On 5/23/22 1:30 PM, Richard Fontana wrote:
On Mon, May 23, 2022 at 2:03 PM Neal Gompa <ngompa13@xxxxxxxxx> wrote:
On Mon, May 23, 2022 at 1:03 PM Jilayne Lovejoy <jlovejoy@xxxxxxxxxx> wrote:
On 5/23/22 10:44 AM, Neal Gompa wrote:
On Mon, May 23, 2022 at 12:37 PM Jilayne Lovejoy <jlovejoy@xxxxxxxxxx> wrote:
Hi Fedora legal and packaging,
I'm cross-posting this, as I think it's relevant to both groups.
The current policy for filling out the license field of the spec file (as described at https://docs.fedoraproject.org/en-US/packaging-guidelines/LicensingGuidelines/ ) states, "The License: field refers to the licenses of the contents of the binary rpm. When in doubt, ask."
As we consider how to improve documentation related to Fedora licensing, it would be helpful to hear people's thoughts on the following:
1) how do you (package maintainers) interpret this policy in practice?
2) what further information/documentation about this policy would be helpful?
3) should this policy be different, and if so, how?
4) any other related thoughts or observations
I generally interpret it to mean the effective license that covers the
resulting artifacts shipped in the binary RPM. I think this is fine,
but we definitely have a gap in RPM packaging in that we can't declare
the license of the Source RPM anywhere.
Are you saying we should have a way to declare both 1) the license that
covers the resulting artifacts shipped in the binary RPM
and 2) the license of the source (that creates said binary)?
This is particularly kludgy
when you have vendored or bundled code.
I don't have specific solutions here, but I would like to avoid having
the list licenses for literally everything in a source tree when it
doesn't matter for binary RPMs.
isn't having to list license for everything in the source the same as 2??
We are required to document source licensing for bundled stuff, which
contravenes the "effective binary licensing" policy we have in
general. If we didn't have that, we could avoid this whole problem.
Do you mean bundled stuff that is distributed with the binary RPM
(whether in the same form or somehow transformed), or bundled stuff
that happens to be in the source tarball or whatever but is ignored in
building the binary RPM?
If it's the latter then that does seem to contradict the "license of
the binary" policy.
Richard
I'm also wondering where the "required to document source licensing for
bundled stuff" is documented? Can you point to that?
J.
_______________________________________________
legal mailing list -- legal@xxxxxxxxxxxxxxxxxxxxxxx
To unsubscribe send an email to legal-leave@xxxxxxxxxxxxxxxxxxxxxxx
Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: https://lists.fedoraproject.org/archives/list/legal@xxxxxxxxxxxxxxxxxxxxxxx
Do not reply to spam on the list, report it: https://pagure.io/fedora-infrastructure