From 2aaab24084c7c2f16a8aae37a2c6820bead262fc Mon Sep 17 00:00:00 2001 From: Gary O'Neall Date: Sun, 6 Aug 2023 11:09:47 -0700 Subject: [PATCH] Move the concluded and declared license doc to Licensing profile Signed-off-by: Gary O'Neall --- .../Licensing.md} | 46 ++++++++++++++--- model/Software/Properties/concludedLicense.md | 50 ------------------- 2 files changed, 40 insertions(+), 56 deletions(-) rename model/{Software/Properties/declaredLicense.md => Licensing/Licensing.md} (53%) delete mode 100644 model/Software/Properties/concludedLicense.md diff --git a/model/Software/Properties/declaredLicense.md b/model/Licensing/Licensing.md similarity index 53% rename from model/Software/Properties/declaredLicense.md rename to model/Licensing/Licensing.md index 9bb54795d..a12d13fe9 100644 --- a/model/Software/Properties/declaredLicense.md +++ b/model/Licensing/Licensing.md @@ -1,14 +1,19 @@ SPDX-License-Identifier: Community-Spec-1.0 -# declaredLicense +# Licensing ## Summary -Identifies the license information actually found in the software Package, -File or Snippet, for example as detected by use of automated tooling. +The Licensing Profile defines a minimum set of license information required to comply with typical license compliance use cases. ## Description +The Licensing profile only contains additional restrictions. Classes and Property restrictions are definied in the SimpleLicensingProfile +(Classes and Properties associated with string license expressions) and in the ExpandedLicensingProfile (Classes and Properties used for a +fully parsed syntax tree of license expressions). + +There are 2 relationships which are required for any Software Artifact - declaredLicense and concludedLicense. + A declaredLicense is the license identified in text in the software package, file or snippet as the license declared by its authors. @@ -55,8 +60,37 @@ Note that a missing or null declaredLicense is not the same as a NOASSERTION val since the NOASSERTION value is a "known unknown" whereas no conclusion can be drawn from a missing or null value. +A concludedLicense is the license identified by the SPDX data creator, +based on analyzing the license information in the software Package, File +or Snippet and other information to arrive at a reasonably objective +conclusion as to what license governs it. + +If a concludedLicense has a NONE value (NoneLicense), this indicates that the +SPDX data creator has looked and did not find any license information for this +software Package, File or Snippet. + +If a concludedLicense has a NOASSERTION value (NoAssertionLicense), this +indicates that one of the following applies: +* the SPDX data creator has attempted to but cannot reach a reasonable + objective determination; +* the SPDX data creator has made no attempt to determine this field; or +* the SPDX data creator has intentionally provided no information (no + meaning should be implied by doing so). + +If a concludedLicense is not present or a null value, no conclusion can be drawn. +Note that a missing or null concludedLicense is not the same as a NOASSERTION value +since the NOASSERTION value is a "known unknown" whereas no conclusion can be drawn +from a missing or null value. + +A written explanation of a NOASSERTION value (NoAssertionLicense) MAY be +provided in the comment field for the relationship. + +If the concludedLicense for a software Package, File or Snippet is not the +same as its declaredLicense, a written explanation SHOULD be provided in +the licenseComment field. + + ## Metadata -- name: declaredLicense -- Nature: ObjectProperty -- Range: /Licensing/AnyLicenseInfo +- id: https://rdf.spdx.org/v3/Licensing +- name: Licensing diff --git a/model/Software/Properties/concludedLicense.md b/model/Software/Properties/concludedLicense.md deleted file mode 100644 index d1a50315e..000000000 --- a/model/Software/Properties/concludedLicense.md +++ /dev/null @@ -1,50 +0,0 @@ -SPDX-License-Identifier: Community-Spec-1.0 - -# concludedLicense - -## Summary - -Identifies the license that that SPDX data creator has concluded as governing -the software Package, File or Snippet. - -## Description - -A concludedLicense is the license identified by the SPDX data creator, -based on analyzing the license information in the software Package, File -or Snippet and other information to arrive at a reasonably objective -conclusion as to what license governs it. - -If a concludedLicense has a NONE value (NoneLicense), this indicates that the -SPDX data creator has looked and did not find any license information for this -software Package, File or Snippet. - -If a concludedLicense has a NOASSERTION value (NoAssertionLicense), this -indicates that one of the following applies: -* the SPDX data creator has attempted to but cannot reach a reasonable - objective determination; -* the SPDX data creator has made no attempt to determine this field; or -* the SPDX data creator has intentionally provided no information (no - meaning should be implied by doing so). - -If a concludedLicense is not present or a null value, no conclusion can be drawn. -Note that a missing or null concludedLicense is not the same as a NOASSERTION value -since the NOASSERTION value is a "known unknown" whereas no conclusion can be drawn -from a missing or null value. - -A written explanation of a NOASSERTION value (NoAssertionLicense) MAY be -provided in the licenseComment field. - -If the concludedLicense for a software Package, File or Snippet is not the -same as its declaredLicense, a written explanation SHOULD be provided in -the licenseComment field. - -If the declaredLicense for a software Package, File or Snippet is a choice -of more than one license (e.g. a license expression combining two licenses -through use of the `OR` operator), then the concludedLicense may either -retain the license choice or identify which license was chosen. - -## Metadata - -- name: concludedLicense -- Nature: ObjectProperty -- Range: /Licensing/AnyLicenseInfo