Bug#833709: Please add the MIT/Expat license to common-licenses

To: Russ Allbery <rra@debian.org>
Cc: 833709@bugs.debian.org
Subject: Bug#833709: Please add the MIT/Expat license to common-licenses
From: Josh Triplett <josh@joshtriplett.org>
Date: Mon, 8 Aug 2016 17:04:19 -1000
Message-id: <[🔎] 20160809030419.yh5d54tuon46tqax@x>
Reply-to: Josh Triplett <josh@joshtriplett.org>, 833709@bugs.debian.org
In-reply-to: <[🔎] 87d1liwwm2.fsf@hope.eyrie.org>
References: <[🔎] 147063961278.25566.5511053990036251332.reportbug@x> <[🔎] 87popjxfbi.fsf@hope.eyrie.org> <[🔎] 20160809011622.vnem34e5w62azcxr@x> <[🔎] 87d1liwwm2.fsf@hope.eyrie.org>

On Mon, Aug 08, 2016 at 06:37:41PM -0700, Russ Allbery wrote:
> Josh Triplett <josh@joshtriplett.org> writes:
> > On Mon, Aug 08, 2016 at 11:53:37AM -0700, Russ Allbery wrote:
> 
> >> I don't think this is a good idea.  This license is extremely short,
> >> and it has a ton of minor variations, so we'll get a lot of people
> >> using it even though the exactly licensing terms of their package don't
> >> match the canonical copy.
> 
> >> For example, it's very common to see "THE AUTHORS" replaced with a
> >> specific list of people or organizations in the license, which is a
> >> very small change that's easy for someone to miss when they know that
> >> the terms are just the Expat terms.
> 
> > In the various packages I looked at, I haven't seen any such variation
> > of the MIT/Expat license.  I've seen many variations of the MIT/X11
> > license, but not of Expat.
> 
> I just checked my (tiny) corpus and you're right, I haven't seen
> variations in the stuff I've analyzed in the Expat wording variation.  I
> was thinking of the MIT wording variation.

Thanks for confirming.

> > For many of the packages I'd hoped to use it for, the sum total of the
> > license information in the upstream source consists of the following
> > line in the package metadata:
> 
> > license = "MIT"
> 
> > No copyright notices, no license file, just a simple statement of the
> > license name using canonical SPDX license identifiers.
> 
> > For such packages, referencing a canonical copy of the license seems
> > preferable.
> 
> It really doesn't to me.  Copying the text that identifier refers to in
> whatever metadata scheme you're looking at seems much better to me, since
> you know for certain what text this is supposed to reference.  (There are
> a ton of licenses named "MIT", and I think far more people don't use SPDX
> than actually use it.)
> 
> I could see the argument if we were fully adopting SPDX and checking that
> these things mean something consistent, but I think we should do that in a
> broader way than just adding more licenses to common-licenses if we do
> that.

In the specific case of the MIT/Expat license, it's one of the most
popular FOSS licenses, and thousands of packages in Debian use it.  It's
certainly used by far more packages than other licenses already included
in common-licenses.  I realize it's a short license, but I find it quite
helpful to see references to common-licenses in debian/copyright files,
not least of which because I can assume they match the canonical
license.

- Josh Triplett

Reply to:

References:
- Bug#833709: Please add the MIT/Expat license to common-licenses
  - From: Josh Triplett <josh@joshtriplett.org>
- Bug#833709: Please add the MIT/Expat license to common-licenses
  - From: Russ Allbery <rra@debian.org>
- Bug#833709: Please add the MIT/Expat license to common-licenses
  - From: Josh Triplett <josh@joshtriplett.org>
- Bug#833709: Please add the MIT/Expat license to common-licenses
  - From: Russ Allbery <rra@debian.org>

Prev by Date: Bug#833709: Please add the MIT/Expat license to common-licenses
Next by Date: Bug#798106: suggested patch
Previous by thread: Bug#833709: Please add the MIT/Expat license to common-licenses
Next by thread: Bug#798106: suggested patch
Index(es):
- Date
- Thread