be deprecated. License entry GPL-2.0 will remain on the SDPX license list and the following is still a valid license expression “GPL-2.0+”. This state’s GPL-2.0 or later because the “+” now plays the role of a unary operator that means ‘the version of this license or a later version’. The following would also be a valid license expression as well: EPL-1.0+ which means EPL-1.0 or a later version. The change of the “+” to an operator will make even more sense once one considers license exceptions (modifiers) in the next section.
So, what I think they mean is, the single "GPL 2 or later" license with that exact name is deprecated, but "+" is now a valid modifier to signify the "GPL 2", "or later" is valid. The license you linked to is deprecated, but it's valid to have the GPL-2.0 license and indicate that you also mean GPL-3.0 by appending the +. https://www.npmjs.com/package/spdx has some other examples of valid combinations that are not explicitly named on the list.
coenjacobs
commented
9 years ago That's how I read it as well. Thanks guys!
Made the remaining changes as discussed in #33