The licensing profile includes capturing details relevant to software licensing and intellectual property. Specifically, the licensing profile and its associated definitions help express which licenses and copyright notices are determined by persons or automated tooling to apply to distributions of software. It includes classes and fields that comprise the SPDX License Expression syntax and that relate to the SPDX License List.
The fields in the licensing profile are particularly relevant to:
- Software creators, licensors, and packagers, with respect to software they are making available, to better communicate the applicable licenses and copyright notices;
- Persons involved in license compliance matters, such as attorneys and open source program officers; and
- Developers and users of automated tooling to facilitate such activities.
Distributors of software can communicate, in a human- and machine-readable manner, information about which licenses and copyright notices apply to their software.
Recipients and redistributors of software can use the licensing profile metadata fields to understand which licenses (whether open source or proprietary) apply to the software. This may be used to perform policy compliance and risk management.
Organizations can incorporate the analysis of licensing metadata into their software use and distribution decision-making processes, to trigger necessary activities such as making available source code, reproducing applicable notices, etc.
Organizations can use licensing metadata to determine where they may not wish to use or make available software depending on the license under which it is received.
- Using standardized metadata field definitions provides a common, human-readable and machine-parsable language to enable individuals and organizations to undertake decision-making about licensing and license compliance.
- The License Expression Syntax provides an intuitive way to talk about the relationships between multiple licenses that apply to a piece of software.
- The use of the licensing profile together with license identifiers from the SPDX License List provides a simple and consistent way to express many of the key details regarding distributions of software.