Open befeleme opened 2 years ago
Topic of licensing consists of two big parts:
1) How to automatically generate the license tag that's compliant with Fedora (i.e. BSD
instead of BSD-3-Clause
)
There are efforts regarding adopting https://spdx.org/licenses/
Python: https://www.python.org/dev/peps/pep-0639/ and https://github.com/python/peps/pull/2164
2) How to automatically check the compliance with Fedora. Ideas from the Fedora side: https://pagure.io/fedora-legal/license-data https://pagure.io/copr/license-validate
- How to automatically generate the license tag that's compliant with Fedora
:D Let us know if you have any input on that!
- How to automatically check the compliance with Fedora.
Its not the Fedora Good Licenses list, but at least with regard to
check whether license is FSF free.
There's spdx/fsf-api, which coincidentally I also did a bit of an overhaul of and am now a maintainer of, heh.
Note that Fedora is moving to SPDX https://fedoraproject.org/wiki/Changes/SPDX_Licenses_Phase_1 and the list of licenses can be found in the package fedora-license-data
, and it is already available in Fedora.
That's great to see they are moving toward using standard license expressions from their own non-standard flavor; hopefully other distros not already using SPDX will do the same.
Note that Fedora is moving to SPDX https://fedoraproject.org/wiki/Changes/SPDX_Licenses_Phase_1 and the list of licenses can be found in the package
fedora-license-data
, and it is already available in Fedora.
Thank you for the notice, I'm going to dig into the topic.
PEP 639 (not yet approved) says the License-Expression
field will be a SPDX expression. For mapping classifiers, you should be able to use https://peps.python.org/pep-0639/#mapping-license-classifiers-to-spdx-identifiers
pyp2spec 0.7.0 supports the SPDX identifiers in a best-effort manner. It either finds a correct SPDX identifier (or derives it from the classifiers), or raises an exception. The detected identifiers are checked for compliance with Fedora with the latest published data from the Fedora Legal team. The distributions' metadata can't help us all the way: they often don't map unambiguously (PEP 639 lists such cases) and the license strings can have any creative format project authors come up with. To make this part of the issue better, we need PEP 639 (or similar) that will open the one and correct way to declare licenses as SPDX expressions.
Just FYI, sorry for the super long delay, but I've been working on it again and hopefully will have the next big overhaul posted soon!
https://fedoraproject.org/wiki/Licensing:Main#Software_License_List