Deprecate CUA-OPL-1.0 in favour of MPL-1.1

[silverhook]

The two are identical in text as well as header boilerplate/“Exhibit A”, apart from some styling (different bullet points) and name of the license.

Essentially CUA Office Public License 1.0 is just a rebranded MPL-1.1 and was used by CUA Office, which is a project that has been officially dead for over a decade.

[silverhook]

What’s more, the CUA Office project in 2008 even requested OSI to retire CUA-OPL-1.0:

CUA Office Public License Retirement request.

CUA Office Project cuaoffice at yahoo.com
Sat Apr 19 13:06:58 UTC 2008

---

To whom it may concern,

I,Patranun Limudomporn, in charge of the CUA Office project leader, would like to request for the retirement of "CUA Office Public License Version 1.0" . Our project members agree on the termination of this project therfore we have to withdraw or retire our CUAPL from OSI approved licenses list.

I am looking forward to hearing from you soon.

Best regards,

Patranun Limudomporn
Project Leader
CUA Office Project

I have sent a (re-)request to retire this license also to the OSI License Review mailing list

[jlovejoy]

@silverhook - the reason they are both on the SPDX License List as separate licenses is probably due to the OSI having approved and listed them separately and thus, when SPDX was endeavoring to make sure we had all OSI-approved licenses on the SPDX License List, they were both included. See:
https://opensource.org/licenses/CUA-OPL-1.0 and https://opensource.org/licenses/MPL-1.1

We can certainly add a note to the Notes section for CUA-OPL-1.0, but I don't think we want to remove/deprecate a license on SPDX that is listed as its own license on OSI list??

[jlovejoy]

add note re: author's "retirement" of license in note field

[silverhook]

Until OSI retires the license, I’m OK with just a note, yes. Thanks :)

[jlovejoy]

just added #711 for this

[silverhook]

OSI has now retired the CUA-OPL-1.0 and on its list of licenses has it now in the group “Licenses that have been voluntarily retired”.

[silverhook]

@jlovejoy, @swinslow, it might make sense to deprecate it now that it’s been marked as retired on OSI list for over a year.

[swinslow]

@silverhook Sounds like this is the same issue as Entessa / Apache-1.1 I think?

I'll reopen this one for now. I am theoretically in favor of deprecating these if they're really identical per SPDX matching guidelines to a common license that's also on the list (I haven't check myself yet to confirm).

One thing that comes to mind if we do deprecate, is that currently the deprecated licenses (listed at bottom of spdx.org/licenses) don't currently show OSI / FSF approval status. It might be good for us to update licenseListPublisher to fix that, if we're going to be deprecating OSI-approved licenses.

[silverhook]

Similar, yes. Although CUA-OPL-1.0 was by now already retired on OSI list, while Entessa is marked as Non-reusable/vanity license there.

[jlovejoy]

I think the issue here is maybe one of deprecation (in SPDX terms) versus what OSI defines as "retired" or whatever other terms they may. We might update our description/definition of "deprecated license" instead - will make new issue for general issue