Skip to content

Instantly share code, notes, and snippets.

@mxmehl

mxmehl/mismatches.md Secret

Last active December 9, 2022 08:55
Show Gist options
  • Star 0 You must be signed in to star a gist
  • Fork 0 You must be signed in to fork a gist
  • Save mxmehl/1e7a3aed4ff14a8ddfd4aff8ab4de552 to your computer and use it in GitHub Desktop.
Save mxmehl/1e7a3aed4ff14a8ddfd4aff8ab4de552 to your computer and use it in GitHub Desktop.
Download ZIP
OSI approved licenses mismatches with SPDX list
Raw
mismatches.md

SPDX issues

Marked as not OSI compliant in SPDX, but actually on OSI's list

  • eCos-2.0

Not in SPDX list, but in OSI's list

  • jabberpl: Jabber Open Source License
  • CVW: MITRE Collaborative Virtual Workspace License

Not in OSI list, but in SPDX's list

  • AFL-1.1
  • AFL-1.2
  • AFL-2.0
  • AFL-2.1
  • APSL-1.0
  • APSL-1.1
  • APSL-1.2
  • Artistic-1.0-cl8
  • Artistic-1.0-Perl
  • CAL-1.0-Combined-Work-Exception
  • GPL-3.0-with-GCC-exception
  • LGPL-2.0
  • MIT-Modern-Variant
  • MPL-2.0-no-copyleft-exception
  • OFL-1.1-no-RFN
  • OFL-1.1-RFN
  • OSL-2.0

False-positives

  • Many mismatches in GPL/LGPL/AGPL because of -only/-or-later/+. I unified those

OSI issues

Unclear status

  • EUPL-1.1 is not on OSI's site but only EUPL-1.2. However, the 1.2 entry links to the 1.1 detail site, and there exists an additional 1.2 URL. So OSI's listing seems confused. It's therefore unclear which licenses are approved.

Mismatch of IDs in OSI and SPDX

Probably mistakes on OSI's side

  • LiLiQ-P vs. LiLiQ-P-1.1
  • LiLiQ-R vs. LiLiQ-R-1.1
  • LiLiQ-R+ vs. LiLiQ-Rplus-1.1
  • UPL vs. UPL-1.0
  • WXwindows vs. wxWindows
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment