From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from lists.gentoo.org (pigeon.gentoo.org [208.92.234.80]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by finch.gentoo.org (Postfix) with ESMTPS id EE81F138334 for ; Sat, 21 Sep 2019 20:58:17 +0000 (UTC) Received: from pigeon.gentoo.org (localhost [127.0.0.1]) by pigeon.gentoo.org (Postfix) with SMTP id 6EDA8E08F9; Sat, 21 Sep 2019 20:58:15 +0000 (UTC) Received: from smtp.gentoo.org (smtp.gentoo.org [140.211.166.183]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by pigeon.gentoo.org (Postfix) with ESMTPS id 28242E088C for ; Sat, 21 Sep 2019 20:58:15 +0000 (UTC) Received: from a1i15 (host2092.kph.uni-mainz.de [134.93.134.92]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) (Authenticated sender: ulm) by smtp.gentoo.org (Postfix) with ESMTPSA id AC7F334B478; Sat, 21 Sep 2019 20:58:11 +0000 (UTC) From: Ulrich Mueller To: =?utf-8?B?TWljaGHFgiBHw7Nybnk=?= Cc: gentoo-dev , licenses Subject: [gentoo-dev] Re: [RFC] Adding 'GPL-2-only', 'GPL-3-only' etc. license variants for better auditing References: Date: Sat, 21 Sep 2019 22:58:03 +0200 In-Reply-To: (=?utf-8?Q?=22Micha=C5=82_G=C3=B3rny=22's?= message of "Sat, 21 Sep 2019 18:09:20 +0200") Message-ID: User-Agent: Gnus/5.13 (Gnus v5.13) Emacs/27.0.50 (gnu/linux) Precedence: bulk List-Post: List-Help: List-Unsubscribe: List-Subscribe: List-Id: Gentoo Linux mail X-BeenThere: gentoo-dev@lists.gentoo.org Reply-to: gentoo-dev@lists.gentoo.org X-Auto-Response-Suppress: DR, RN, NRN, OOF, AutoReply MIME-Version: 1.0 Content-Type: multipart/signed; boundary="=-=-="; micalg=pgp-sha256; protocol="application/pgp-signature" X-Archives-Salt: 3b117bcc-864a-4242-86c4-f67cc2d15686 X-Archives-Hash: 7a8a240a1795b2fa302bf2205d4f7bed --=-=-= Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: quoted-printable >>>>> On Sat, 21 Sep 2019, Micha=C5=82 G=C3=B3rny wrote: > I'd like to propose to employ a more systematic method of resolving this > problem. I would like to add additional explicit 'GPL-n-only' licenses, > and discourage using short 'GPL-n' in favor of them. The end result > would be three licenses per every version/variant, e.g.: > GPL-2-only -- version 2 only > GPL-2+ -- version 2 or newer > GPL-2 -- might be either, audit necessary To elaborate a bit more on this: "GPL-2" already has that well defined meaning that your proposed "GPL-2-only" has, namely that the package is licensed under the GNU General Public License, version 2. Presumably, your change would cause a long transition time, in which we would have *three* variants for every GPL version (as well as LGPL, AGPL, FDL), two of them with identical meaning. And after the transition time, we would have "GPL-2-only" instead of "GPL-2", which is not only longer but also not accurate. Plus, it would result in paradoxical entries like "|| ( GPL-2-only GPL-3-only )" for a package that can be distributed under GPL versions 2 or 3 but no later version. If the goal of this exercise is to do an audit of ebuilds labelled as "GPL-2", then a less intrusive approach (which I had already suggested when this issue had last been discussed) would be to add a comment to the LICENSE line, either saying "# GPL-2 only" for packages that have been verified. Or the other way aroung, starting with a comment saying that it is undecided, which would be removed after an audit. This would have the advantage not to confuse users, and have no impact on their ACCEPT_LICENSE settings. (For example, some people exclude AGPL and would have to add entries for AGPL-3-only.) Ulrich --=-=-= Content-Type: application/pgp-signature; name="signature.asc" -----BEGIN PGP SIGNATURE----- iQEzBAEBCAAdFiEEZlHkP3TnuTbxrN0HwwkGhRxhwnMFAl2GjtsACgkQwwkGhRxh wnPJaAf/dUj/9hZ64/E0xDRrUk/YZ56yioRsuKXex590btU9R4nAknyd60h+aEoW DmVMkMWzldnf4VvqLk1C33RocUir2CAH69toPG0ByX+m7198C5NXynp1lxJzNEnQ 3q6d71pP3xSkGwXP5brSnZBlGWUaXdY4AVYkn/78C2kbGgPOksv6JClz+nxhVNP8 oSoQ3hECyOn7wUwPSdkkWvus2Lkvs9YaNZAEiZRqxrXkkOYrkkcv6tt8KtmUCM2x ISQWsS5lIMQBzC3VXqWrO/a67lWFiU7Ba9h0NmSHkjbqc4VZg7wiaw17ItGh+v73 SE+ceg0OUlDL0en7wRyG8wlPa0eBmg== =utDk -----END PGP SIGNATURE----- --=-=-=--