Update to SPDX license list 3.24.0

CHANGELOG.rst

@@ -43,8 +43,19 @@ v33.0.0 (next next, roadmap)
 
       swift package resolve
 
-v32.1.0 (next, roadmap)
-----------------------------
+- New and updated licenses, including support for newly released
+  SPDX license list versions:
+  - SPDX License List 3.24:
+    This release of the SPDX license list had 25 new licenses
+    and exceptions, and out of them 12 were present as licenses
+    and 5 were present as rules already. There were 3 new
+    license/exception texts added, and the rest 5 were either
+    texts with small variations, additions to texts or several
+    rule texts together. And the rest have been added as new licenses.
+    For more details see https://github.com/nexB/scancode-toolkit/pull/3795
+
+v32.1.0 - 2024-03-23
+---------------------
 
 New CLI options:
 

src/licensedcode/data/licenses/3dslicer-1.0.LICENSE

@@ -5,11 +5,15 @@ name: 3D Slicer Contribution and Software License Agreement v1.0
 category: Permissive
 owner: Slicer Project
 homepage_url: https://www.slicer.org/wiki/License
-spdx_license_key: LicenseRef-scancode-3dslicer-1.0
+spdx_license_key: 3D-Slicer-1.0
+other_spdx_license_keys:
+    - LicenseRef-scancode-3dslicer-1.0
 text_urls:
     - https://github.com/Slicer/Slicer/blob/v4.6.2/COPYRIGHT.txt
 faq_url: https://www.slicer.org/wiki/CommercialUse
 other_urls:
+    - https://slicer.readthedocs.io/en/latest/user_guide/about.html#license
+    - https://github.com/Slicer/Slicer/blob/main/License.txt
     - http://www.slicer.org
     - http://wiki.na-mic.org/Wiki/index.php/Slicer3
 ignorable_authors:

src/licensedcode/data/licenses/amd-historical.LICENSE

@@ -5,7 +5,11 @@ name: AMD Historical License
 category: Permissive
 owner: Advanced Micro Devices
 notes: this is a short historical permissive license seen in the newlib C library
-spdx_license_key: LicenseRef-scancode-amd-historical
+spdx_license_key: AMD-newlib
+other_spdx_license_keys:
+    - LicenseRef-scancode-amd-historical
+other_urls:
+    - https://sourceware.org/git/?p=newlib-cygwin.git;a=blob;f=newlib/libc/sys/a29khif/_close.S;h=04f52ae00de1dafbd9055ad8d73c5c697a3aae7f;hb=HEAD
 ---
 
 This software is the property of Advanced Micro Devices, Inc  (AMD)  which

src/licensedcode/data/licenses/any-osi.LICENSE

@@ -0,0 +1,18 @@
+---
+key: any-osi
+short_name: Any OSI License
+name: Any OSI License
+category: Unstated License
+owner: Unspecified
+spdx_license_key: any-OSI
+minimum_coverage: 100
+other_urls:
+    - http://www.opensource.org/licenses/alphabetical
+    - https://metacpan.org/pod/Exporter::Tidy#LICENSE
+ignorable_urls:
+    - http://www.opensource.org/licenses/alphabetical
+---
+
+Pick your favourite OSI approved license :)
+
+http://www.opensource.org/licenses/alphabetical

src/licensedcode/data/licenses/asterisk-linking-protocols-exception.LICENSE

@@ -0,0 +1,25 @@
+---
+key: asterisk-linking-protocols-exception
+short_name: Asterisk linking protocols exception
+name: Asterisk linking protocols exception
+owner: Asterisk
+category: Copyleft Limited
+is_exception: yes
+spdx_license_key: Asterisk-linking-protocols-exception
+other_urls:
+    - https://github.com/asterisk/asterisk/blob/115d7c01e32ccf4566a99e9d74e2b88830985a0b/LICENSE#L27
+---
+
+Specific permission is also granted to link Asterisk with OpenSSL, OpenH323
+UniMRCP, and/or the UW IMAP Toolkit and distribute the resulting binary files.
+
+In addition, Asterisk implements several management/control protocols.
+This includes the Asterisk Manager Interface (AMI), the Asterisk Gateway
+Interface (AGI), and the Asterisk REST Interface (ARI). It is our belief
+that applications using these protocols to manage or control an Asterisk
+instance do not have to be licensed under the GPL or a compatible license,
+as we believe these protocols do not create a 'derivative work' as referred
+to in the GPL. However, should any court or other judiciary body find that
+these protocols do fall under the terms of the GPL, then we hereby grant you a
+license to use these protocols in combination with Asterisk in external
+applications licensed under any license you wish.

