Update LICENSE to Community Specification License 1.0#79
Conversation
JustinCappos
assigned
SantiagoTorres,
adityasaky,
06kellyjac,
reza-curtmola and
trishankatdatadog
|
FYI: We also will need to change the ITE repo and ensure that files in our repo have the "SPDX-License-Identifier: Community-Spec-1.0". {Note that since the CSL 1.0 in LICENSE is itself CC-BY-4.0, it should have that SPDX License identifier.) |
adityasaky
left a comment
adityasaky
left a comment
There was a problem hiding this comment.
I don't feel very qualified to comment on this change, but I think it mostly looks okay?
|
A short description of why we are making this change will be useful for recordkeeping @JustinCappos |
|
For rationale: I had a conversation with Mike Dolan from the LF and there is a good reason for us to consider using the Community License Specification for the in-toto specification. See some of the discussion on the SBOMit sandbox thread: ossf/tac#191 (comment) This won't make any difference for anyone who uses or works on an implementation of in-toto. It will effectively just make the specification / ITE editors more visibly aligned with the "Apache 2.0" principles that apply to the implementations. |
|
Looks like there's a slightly different process for applying this license documented here: https://github.com/CommunitySpecification/Community_Specification/blob/main/..Getting%20Started.md |
7 participants
No description provided.