Opened 4 years ago
Last modified 10 months ago
#61237 new defect
Use SPDX license identifiers
Reported by: | ryandesign (Ryan Carsten Schmidt) | Owned by: | |
---|---|---|---|
Priority: | Normal | Milestone: | |
Component: | ports | Version: | |
Keywords: | Cc: | iefdev (Eric F), cooljeanius (Eric Gallager) | |
Port: |
Description
MacPorts has its own guidelines for how to specify port license names. We should probably move toward using the same license identifiers popularized by SPDX: https://spdx.org/licenses/
The license names we use have to be understood by our port_binary_distributable.tcl script. There may need to be a transitional period during which the script is updated to recognize both our old license names and new SPDX license identifiers. Later, once all ports have been updated to use SPDX, we can remove our old license names.
Change History (5)
comment:1 Changed 4 years ago by iefdev (Eric F)
comment:2 Changed 4 years ago by iefdev (Eric F)
Cc: | iefdev added |
---|
comment:3 Changed 4 years ago by dbevans (David B. Evans)
I agree. The SPDX scheme seems to be more comprehensive than ours and gaining popularity elsewhere. Perl now has added a standardized (but optional) metadata element
"x_spdx_expression" : "Artistic-1.0-Perl OR GPL-1.0-or-later"
in addition to the existing
"license" : [ "perl_5" ]
We might add something similar to our Portfile syntax.
comment:4 Changed 3 years ago by ryandesign (Ryan Carsten Schmidt)
Our portfile syntax already accommodates Boolean combinations of licenses.
We might consider introducing a new option licenses
and defining it to use SPDX identifiers, leaving the old license
option using the current MacPorts custom license identifiers during the transitional period. This might make it easier to identify whether a port is using new or old license names, and would make it easier to write new lint rules to point out which ports still need their license info updated. And it finally fixes the long-standing obvious misnaming of the license
option. port_binary_distributable.tcl could be updated to look for licenses
first and fall back on license
.
We would want to make sure that SPDX identifiers cover 100% of our current license use cases, and if they do not, then we should think about what to do about that. For example, what would be the SPDX equivalent of our license identifiers "Permissive", "Restrictive", "Restrictive/Distributable", "Commercial", "NoMirror"?
comment:5 Changed 10 months ago by cooljeanius (Eric Gallager)
Cc: | cooljeanius added |
---|
Yes, that'd be great. +1
Maybe some of their repos be used to make it easier to keep it updated? (ie keep track of deprecated and new licenses, etc.)
https://github.com/spdx/