New license request: Twente [SPDX-Online-Tools]

[AnandChowdhary]

1. License Name: Twente License 2. Short identifier: Twente 3. URL: https://raw.githubusercontent.com/AnandChowdhary/twente-license/master/LICENSE.md 4. OSI Status: Pending

[AnandChowdhary]

More information is available at https://github.com/AnandChowdhary/twente-license

[swinslow]

Hi @AnandChowdhary, thanks very much for submitting this. I have a couple of questions.

1. I saw your discussion on the license-review mailing list regarding whether the Twente License satisfies the OSD. From the discussion there, it looked as though you are considering making changes to the license text. Is that correct? If so, I expect that SPDX may hold off from considering this version until you have stabilized on a license text.

2. Whether it's the current text or any changed future version, do you have examples of open source projects that are actively using the Twente License in the wild? SPDX is primarily focused on identifying and cataloguing licenses that are actively in use, so if a new license is not showing signs of significant use by projects or a sizable community, the license might not be added to the SPDX License List until that type of use is evident.

Grateful if you can let us know your thoughts. More information about the SPDX team's considerations for whether and when to include a license are at https://spdx.org/spdx-license-list/license-list-overview, under "License Inclusion Principles" and "Candidate License Analysis".

Best, Steve

[AnandChowdhary]

Hi @swinslow,

Thank you for your detailed reply!

1. I received tons of feedback from the open-source community at OSD about the criteria. Those changes have already been made, and we are now at a stable 1.0, so you can consider the mentioned license text which now has a transparency requirement instead of a privacy requirement.

2. I am kind of in a chicken-egg problem right now. Since Twente License is a new alternate to MIT, I have already approached open-source projects to use it. Since the SPDX List is used for things like the license attribute in the package.json of NPM packages, projects cannot switch from "MIT" to "Twente" without it already being listed, since it throws a build error/warning. That being said, Uppload, all of Oswald Labs Research open-source work, and several other projects are going to be switched as soon as Twente License is listed in the SPDX List.

I'd love to hear from you about how we can take this forward considering I have commitments for switching from MIT to Twente but not "in the wild" usage. If you prefer, I can get Twente-licensed beta releases too.

[swinslow]

Hi @AnandChowdhary, thanks for your responses, this was very helpful. I wanted to circle back with comments from the latest SPDX Legal team review call.

For the stability of the text itself, I note from the OSI license-review mailing list that Twente is still undergoing public comment and consideration by the OSI community. In light of that, I think our inclination is to wait until the OSI process has completed and a decision has been reached on the text. The reasoning is that, if OSI agrees to approve the license subject to any additional changes, we assume that you would be willing to change the license text. We would like to ensure that there is a final license text for consideration for inclusion on the SPDX License List, since we need to keep license texts stable once they have been added to the SPDX list.

In preparation for when the OSI license-review process is complete, we will have an identifier ready to use if the final text is determined to be appropriate for inclusion on the SPDX License List. We would strongly recommend including a license version number as part of the license identifier, e.g. "Twente-1.0". This makes it much easier to handle subsequent modifications to the license in the future by incrementing the license version. If there is a different version number you would prefer to use, please let us know.

Finally, regarding the NPM situation, I recognize the problem you noted. I can't speak to how NPM's handling of SPDX license identifiers work (I'm not familiar with it), but I have noted your comment about the projects that anticipate switching to Twente. I would note also as an FYI that even if the license is added to the SPDX license list, there may be a period of time between approval and the next SPDX license list release (which happens approximately quarterly), as well as a subsequent period until NPM or other client tools' own projects begin using the new license list release. I just wanted to flag that my assumption is that it won't be immediately available within NPM upon approval.

[AnandChowdhary]

Hi @swinslow, this is great, I completely understand and agree with your point about waiting for OSI review to be completed. I think we can wait and put Twente your "Later Release" milestone, it doesn't have to be in 3.5.

Regarding the identifier, I would love it if we could use just "Twente" for version 1.0, which can be added in perhaps milestone 3.6 or later, once OSI has made their decision. Twente is a distinct entity (named after a place, etc.) and I don't foresee any changes to the license once OSI review is over (hopefully there will not be any significant changes even during the process). If you want to include it in the current milestone and since we both feel we should wait for OSI, you can use something like "Twente-0.9" but I don't think that is necessary; I can be more patient. 😄