[License-discuss] Python-2.0.1 and CNRI-Python-GPL-Compatible
Gregor Hoffleit
gregor at hoffleit.de
Fri Mar 20 17:42:55 UTC 2026
Hi Max,
I came around this thread and realized that the situation of the Python licenses on spdx.org and on the OSI site is quite a mess.
I'm still in the process of sorting, but a current breakdown:
As far as I can see, the Python license on the OSI site ( [ https://opensource.org/license/Python-2.0 | https://opensource.org/license/Python-2.0 ] ) was never used in any Python release.
It is a strange bastard of the license texts of Python 2.5, but with the CNRI license part (for Python 1.6.1) *replaced* with an very early draft of the license (from Python 1.6 beta1), which was never used in any public release.
I'm pretty sure this license text is a copy & paste error. The same problem also affects the "Python-2.0" license on SPDX ( [ https://spdx.org/licenses/Python-2.0.html | https://spdx.org/licenses/Python-2.0.html ] ).
The Python 2.5 license ( [ https://www.python.org/download/releases/2.5/license/ | https://www.python.org/download/releases/2.5/license/ ] ) includes the CNRI OPEN SOURCE LICENSE AGREEMENT (for Python 1.6).
I don't know about the implications, but the CNRI license agreement for Python 1.6 beta1 differed significantly from the license for 1.6.1. I'm pretty sure that the license for
1.6b1 was not compatible with the GPL.
It's very strange to see that a search for "CNRI OPEN SOURCE LICENSE AGREEMENT (for Python 1.6b1)" gives so many hits, if you know that this text was never included in any public Python release.
Conclusion: I think it's very reasonable to submit the current Python license for approval.
More details:
Historically, the Python LICENSE file is a collection of different license agreements that cover different parts of the code. Also, until recently, the text of the license was updated for nearly every release (e.g. to append the year of the release). Only recently the PSF has adopted a scheme where the text of the license stays the same (still, the LICENSE file is updated).
So what the SPDX calls the "Python License 2.0.1" is in fact simply the license used in Python 2.0.1.
To make things more complicated, what SPDX calls the "Python License 2.0" is not the license used in Python 2.0, but the license used e.g. in Python 2.5.
But for some reason, the section with the CNRI license agreement for Python 1.6 was replaced with the CNRI license agreement used in Python 1.6 beta1.
Strange thing is that this beta1 release of 1.6 had license terms that were never before and never after used: The public release of Python 1.6 had a significantly different license and then again in Python 1.6.1 the license was changed again (to make it compatible with the GPL, again):
- License of Python 1.6b1: [ http://hdl.handle.net/1895.22/1011 | http://hdl.handle.net/1895.22/1011 ]
- License of Python 1.6: [ http://hdl.handle.net/1895.22/1012 | http://hdl.handle.net/1895.22/1012 ]
- License of Python 1.6.1: [ http://hdl.handle.net/1895.22/1013 | http://hdl.handle.net/1895.22/1013 ]
Best regards,
Gregor Hoffleit
> Von: "Max Mehl" <Max.Mehl at deutschebahn.com>
> An: "license-discuss" <license-discuss at lists.opensource.org>
> Gesendet: Freitag, 20. März 2026 17:18:29
> Betreff: Re: [License-discuss] Python-2.0.1 and CNRI-Python-GPL-Compatible
> Hi all,
> Thanks for the additional comments. I’ve met Deb (ED of PSF) in Berlin this week
> and she was fine with me submitting both licenses, provided I Cc her in the
> submission emails.
> Consequently, I’ve opened two separate threads on license-review at .
> Best,
> Max
> From: License-discuss <license-discuss-bounces at lists.opensource.org> on behalf
> of McCoy Smith <mccoy at lexpan.law>
> Date: Tuesday, 17. March 2026 at 15:34
> To: license-discuss at lists.opensource.org <license-discuss at lists.opensource.org>
> Subject: Re: [License-discuss] Python-2.0.1 and CNRI-Python-GPL-Compatible
> Max:
> If you think the newer version of the Python license ought to be approved by the
> OSI, someone needs to submit it through the license approval process, described
> here: [ https://opensource.org/licenses/review-process |
> https://opensource.org/licenses/review-process ]
> Given that it sounds like 2.0.1 is now being used by Python, and 2.0 is only a
> legacy of older versions, I'd suggest that if submitted, at the same time 2.0
> be "Voluntarily Retired" as have many other licenses that have been superceded
> by newer versions (see the list here: [
> https://opensource.org/licenses?categories=superseded%2Cvoluntarily-retired |
> https://opensource.org/licenses?categories=superseded%2Cvoluntarily-retired ] );
> if it is not, 2.0 will likely be tagged (if 2.0.1 is approved) as superseded,
> like these licenses: [ https://opensource.org/licenses?categories=superseded |
> https://opensource.org/licenses?categories=superseded ] Same comment for the
> newer CNRI license versus the old one.
> I would suggest that someone from the Python community (if you aren't one
> already) do the submission, if that result is indeed desired. The review
> process requirements are in the link above.
> *This is no commentary on the approvability of the 2.0.1. or new CNRI license,
> which I haven't read, but just a general comment on how the result you want
> might be accomplished.
> McCoy Smith
> On 3/16/2026 5:46 PM, Pamela Chestek wrote:
>> I don't see a reason. The OSI generally only reacts to requests for license
>> approval, it doesn't generally approve licenses without them being submitted.
