[AppStream] Generalized SPDX licenses for metadata license

[John Scott]

To be clear, I understand that not using one of the permissive licenses 
enumerated in the AppStream specification is a bad idea to be avoided at all 
costs, and I share disdain for license proliferation. I also understand why 
copyleft licenses are not suitable.

That said, the role of the permissive license list seems unclear. The 
specification only says that such suitable licenses *include*, and then 
enumerates them. Is this the minimum set of licenses which implementations may 
accept, or the maximum?

It would be an artificial restriction for implementations not be allowed to 
accept others, or aliases, and frankly I don't think any static list can be 
put together without seeming contrived.

It is my hope that the AppStream specification retains its rationale for 
choosing permissive licenses, and enumerates its recommendations, but it be 
stated at least that using any other license identifier, SPDX or otherwise, 
results in unspecified or implementation-defined behavior.

Some of this is touched on at the issue below, but it does not clearly 
distinguish the specification from the reference implementation.
https://github.com/ximion/appstream/issues/195

In particular many projects are already licensed under permissive licenses 
suitable for the metadata, and using a different license from the rest of the 
project creates additional complexity, which ironically causes more licenses 
to proliferate into upstream projects.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 228 bytes
Desc: This is a digitally signed message part.
URL: <https://lists.freedesktop.org/archives/appstream/attachments/20210104/1da4b250/attachment.sig>