package.json license uses incorrect SPDX code (MPL-2.0 instead of MPL-2.0-no-copyleft-exception) #4695
Labels
ungroomed
Ticket needs a maintainer to prioritize and label
Comments
|
hello, IANAL, but I've studied this further and I'm now fairly confident that the license wants you to attach the notices in the blockquote parts of the exhibits in your source files if you want them to mean something. The presence of the exhibits in the full text of the license has no meaning of its own. This might not be too bad though, as I'm not sure about your concern that the MPL 2.0 without exceptions allows modifications that cannot be reincorporated back into the original project. From the Mozilla FAQ there seems to be only two possibilities:
So it should always be possible to incorporate the changes back into the original project. |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Product
axe-core & other related Deque open source libraries
Product Version
4.10.2
Latest Version
Issue Description
Followup to #4680 (comment)
axe-core's LICENSE is MPL-2.0 with Exhibit B (and has been for 10 years).
However,
package.json'slicensefield currently lists"MPL-2.0". Per spdx.org, theMPL-2.0SPDX code is "for use when the standard MPL 2.0 is used, as indicated by the standard header (Exhibit A but no Exhibit B)" (emphasis mine), and the correct SPDX code for MPL 2.0 with exhibit B isMPL-2.0-no-copyleft-exception.This issue tracks that we need to update the SPDX code to match the actual license. This would not be a relicensing of a project (it is already licensed with exhibit B, per its
LICENSEfile), but we'll want to discuss and consider what kind of version number we want to put this update behind, since it is likely to be perceived as breaking by some users even if we believe it is more of a bugfix than a breaking change.We'll want to apply similar changes to our other open source libraries; most of them have the same issue.
The text was updated successfully, but these errors were encountered: