You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Hopefully these are bit-for-bit identical, but they might not be.
I'm not a lawyer, but it appears to me that the LICENSE.md from this repo does implicitly grant licenses for the files below https://github.com/oasis-tcs/sarif-spec/tree/main/Schemata, and 10.1 RAND Mode TC Requirements seems to imply a grant of redistibutability.
Is it possible to add a LICENSE.md adjacent to the schema files in their canonical location? I believe that would make it clear that there is a license grant on these files. Alternatively, is there some common policy covering docs.oasis-open.org that I missed? Sorry if that's the case.
The specific use case I have is that I'm hoping to add validation against the SARIF schema to GCC's testsuite to test my SARIF creation code; this testsuite ideally to be runnable in a locked-down environment with no network access (so that we can bootstrap a toolchain repeatedly from a known bundle of bits). Hence I would like to add a copy of the SARIF schemata to GCC's source tree, but for this I need clarity that these files are redistributable.
The text was updated successfully, but these errors were encountered:
Good news. The following is an exact quote from OASIS.
"They are free to incorporate it into their implementation. No need for special permission or paperwork from OASIS."
Just an update. OASIS says that although you do not need permission from them to incorporate the schema into your compiler, they understand that some companies are squeamish about such things, and OASIS will write a letter of permission if your company asks for it.
(as noted in #498 (comment) )
What's the license of the schema files? In particular, what permissions are granted (if any) to redistribute the schemata?
Note that there could be two sets of schemata:
Hopefully these are bit-for-bit identical, but they might not be.
I'm not a lawyer, but it appears to me that the LICENSE.md from this repo does implicitly grant licenses for the files below https://github.com/oasis-tcs/sarif-spec/tree/main/Schemata, and 10.1 RAND Mode TC Requirements seems to imply a grant of redistibutability.
Is it possible to add a LICENSE.md adjacent to the schema files in their canonical location? I believe that would make it clear that there is a license grant on these files. Alternatively, is there some common policy covering docs.oasis-open.org that I missed? Sorry if that's the case.
The specific use case I have is that I'm hoping to add validation against the SARIF schema to GCC's testsuite to test my SARIF creation code; this testsuite ideally to be runnable in a locked-down environment with no network access (so that we can bootstrap a toolchain repeatedly from a known bundle of bits). Hence I would like to add a copy of the SARIF schemata to GCC's source tree, but for this I need clarity that these files are redistributable.
The text was updated successfully, but these errors were encountered: