javamavenpom.xmllicensing

SPDX identifier for "proprietary" in Maven pom.xml `<license>` name

I want to add a license to the pom.xml stating that the project is licensed as proprietary, "All rights reserved.". The Pom Reference states that

Using an SPDX identifier as the license name is recommended.

However there is no identifier for "proprietary" in the SPDX License List.

While composer.json seems to go with "proprietary" as the license identifier, and package.json allows for: "license" : "SEE LICENSE IN <filename>", i did not find any recommendation for pom.xml. Is there any?

Solution

  • SPDX has no identifier for "proprietary" in the license list because there is no such license.

    Similar "All rights reserved." is not a license. Its the default for copyrighted works.

    The convention in composer.json to use "proprietary" is an inverse effect: In the Composer project SPDX license identifiers were introduced relatively early and the license field has to use the short identifiers to build the license string (you can have multiple licenses in that field).

    As the license field in composer.json then was defined by that, any other license not in the SPDX license list could not be named. As those are normally "closed software" licenses, the common term "proprietary" was suggested (all lower-case, no confusion with SPDX short identifiers which use upper-case letters).

    The situation in pom.xml is different. It does not require specific identifiers, it just recommends them for the name field:

    <licenses>
  <license>
    <name>Apache License, Version 2.0</name>
    <url>https://www.apache.org/licenses/LICENSE-2.0.txt</url>
    <distribution>repo</distribution>
    <comments>A business-friendly OSS license</comments>
  </license>
</licenses>

    It offers its own system to name/define the license. And to use the (long) SPDX Identifier for the name is only a (sane) recommendation, but naturally only if you're using a license from that list.

    But if you have a license your own, you put its name and the uniform resource location of the license text in there. There is no problem if you have an individual license (compare: in Composer you technically can not use the license field if you don't SPDX it)

    Now:

    According to your question you neither have yet a Name nor the Text of your license.

    But you are already confronted with technical questions about how to incorporate and connect what is not there. As you'd like to have a license (you want to add a license entry into the pom.xml), I'd say why not get help from a lawyer on your behalf that is able to find a textual expression of your proprietary wishes. Tell her what you wish, want and need, like you want to fill out these two <name>and <url> fields and until then you just document the process:

    <licenses>
  <license>
    <name/>
    <url/>
    <distribution/>
    <comments>Intentionally left blank.</comments>
  </license>
</licenses>

    This certainly is only a very early and very basic baseline, you're certainly able to tweak it even before you consider grabbing the phone.