Dne 06. 06. 22 v 21:33 Richard Fontana napsal(a):
Following up on this thread: A few of us in Red Hat discussed this issue and settled on the idea that we should preserve the "licenses of the contents of the binary rpm" policy, rather than the most obvious alternative which would be "list the licenses found in the source tarball". A major justification for that is that there isn't much point in having the License: field merely replicate what you could get by using a source code license scanner with some minimal analysis.
Please note that source licenses does not map to binary RPMs 1:1. It is well possible the source tarball contains multiple licenses while some subpackage content is licensed by only subset of the licenses. E.g. you might have source tarball containing MIT code and CC0 data. Then you have -data subpackage which contains just the data, therefore the license for that subpackage should be just CC0.
Of course the guidelines could suggest against using specific License field for subpackages. Dunno if that would help anything.
Vít
However, it seems clear that "licenses of the contents of the binary rpm" is ambiguous and this partly explains why today Fedora packagers seem to be applying non-uniform standards to figuring out what to include in the License: field. There also may continue to be cases where different licensing of binary subpackages makes a difference to some package consumers. We considered a few different options and we concluded that the best approach is for the License: field to consist of a simple enumeration of the licenses (including, possibly, disjunctive license expressions) covering anything that ends up in a given binary RPM (whether compiled to binary code or otherwise). The Fedora package maintainer is in the best position to figure out what this subset of material in the source code is, and how it appears to be licensed. Importantly, this "simply enumerate" approach means not attempting to do any sort of further analysis such as GPL derivative works analysis, algebraic simplifications or resolutions of long strings of conjunctive license expressions based on longstanding community conventions around FOSS licensing, etc. As before, any comments on this are most welcome! Richard On Mon, May 23, 2022 at 12:37 PM Jilayne Lovejoy <jlovejoy@xxxxxxxxxx> wrote:Hi Fedora legal and packaging, I'm cross-posting this, as I think it's relevant to both groups. The current policy for filling out the license field of the spec file (as described at https://docs.fedoraproject.org/en-US/packaging-guidelines/LicensingGuidelines/ ) states, "The License: field refers to the licenses of the contents of the binary rpm. When in doubt, ask." As we consider how to improve documentation related to Fedora licensing, it would be helpful to hear people's thoughts on the following: 1) how do you (package maintainers) interpret this policy in practice? 2) what further information/documentation about this policy would be helpful? 3) should this policy be different, and if so, how? 4) any other related thoughts or observations Thanks! Jilayne _______________________________________________ packaging mailing list -- packaging@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe send an email to packaging-leave@xxxxxxxxxxxxxxxxxxxxxxx Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/packaging@xxxxxxxxxxxxxxxxxxxxxxx Do not reply to spam on the list, report it: https://pagure.io/fedora-infrastructure_______________________________________________ legal mailing list -- legal@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe send an email to legal-leave@xxxxxxxxxxxxxxxxxxxxxxx Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/legal@xxxxxxxxxxxxxxxxxxxxxxx Do not reply to spam on the list, report it: https://pagure.io/fedora-infrastructure
Attachment:
OpenPGP_signature
Description: OpenPGP digital signature
_______________________________________________ legal mailing list -- legal@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe send an email to legal-leave@xxxxxxxxxxxxxxxxxxxxxxx Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/legal@xxxxxxxxxxxxxxxxxxxxxxx Do not reply to spam on the list, report it: https://pagure.io/fedora-infrastructure