src/licensedcode/data/licenses/bsd-2-clause-first-lines.LICENSE

@@ -0,0 +1,39 @@
+---
+key: bsd-2-clause-first-lines
+short_name: BSD 2-Clause first lines
+name: BSD 2-Clause - first lines requirement
+owner: Nippon Telegraph and Telephone Corporation
+category: Permissive
+notes: |
+    Added in SPDX license list 3.24
+    This was previously the license rule: freebsd-doc_5.RULE
+spdx_license_key: BSD-2-Clause-first-lines
+other_urls:
+    - https://github.com/krb5/krb5/blob/krb5-1.21.2-final/NOTICE#L664-L690
+    - https://web.mit.edu/kerberos/krb5-1.21/doc/mitK5license.html
+---
+
+Redistribution and use in source and binary forms, with or without
+modification, are permitted provided that the following conditions
+are met:
+
+1. Redistributions of source code must retain the above
+   copyright notice, this list of conditions and the following
+   disclaimer as the first lines of this file unmodified.
+
+2. Redistributions in binary form must reproduce the above
+   copyright notice, this list of conditions and the following
+   disclaimer in the documentation and/or other materials provided
+   with the distribution.
+
+THIS SOFTWARE IS PROVIDED BY NTT "AS IS" AND ANY EXPRESS OR IMPLIED
+WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
+OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
+DISCLAIMED. IN NO EVENT SHALL NTT BE LIABLE FOR ANY DIRECT,
+INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
+(INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
+SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+OF THE POSSIBILITY OF SUCH DAMAGE.

src/licensedcode/data/licenses/catharon-osl.LICENSE

@@ -5,7 +5,9 @@ name: Catharon Open Source License
 category: Permissive
 owner: Catharon
 homepage_url: https://github.com/scummvm/scummvm/blob/master/LICENSES/CatharonLicense.txt
-spdx_license_key: LicenseRef-scancode-catharon-osl
+spdx_license_key: Catharon
+other_spdx_license_keys:
+    - LicenseRef-scancode-catharon-osl
 text_urls:
     - https://github.com/scummvm/scummvm/tree/master/engines/ags/lib/freetype-2.1.3/autohint
     - https://www.copperspice.com/docs/cs_overview/legal-3rdparty.html

src/licensedcode/data/licenses/codesourcery-2004.LICENSE

@@ -5,7 +5,11 @@ name: CodeSourcery 2004
 category: Permissive
 owner: CodeSourcery
 homepage_url: https://git.linaro.org/toolchain/newlib.git/tree/newlib/libc/misc/init.c
-spdx_license_key: LicenseRef-scancode-codesourcery-2004
+spdx_license_key: HPND-merchantability-variant
+other_spdx_license_keys:
+    - LicenseRef-scancode-codesourcery-2004
+other_urls:
+    - https://sourceware.org/git/?p=newlib-cygwin.git;a=blob;f=newlib/libc/misc/fini.c;hb=HEAD
 ---
 
 Permission to use, copy, modify, and distribute this file

src/licensedcode/data/licenses/cve-tou.LICENSE

@@ -5,7 +5,11 @@ name: Common Vulnerability Enumeration ToU License
 category: Permissive
 owner: Mitre
 homepage_url: https://cve.mitre.org/about/termsofuse.html
-spdx_license_key: LicenseRef-scancode-cve-tou
+spdx_license_key: cve-tou
+other_spdx_license_keys:
+    - LicenseRef-scancode-cve-tou
+other_urls:
+    - https://www.cve.org/Legal/TermsOfUse
 ---
 
 CVE Usage: MITRE hereby grants you a perpetual, worldwide, non-exclusive,

src/licensedcode/data/licenses/fftpack-2004.LICENSE

@@ -5,11 +5,14 @@ name: FFTPACK License 2004
 category: Permissive
 owner: NCAR
 homepage_url: https://github.com/marton78/pffft/blob/master/pffft.c
-spdx_license_key: LicenseRef-scancode-fftpack-2004
+spdx_license_key: NCL
+other_spdx_license_keys:
+    - LicenseRef-scancode-fftpack-2004
 text_urls:
     - https://bitbucket.org/jpommier/pffft/src/master/pffft.c
 other_urls:
     - https://github.com/nexB/scancode-toolkit/issues/1978
+    - https://gitlab.freedesktop.org/pipewire/pipewire/-/blob/master/src/modules/module-filter-chain/pffft.c?ref_type=heads#L1-52
 standard_notice: |
     http://www.cisl.ucar.edu/css/software/fftpack5/ftpk.html
     Copyright (c) 2004 the University Corporation for Atmospheric

