Yo,
Today I noticed that the "License package sources" RFC contained an amended 0BSD
license that added a two paragraph exception for patch files and other auxiliary
files. The purpose of this change is to ensure the license is not covering other
files in the repository that the author can't license from the upstream.
See: https://rfc.archlinux.page/0040-license-package-sources/
While this is a practical problem that needs to be solved, we should not be
doing that through additional text in a FSF- and OSI approved license. This
essentially makes it a custom license that is not really going to detected as
0BSD from external sources, and runs against the original goal of removing legal
uncertainty.
As the change, and by extension the problem itself, is not mentioned in the text
it came as a surprise to me that it was done.
What I think is more proper is to remove these two lines from the proposed
license file, and move this to a separate RFC that would cover a use of the
REUSE specification, or SPDX license identifiers. This would serve the same
purpose as the Debian `copyright` files, while also being standardized.
I have written a proposed amendment to the text that I hope people find okay.
https://gitlab.archlinux.org/archlinux/rfcs/-/merge_requests/49
*Please note that any licenses already added to the repository needs to be
amended.*
My goal is to write up a RFC for the REUSE/SPDX part of this before the current
3 month timeline where we'll start adding licenses to ensure we don't prolong
the process.
If people are curious how this would look like, I annotated the `usd` package as
an example.
https://gitlab.archlinux.org/foxboron/usd/-/tree/morten/reuse
See the spec for more details: https://reuse.software/spec-3.2/
Cheers!
--
Morten Linderud
PGP: 9C02FF419FECBE16