Bug#649530: [copyright-format] clearer definitions and more consistent License: stanza specification

To: Debian Bug Tracking System <649530@bugs.debian.org>
Subject: Bug#649530: [copyright-format] clearer definitions and more consistent License: stanza specification
From: Ximin Luo <infinity0@debian.org>
Date: Fri, 13 May 2016 13:53:54 +0200
Message-id: <[🔎] 146314043415.20629.918845079958615874.reportbug@localhost.localdomain>
Reply-to: Ximin Luo <infinity0@debian.org>, 649530@bugs.debian.org

Package: debian-policy
Followup-For: Bug #649530

Hi all, I just noticed that SPDX have released a new version of their spec
that agrees with what I was trying to propose originally here:

See [1] "Deprecated License" and [2] Appendix IV: SPDX License Expressions:

| Simple License Expressions
| 
| An SPDX License List Short Form Identifier with a unary"+" operator suffix to represent the current
| version of the license or any later version. For example: GPL-2.0+

May we restart discussing updating debian's copyright-format to be consistent
with this?

To recap, in case people have forgotten:

Currently the format 1.0 specifies (and lintian warns) if I have GPL-3 and
GPL-3+ licensed files in my package, but I only have a GPL-3 License stanza
(and not another "GPL-3+" stanza). My argument was that this is pointless
redundancy, counterarguments complained that "+" was not well-defined, but
then one could re-counter that "and" and "or" was also not well-defined.

Anyway it looks like SPDX now agrees with me, and probably got fed up of this
redundancy themselves.

Concretely, what would need to be changed in copyright-format 1.1 would be
similar to what SPDX have done, i.e.:

a) define + an operator, similar to "or" and "and" that already exist
b) drop the GPL-2+ et al "short names"
c) define a "with <LicenseException" operator
d) add a License-Exception paragraph

Luckily SPDX have already done all the hard work of defining this stuff
precisely, and you can read about it yourself in Appendix IV.

A technical note is that our "short names" correspond to their "SPDX License
List Short Form Identifier". Additionally, they distinguish between a "Simple"
vs "Composite" license expression but I don't think we need to do that. We
*could*, but it just adds complexity and I don't see the point here.

X

[1] https://spdx.org/licenses/
[2] https://spdx.org/sites/spdx/files/SPDX-2.0.pdf

-- System Information:
Debian Release: stretch/sid
  APT prefers testing
  APT policy: (990, 'testing'), (500, 'stable'), (300, 'unstable'), (200, 'experimental')
Architecture: amd64 (x86_64)
Foreign Architectures: i386

Kernel: Linux 4.5.0-1-amd64 (SMP w/4 CPU cores)
Locale: LANG=en_GB.utf8, LC_CTYPE=en_GB.utf8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)

Reply to:

Prev by Date: Bug#807742: developer-reference: Italian Translation
Next by Date: Processed: submitter 649530
Previous by thread: Bug#807742: developer-reference: Italian Translation
Next by thread: Processed: submitter 649530
Index(es):
- Date
- Thread