New license request: SGP4-Unlicense [SPDX-Online-Tools]

[mattiaverga]

1. License Name: SGP4 unlicense with attribution 2. Short identifier: SGP4-Unlicense 3. License Author or steward: Unknown 4. Comments: It explicitly says that the code may be used "for any purpose—personal or commercial—as you wish", there's only a weak recommendation to put a citation and a link to upstream. This request come from a Fedora license request submission https://gitlab.com/fedora/legal/fedora-license-data/-/issues/159 where it was basically approved, but it requires a SPDX approval as well. 5. License Request Url: http://tools.spdx.org/app/license_requests/209 6. URL(s): https://celestrak.org/publications/AIAA/2006-6753/faq.php 7. OSI Status: Not Submitted 8. Example Projects: https://celestrak.org/publications/AIAA/2006-6753/

[mattiaverga]

SPDX online tool missed to add the license text to the above comment, here it is (from the Are there any Licenses required to use the SGP4 code? FAQ):

There is no license associated with the code and you may use it for any purpose—personal or commercial—as you wish. We ask only that you include citations in your documentation and source code to show the source of the code and provide links to the [main page](https://celestrak.org/publications/AIAA/2006-6753/), to facilitate communications regarding any questions on the theory or source code.

[swinslow]

Hi @mattiaverga, thanks for submitting this.

I'm generally +1 to add this as complying with SPDX's [license inclusion principles](), as a generally permissive (if informal) permission statement for a component which it sounds like is used in Fedora. While I personally wouldn't have phrased it as "There is no license associated with the code," I think it's pretty clear that the authors' intent was to permit any usage. Would welcome input and/or +1's from the rest of the SPDX-legal community if there are differing views on this.

My only comment is that I wouldn't be inclined to include "Unlicense" in the name or identifier, since Unlicense is already an unrelated entry on the SPDX License List. Although this might have a similar meaning or interpretation, I don't see anything indicating that it is derived from "The Unlicense" so I would probably want to go with something else -- perhaps just SGP4 as the identifier and "SGP4 Permission Notice" as the full name?

[jlovejoy]

+1 to add and agree with @swinslow assessment re: id and name

[mattiaverga]

I wonder: I suppose there are a lot of other cases in the wild where the "license" is a similar statement ("this has no license, do whatever you want"). Is it possible to add a generic license tag where we can link all those phrases as they pop out, instead of creating new ones each time? For example, instead of "SGP4 permission notice", a more generic "Permission notice", then for future cases just add the new license text under the same.

[mattiaverga]

I've submitted a PR with the requested changes to the name and identifier. Meanwhile I'll try to ask SGP4 maintainers if they're willing to "relicense" or, better, choose a recognized license (I think MIT or Unlicense are the best fit).

[jlovejoy]

@mattiaverga - re: the generic license tag, that has not been something the SPDX License List has done because the idea has always been to have an id represent a specific set of text (that can be matched). People have asked for generic-meaning ids (without a specific set of text to match to) in the past, which is problematic.

However, the idea of having an id be able to match to a specific set of similarly meaning texts is something we have not directly considered, but I did raise as possibility due to whatever we might find once we started really digging into the licenses and texts found in Fedora. Might be a good time to discuss this now that we have some data...

[jlovejoy]

marking as accepted, but holding off on making files to see what @mattiaverga found from upstream project?

[mattiaverga]

@jlovejoy I'm a bit confused about upstream project (celestrak.org, not python-sgp) reply. First, they seem to agree to consider MIT as the new license for an update to their code:

Let me first say that having “properly implemented” SGP4 code in Enterprise Linux would be extremely valuable to the community!

I agree that the MIT License is a good approach, we actually just started discussing this for our updated SGP4 code for GP data instead of TLEs. We will need to discuss with Dave Vallado, but expect this to be possible.

But then:

MOST CRITICAL: To add to what Dr. Kelso stated, the key issue here is ensure that SGP4 is “properly implemented” and that the python results are verified & validated PRIOR TO python implementation of SGP4 (python-sgp4) into Fedora Linux and EPEL official repositories.

I think it's better holding off any more attempt to use SGP4 code in open source project until it is eventually released under a OSS license.

Finally, if anyone's interested in pushing this forward and can attend to Space Symposium 2023:

We will be at the Space Symposium April 17-20, 2023. Red Hat usually has a presence there as well. We can put a (CelesTrak - Red Hat) meeting on the agenda, they may be interested in supporting this work since they have a large stake in Fedora Linux or EPEL.

[jlovejoy]

@mattiaverga - so, I got a bit lost on this one (sorry!) - can we merge your PR on this now? (still needed for Fedora, right?)

[mattiaverga]

I think upstream relicensing to MIT will not occur anytime soon, so if you think that the current "permission notice" is acceptable as is we can proceed. I'm waiting for a comment in the PR about what to do with the link to upstream inside the license text, which is currently formatted as markup: should I use just plain text and, if so, should I completely remove the link or is there a way to provide it?

But if you're not sure you want to have this "permission notice" approved I can just retire the new package request to Fedora (nothing is already packaged and in repositories yet).

[musicinmybrain]

But if you're not sure you want to have this "permission notice" approved I can just retire the new package request to Fedora (nothing is already packaged and in repositories yet).

If it matters, the gpredict package contains code that its upstream says is derived from the same group of SGP4 reference implementations.

Besides gpredict, I’m not sure if there are any other Fedora packages that bundle this code or its derivatives. XEphem and pyephem do have an SGP4/SDP4 implementation, but it doesn’t appear to have much in common with the reference implementation other than the underlying mathematics.

[jlovejoy]

thanks @mattiaverga and @musicinmybrain !

I'll look again at the text formatting issue and then merge!

[jlovejoy]

@goneall - would love to hear your tooling /matching perspective on this. That actual text says, "...and provide links to the main page, to..." where "main page" is a hyperlink in the HTML.

But for text matching, you would only see/match on "main page" right? I think that's how it should display for the text file, but what about in the XML file?

[goneall]

But for text matching, you would only see/match on "main page" right?

Correct - we just use the text. For the XML, I do not think we support hyperlinks in the XML schema, so it should be the same as the text. The rendered HTML will also not include the hyperlinks.

[jlovejoy]

Thanks @goneall - that's what I thought!