>> I'm assuming it hasn't be approved just because no one has asked for it before.
>> Pam
>> Pamela S. Chestek
>> Chestek Legal
>> 4641 Post St.
>> Unit 4316
>> El Dorado Hills, CA 95762
>> +1 919-800-8033
>> [ mailto:pamela at chesteklegal.com | pamela at chesteklegal.com ]
>> [ http://www.chesteklegal.com/ | www.chesteklegal.com ]
>> On 3/6/2026 5:47 AM, Max Mehl wrote:
>>> Hi everyone,
>>> As requested by Nick, I would like point to an ongoing discussion on Python
>>> licenses, affecting both OSI's and SPDX’s realms, and request OSI’s approval of
>>> two licenses.
>>> As you know, the licensing history of Python is quite complex, and the current
>>> license consists of multiple other licenses representing the long history and
>>> the different “ownerships” of the project (CWI, CNRI, BeOpen, PSF). [
>>> https://github.com/spdx/license-list-XML/issues/2197 |
>>> spdx/license-list-XML#2197 ] and an [
>>> https://lists.spdx.org/g/Spdx-legal/topic/107252308 |
>>> email to spdx-legal@ ] describe a bunch of intertwined problems around the
>>> identifiers of components of Python licenses. Recently, OSI fixed some of those
>>> already, thanks!
>>> Now, I wonder about the status of the license SPDX describes as [
>>> https://spdx.org/licenses/Python-2.0.1.html |
>>> Python-2.0.1 ] . IIRC, the main difference between [
>>> https://spdx.org/licenses/Python-2.0.html |
>>> Python-2.0 ] and Python-2.0.1 is in the CNRI part, making it GPL compatible (the
>>> “Virginia clause”). SPDX lists this updated sub-part as [
>>> https://spdx.org/licenses/CNRI-Python-GPL-Compatible.html |
>>> CNRI-Python-GPL-Compatible ] , a successor of [
>>> https://spdx.org/licenses/CNRI-Python.html |
>>> CNRI-Python ] .
>>> Since Python 1.6.1 and 2.0.1, Python releases have been licensed under
>>> Python-2.0.1 (and recently additionally 0BSD for its documentation), while
>>> Python-2.0 has only been used for Python 1.6 and 2.0. So modern CPython
>>> releases would probably be best described as being licensed under "Python-2.0.1
>>> AND 0BSD".
>>> But OSI only approved Python-2.0 as an Open Source license, as well as the old
>>> CNRI-Python part. This is why I suggest OSI to approve Python-2.0.1 and
>>> CNRI-Python-GPL-Compatible as Open Source licenses, and mark Python-2.0 and
>>> CNRI-Python as superseded. Is there any reason not to?
>>> Best,
>>> Max
>>> --
>>> Max Mehl
>>> Open Source / Supply Chain
>>> Enterprise-Team Chief Technology Office (CTO)
>>> DB Systel GmbH / Deutsche Bahn
>>> Schedule a meeting: [ https://cal.com/mxmehl |
>>> cal.com/mxmehl ]
>>> [ https://www.deutschebahn.com/pflichtangaben/20260305 | Pflichtangaben anzeigen
>>> ]
>>> Nähere Informationen zur Datenverarbeitung im DB-Konzern finden Sie hier: [
>>> https://www.deutschebahn.com/de/konzern/datenschutz |
>>> https://www.deutschebahn.com/de/konzern/datenschutz ]
>>> _______________________________________________
>>> The opinions expressed in this email are those of the sender and not necessarily
>>> those of the Open Source Initiative. Official statements by the Open Source
>>> Initiative will be sent from an opensource.org email address.
>>> License-discuss mailing list [ mailto:License-discuss at lists.opensource.org |
>>> License-discuss at lists.opensource.org ] [
>>> http://lists.opensource.org/mailman/listinfo/license-discuss_lists.opensource.org
>>> |
>>> http://lists.opensource.org/mailman/listinfo/license-discuss_lists.opensource.org
>>> ]
>> _______________________________________________
>> The opinions expressed in this email are those of the sender and not necessarily
>> those of the Open Source Initiative. Official statements by the Open Source
>> Initiative will be sent from an opensource.org email address.
>> License-discuss mailing list [ mailto:License-discuss at lists.opensource.org |
>> License-discuss at lists.opensource.org ] [
>> http://lists.opensource.org/mailman/listinfo/license-discuss_lists.opensource.org
>> |
>> http://lists.opensource.org/mailman/listinfo/license-discuss_lists.opensource.org
>> ]
> [ https://www.deutschebahn.com/pflichtangaben/20260319 | Pflichtangaben anzeigen
> ]
> Nähere Informationen zur Datenverarbeitung im DB-Konzern finden Sie hier: [
> https://www.deutschebahn.com/de/konzern/datenschutz |
> https://www.deutschebahn.com/de/konzern/datenschutz ]
> _______________________________________________
> The opinions expressed in this email are those of the sender and not necessarily
> those of the Open Source Initiative. Official statements by the Open Source
> Initiative will be sent from an opensource.org email address.
> License-discuss mailing list
> License-discuss at lists.opensource.org
> http://lists.opensource.org/mailman/listinfo/license-discuss_lists.opensource.org
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.opensource.org/pipermail/license-discuss_lists.opensource.org/attachments/20260320/80ecb50d/attachment-0001.htm>
More information about the License-discuss
mailing list