>>>>> On Tue, 24 Sep 2019, Jason Zaman wrote: > The "GPL-2.0" one is deprecated: > https://spdx.org/licenses/GPL-2.0.html
> If SPDX moved to having two names "-only" and "-or-later" then we > should too. The main problem is that we will always have licenses that are not in their list. So if they add them later, chances are that we would have to rename ours, forcing our users to update their ACCEPT_LICENSE variable and possibly reinstall packages. Generally, it is also not predictable what they will choose as an identifier. For example, there is "BSD-2-Clause" but "0BSD". Sometimes they stick with the upstream version (e.g. CDDL-1.0), sometimes they invent their own (GPL-2.0-only), and sometimes they drop the version altogether (WTFPL). In addition, they change their names, which would make it even more difficult to catch up. So, we can use SPDX as a guideline when adding _new_ licenses, but I don't see any good reason for renaming existing ones. Especially when the SPDX identifiers aren't stable. Ulrich
signature.asc
Description: PGP signature
