On Thu, Dec 30, 2021 at 11:28:57AM -0500, Richard Fontana wrote:
On Wed, Dec 29, 2021 at 11:02 AM Miroslav Suchý <msuchy@xxxxxxxxxx> wrote:
I want to point to new tool I have created license-validate. See the thread on devel mailing list
https://lists.fedoraproject.org/archives/list/devel@xxxxxxxxxxxxxxxxxxxxxxx/thread/UATFWOAELVE2ZJHHYN63CRVS22FZYK5D/
Right now it contains manualy synced list of approved licenses copied from the wiki
https://pagure.io/copr/license-validate/blob/main/f/fedora-approved-licenses.txt
And BNF grammar of allowed constructs.
This sounds like it might be similar to some of what David Cantrell's
rpm-inspect does (https://github.com/rpminspect/rpminspect).
Yes, it looks like this is doing the same as "rpminspect -T license"
But the problem still remains regarding the source of the approved
licenses. Miroslav's tool is reading the wiki for the data. I went
the other route and used the JSON file constructed at RH and then put
it in the rpminspect-data-fedora package requiring newly approved
licenses to also be added to this file:
https://github.com/rpminspect/rpminspect-data-fedora/blob/master/licenses/fedora.json
If anything, we are seeing that the need for a central collection of
the license data in machine-readable format is needed. :)
--
David Cantrell <dcantrell@xxxxxxxxxx>
Red Hat, Inc. | Boston, MA | EST5EDT
_______________________________________________
legal mailing list -- legal@xxxxxxxxxxxxxxxxxxxxxxx
To unsubscribe send an email to legal-leave@xxxxxxxxxxxxxxxxxxxxxxx
Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: https://lists.fedoraproject.org/archives/list/legal@xxxxxxxxxxxxxxxxxxxxxxx
Do not reply to spam on the list, report it: https://pagure.io/fedora-infrastructure
