-
Notifications
You must be signed in to change notification settings - Fork 287
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
New license request: Python-3.something and maybe others #1200
Comments
I have been looking into the differences in what SPDX and OSI have listed for the Python 2.0 license and wondering if wouldn't make more sense to update Python-2.0 to what is listed on the Python site? The license in the nodeca/argparse repo is the same as the one in the Python repo, excluding the 0BSD license for docs. https://github.com/python/cpython/blob/master/LICENSE |
I tried to find out if anyone on the OSI license discussion list knew where the version that OSI and SPDX comes from, because I have never seen it used, and no one who responded knew. When I looked back in the Python repo history, I couldn't find it. All of the python projects I come across, use the Python license, as it was written out, at least, until 3.8.5. |
@jlovejoy - would you recommend we open a new issue suggesting the SPDX "Python-2.0" be updated to this version of the license - e.g. https://github.com/python/cpython/blob/v3.8.5/LICENSE or https://www.nuget.org/packages/python/3.7.5/License? The only difference between those two license examples is one has "2020" included in the list of copyright dates. @capfei - FYI |
I've found a potentially somewhat related past discussion where it was suggested to drop the license's history from it. IIUC, people were opposed to changing an established SPDX license, and opted to create the Just mentioning this here in case it's relevant. |
Discussed in detail on 2021-06-10 legal team call, regarding some significant differences in the different versions that have been used over the years, including: Current version from website: https://docs.python.org/3/license.html Current version from cpython repo: https://github.com/python/cpython/blob/main/LICENSE 2001 version from cpython repo: https://github.com/python/cpython/blob/71500c8293a6862894cd657b8e41bbb43db6680d/LICENSE @ariel11 and @capfei to add some more details here, for discussion on next legal team call re: whether / what new entries to add. |
I tried finding the source of the license via the OSI license discussion group, but those that responded weren't sure either: https://lists.opensource.org/pipermail/license-discuss_lists.opensource.org/2021-February/021916.html. |
Per @swinslow's comment above, adding some examples of components in the wild that use a license very close to the "Python-2.0" SPDX, but is not a match. Example 1
The CNRI portion of the above license.html does not match that section of the “Python-2.0” SPDX. Interestingly, it does match the “CNRI-Python-GPL-Compatible” SPDX text, however it does not have the click-accept language shown on the “CNRI-Python-GPL-Compatible” SPDX. Besides the CNRI section noted above, the other differences between this license.html example and the “Python-2.0” license are as follows: |
Example 2
(1) The dates in PYTHON SOFTWARE FOUNDATION LICENSE VERSION 2, Section 2 are different. The bitbucket version has "2007, 2008, 2009, 2010" added. |
Example 3
(1) The dates in PYTHON SOFTWARE FOUNDATION LICENSE VERSION 2, Section 2 are different. The bitbucket version has “2007, 2008, 2009, 2010,….2021” added. |
To summarize the three examples above - the consistent differences between the SPDX "Python-2.0" and the licenses used in the wild are as follows:
Cc: @capfei for visibility |
discussed research @ariel11 did on June 24 call: decision to add as stack similar to what we did for Python-2.0 as it appears on https://docs.python.org/3/license.html However, question around this language on that page: In examples above (and seemingly consistent) with this language, sometimes 0BSD is included and sometimes not. @VanL - are you still involved with Python Foundation? Does "dual licensed under the PSF License Agreement and the Zero-Clause BSD license." mean the examples, recipes, and other code in documentation are licensed under both(and) licenses or a choice (or)? If the latter, then we would add as two different licenses (one with 0BSD and one without 0BSD). |
@VanL - can you answer the above question or maybe let us know who might be able to? |
I reached out to @VanL and he said:
|
A bit more research on this, and possibly duplicating what folks have already found. Using Google cache URLs in a few places below as the original URLs are throwing 503 errors at the moment. Regarding the Python "license stack's" use of
So if that's correct, the text on the license list for Python-2.0 -- I'm guessing originating from the OSI page for Python-2.0 -- was actually never used for Python release 2.0. Sigh. I don't think we can replace the text of Python-2.0, or add this changed version of the CNRI portion as "optional" text for Python-2.0, since it certainly appears to have a different substantive legal effect if it's present vs. absent. I think all that points in the direction of:
"More discussion is warranted" I fear... |
Correct. The Python 1.6.0 release was actually specifically for the license update.
Quite possible. There was disagreement with GNU about GPL compatibility at one point.
If you need to choose a prefix, I would suggest "PSF" since that's what the license is known by in the Python community and as official of a name as it has: https://github.com/python/cpython/blob/4dc746310bd37ad6b381f9176acd167d445f4385/LICENSE#L62-L63 . |
Hi all - thanks to everyone above for all the research and sorry this got procrastinated, I've cleared the "waiting for steward" label which wasn't helping! I've created a PR to add the Python-2.0.1 license with some markup that should then match to the various examples cited above. See #1549 for more info Also added an updated note for Python-2.0 |
With #1549 merged to add |
License was added with spdx#1549 as a follow up on spdx#1200 In spdx#1200 it is stated that the license is FSF approved but no OSI approved or at least not with the right name. With a link to the FSF website [1]. So I'm adding this attribute to the license for it to be properly tagged as FSF approved. [1] https://www.gnu.org/licenses/license-list.en.html#Python
License was added with spdx#1549 as a follow up on spdx#1200 Renaming license to match FSF identifier see [1]. [1] https://wking.github.io/fsf-api/licenses-full.json
Some Python-related projects (such as https://github.com/nodeca/argparse) use a license that they refer to as
Python-2.0
in theirpackage.json
's (SPDX compliant)license
field.However, that license isn't identical to what SPDX lists as Python-2.0 license. Specifically, SPDX has the following:
That part is found in the "CNRI OPEN SOURCE LICENSE AGREEMENT (for Python 1.6b1)" section. (I'm not even sure if that part is legally binding or just there for historic purposes.) Anyway, I think that that part is what is mentioned by the GNU project's license list as the reason for that license being GPL-incompatible:
Anyway,
argparse
'sLICENSE
has the following instead:Note that this is identical to what the GNU Project calls the Python-2.0.1 license (which unfortunately currently isn't an SPDX-listed license), and lists as GPL-compatible.
The latter license is also found on the Python website (which should probably be considered the canonical source): https://www.python.org/download/releases/2.0.1/license/
Would you consider adding the
Python-2.0.1
license? The apparent difference in GPL compatibility seems relevant enough for (FL)OSS projects -- this is basically what prompted me to file this issue 🙂Based on my findings at WordPress/gutenberg#28890 (comment)).
Also discussed at nodeca/argparse#160.
The text was updated successfully, but these errors were encountered: