Skip to content

The license of the documentation is impractical for any use in any open source software, and other license issues #550

New issue
New issue
Closed
#758
Closed
The license of the documentation is impractical for any use in any open source software, and other license issues#550
#758
Assignees
ahouseholdersei-bkoosei-renae
Labels
bugSomething isn't workingcontent/semanticChanges to the semantic content of the SSVC documentation
Milestone
2025-03
@pombredanne

Description

@pombredanne
pombredanne
opened on Apr 5, 2024

Describe the bug
The license of the documentation is impractical for any use in any open source software. Could you work out something that makes it possible to reuse and include in an open source software package?

With open source, I cannot control commercial use or not.

It would be nice to consider a proper open source license for the docs and text such as a CC-BY or CC-BY-SA

Some other related license issues:

  • are the data and schema in https://github.com/CERTCC/SSVC/blob/main/data/ MIT-license (e.g. software?) or under the proprietary license of the docs, texts and PDFs? If not MIT, SSVC is mostly unusable as it is.

  • the license notice at

    SSVC/src/ssvc/_mixins.py

    Line 10 in a342cb6

    # Stakeholder Specific Vulnerability Categorization (SSVC) is
    mentions a LICENSE.md file that does not exists.

You have an excellent framework, but the licensing makes it's usage impossible for open source.

Metadata

Metadata

Assignees

Labels

bugSomething isn't workingcontent/semanticChanges to the semantic content of the SSVC documentation

Type

No type

Projects

No projects

Milestone

Relationships

None yet

Development

No branches or pull requests

Issue actions