Re: Boolean logic in license

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 




Dne 19. 01. 22 v 4:42 Jilayne Lovejoy napsal(a):


On 1/13/22 2:59 PM, Richard Fontana wrote:
On Thu, Jan 13, 2022 at 8:56 AM Vít Ondruch <vondruch@xxxxxxxxxx> wrote:
With my packagers hat on, I'd like this to be as simple as me (or some
scanner) going through the code and listing all the licenses which are
then put into `License` tag. The rest can handle automation, e.g. are
these licenses good and in right combination, what is effective Fedora
license. I am not sure why I, as a packager, should be involved in
decision if Artistic should be listed somewhere or not.
so, are you saying you'd like to use a license scanner (e.g., ScanCode or FOSSology) to scan a proposed new package for Fedora and then have those results checked against the "good" list and then generate the License tag? This sounds like something that would require some additional tooling to be written to take the FOSSology results and compare them against the Fedora-license data, right?


All I wanted to say is that determining SW license is not always easy for packager. For my packages, I typically check for the licenses in following places:

1) Metadata

2) License files

3) Readme

4) License scanner (typically licensecheck, because it is easy a straight forward).

5) Skimming through the code.

This should give me reasonable list of licenses. This is the nontrivial part.

But from here, it should be quite easy to proceed with some tool. Therefore if I put something fishy into license tag, the build would not be allowed to proceed.

For a packager, if Artistic is allowed/listed or not, it should not be any concern as long as the build passes. Or is there SSPL listed and build fails, then the package should be finally concerned why it fails.

IOW, at this stage, we should not discuss if Artistic should be listed in `License` tag or not. If it was Ok up to day, then it will be Ok for foreseeable future, with SPDX identifiers or not. Should it be reassessed? Probably, but not sooner prior we can validate the `License` tag content.


Vít

Attachment: OpenPGP_signature
Description: OpenPGP digital signature

_______________________________________________
legal mailing list -- legal@xxxxxxxxxxxxxxxxxxxxxxx
To unsubscribe send an email to legal-leave@xxxxxxxxxxxxxxxxxxxxxxx
Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: https://lists.fedoraproject.org/archives/list/legal@xxxxxxxxxxxxxxxxxxxxxxx
Do not reply to spam on the list, report it: https://pagure.io/fedora-infrastructure

[Index of Archives]     [Fedora Users]     [Fedora Desktop]     [Fedora SELinux]     [Big List of Linux Books]     [Yosemite News]     [Gnome Users]     [KDE Users]

  Powered by Linux