src/licensedcode/data/licenses/gutmann.LICENSE

@@ -0,0 +1,16 @@
+---
+key: gutmann
+short_name: Gutmann License
+name: Gutmann License
+owner: Peter Gutmann
+category: Permissive
+notes: |
+    Added in SPDX license list 3.24
+    This was previously the license rule: other-permissive_bsdish_1.RULE
+spdx_license_key: Gutmann
+other_urls:
+    - https://www.cs.auckland.ac.nz/~pgut001/dumpasn1.c
+---
+
+You can use this code in whatever way you want, as long as you don't try
+to claim you wrote it.

src/licensedcode/data/licenses/hpnd-export-us-acknowledgement.LICENSE

@@ -0,0 +1,37 @@
+---
+key: hpnd-export-us-acknowledgement
+short_name: HPND US export acknowledgment
+name: HPND with US Government export control warning and acknowledgment
+owner: Regents of the University of California
+category: Free Restricted
+notes: |
+    Added in SPDX license list 3.24
+    This was previously mit-no-advert-export-control_and_proprietary-license_1.RULE
+spdx_license_key: HPND-export-US-acknowledgement
+other_urls:
+    - https://github.com/krb5/krb5/blob/krb5-1.21.2-final/NOTICE#L831-L852
+    - https://web.mit.edu/kerberos/krb5-1.21/doc/mitK5license.html
+ignorable_authors:
+    - the University of Southern California
+---
+
+EXPORT OF THIS SOFTWARE from the United States of America may
+require a specific license from the United States Government. It
+is the responsibility of any person or organization
+contemplating export to obtain such a license before exporting.
+
+WITHIN THAT CONSTRAINT, permission to copy, modify, and distribute
+this software and its documentation in source and binary forms is
+hereby granted, provided that any documentation or other materials
+related to such distribution or use acknowledge that the software
+was developed by the University of Southern California.
+
+DISCLAIMER OF WARRANTY.  THIS SOFTWARE IS PROVIDED "AS IS".  The
+University of Southern California MAKES NO REPRESENTATIONS OR
+WARRANTIES, EXPRESS OR IMPLIED.  By way of example, but not
+limitation, the University of Southern California MAKES NO
+REPRESENTATIONS OR WARRANTIES OF MERCHANTABILITY OR FITNESS FOR ANY
+PARTICULAR PURPOSE. The University of Southern California shall not
+be held liable for any liability nor for any direct, indirect, or
+consequential damages with respect to any claim by the user or
+distributor of the ksu software.

src/licensedcode/data/licenses/hpnd-sell-variant-mit-disclaimer-rev.LICENSE

@@ -0,0 +1,27 @@
+---
+key: hpnd-sell-variant-mit-disclaimer-rev
+short_name: HPND sell variant with MIT disclaimer reverse
+name: HPND sell variant with MIT disclaimer - reverse
+owner: Ian Stapleton Cordasco
+category: Permissive
+notes: Added in SPDX license list 3.24
+spdx_license_key: HPND-sell-variant-MIT-disclaimer-rev
+other_urls:
+    - https://github.com/sigmavirus24/x11-ssh-askpass/blob/master/dynlist.c
+---
+
+Disclaimer:
+
+The software is provided "as is", without warranty of any kind,
+express or implied, including but not limited to the warranties
+of merchantability, fitness for a particular purpose and
+noninfringement. In no event shall the author(s) be liable for
+any claim, damages or other liability, whether in an action of
+contract, tort or otherwise, arising from, out of or in connection
+with the software or the use or other dealings in the software.
+
+Permission to use, copy, modify, distribute, and sell this
+software and its documentation for any purpose is hereby
+granted without fee, provided that the above copyright notice
+appear in all copies and that both that copyright notice and
+this permission notice appear in supporting documentation.

src/licensedcode/data/licenses/hpnd-uc-export-us.LICENSE

@@ -0,0 +1,20 @@
+---
+key: hpnd-uc-export-us
+short_name: HPND UC US export warning
+name: Historical Permission Notice and Disclaimer - University of California, US export warning
+owner: Regents of the University of California
+category: Free Restricted
+spdx_license_key: HPND-UC-export-US
+notes: Added in SPDX license list 3.24
+other_urls:
+    - https://github.com/RTimothyEdwards/magic/blob/master/LICENSE
+---
+
+Permission to use, copy, modify, and distribute this
+software and its documentation for any purpose and without
+fee is hereby granted, provided that the above copyright
+notice appear in all copies.  The University of California
+makes no representations about the suitability of this
+software for any purpose.  It is provided "as is" without
+express or implied warranty.  Export of this software outside
+of the United States of America may require an export license.

src/licensedcode/data/licenses/intel-osl-1993.LICENSE

@@ -4,7 +4,11 @@ short_name: Intel OSL 1993
 name: Intel Open Source License 1993
 category: Permissive
 owner: Intel Corporation
-spdx_license_key: LicenseRef-scancode-intel-osl-1993
+spdx_license_key: HPND-Intel
+other_spdx_license_keys:
+    - LicenseRef-scancode-intel-osl-1993
+other_urls:
+    - https://sourceware.org/git/?p=newlib-cygwin.git;a=blob;f=newlib/libc/machine/i960/memcpy.S;hb=HEAD
 ---
 
 Intel hereby grants you permission to copy, modify, and distribute this

src/licensedcode/data/licenses/mit-khronos-old.LICENSE

@@ -0,0 +1,38 @@
+---
+key: mit-khronos-old
+short_name: MIT Khronos - old variant
+name: MIT Khronos - old variant
+category: Permissive
+owner: Khronos Group
+notes: |
+    Added in SPDX license list 3.24
+    This is the same as khronos.LICENSE except the third paragraph
+spdx_license_key: MIT-Khronos-old
+other_urls:
+    - https://github.com/KhronosGroup/SPIRV-Cross/blob/main/LICENSES/LicenseRef-KhronosFreeUse.txt
+    - https://www.khronos.org/registry/
+ignorable_urls:
+    - https://www.khronos.org/registry/
+---
+
+Permission is hereby granted, free of charge, to any person obtaining a copy
+of this software and/or associated documentation files (the "Materials"),
+to deal in the Materials without restriction, including without limitation
+the rights to use, copy, modify, merge, publish, distribute, sublicense,
+and/or sell copies of the Materials, and to permit persons to whom the
+Materials are furnished to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in
+all copies or substantial portions of the Materials.
+
+MODIFICATIONS TO THIS FILE MAY MEAN IT NO LONGER ACCURATELY REFLECTS KHRONOS
+STANDARDS. THE UNMODIFIED, NORMATIVE VERSIONS OF KHRONOS SPECIFICATIONS AND
+HEADER INFORMATION ARE LOCATED AT https://www.khronos.org/registry/
+
+THE MATERIALS ARE PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS
+OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL
+THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING
+FROM,OUT OF OR IN CONNECTION WITH THE MATERIALS OR THE USE OR OTHER DEALINGS
+IN THE MATERIALS.

src/licensedcode/data/licenses/mit-no-advert-export-control.LICENSE

@@ -8,7 +8,12 @@ homepage_url: https://fedoraproject.org/wiki/Licensing:Xerox?rd=Licensing/Xerox
 notes: |
     Per Fedora, this license is very similar to MIT, except that it requires
     that US Export Control laws be followed, which makes it GPL-Incompatible.
-spdx_license_key: LicenseRef-scancode-mit-no-advert-export-control
+spdx_license_key: HPND-export2-US
+other_spdx_license_keys:
+    - LicenseRef-scancode-mit-no-advert-export-control
+other_urls:
+    - https://web.mit.edu/kerberos/krb5-1.21/doc/mitK5license.html
+    - https://github.com/krb5/krb5/blob/krb5-1.21.2-final/NOTICE#L111-L133
 minimum_coverage: 70
 ---
 

src/licensedcode/data/licenses/mit-taylor-variant.LICENSE

@@ -4,7 +4,11 @@ short_name: MIT Taylor Variant
 name: MIT Taylor Variant
 category: Permissive
 owner: Unspecified
-spdx_license_key: LicenseRef-scancode-mit-taylor-variant
+spdx_license_key: pkgconf
+other_spdx_license_keys:
+    - LicenseRef-scancode-mit-taylor-variant
+other_urls:
+    - https://github.com/pkgconf/pkgconf/blob/master/cli/main.c#L8
 ---
 
 Permission to use, copy, modify, and/or distribute this software for any purpose