Hi Jilayne, On 22/07/11 09:39AM, Jilayne Lovejoy wrote: > 1) when you say "some go packages in Fedora use bundled dependencies" - does > that mean the dependency is bundled in the same (binary) RPM, in which case > determining what goes in the License field for that spec file is a bit more > straight forward. Yes, I am talking about vendoring. Many go packages are unbundled (i.e. their libraries are packaged separately and the packages BuildRequire the library packages). The bundled packages are built from vendored dependencies, and the source code of the dependencies are included in the source RPM. The binaries are still statically linked either way. > v. > > 2) "nonbundled" (the case here) means that there is one package that > is dependent on another separate package via static linking, thus once > built it becomes one binary (I'm not sure I'm using all the right > terminology here, but hopefully that makes sense!) In this case, the > License field for each individual package is somewhat straight > forward, Yes, that is what I meant by unbundled. As I said, everything still becomes one binary whether or not its dependencies are bundled. > but how does one account for the license after static > linking, particularly due to the presence of GPL. That is basically my question. > > > Surely this sort of question has > > > come up before for Fedora Go packages... or has it? > > In general, I think packagers could use more guidance/documentation about this issue, but here is the current situation: > > > > I believe similar issues have been discussed on this ML, but more so related to rust. (Rust binaries are also statically linked and built against unbundled dependencies in Fedora.) The Rust Packaging Guidelines require that rust binaries' License tags account for the licenses of their respective dependencies. AFAIK, rust packages that contain binaries don't include the license *files* for their dependencies[1], though. > Can you point me to the Rust Packaging Guidelines? It sounds like there is > something about licensing guidelines included there, but seems like all > licensing-related advice should be in one place, no? https://docs.fedoraproject.org/en-US/packaging-guidelines/Rust/#_license_for_binary_packages is the relevant part. > > > > [1]: The "dependencies" (rust crates) are only required at buildtime, again, due to static linkage. > > > > Most, if not all, unbundled go packages only account for the license of the code contained in that SRPM. > that would be like my second scenario above, right? Yes, it is. -- Thanks, Maxwell G (@gotmax23) Pronouns: He/Him/His
Attachment:
signature.asc
Description: PGP signature
_______________________________________________ legal mailing list -- legal@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe send an email to legal-leave@xxxxxxxxxxxxxxxxxxxxxxx Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/legal@xxxxxxxxxxxxxxxxxxxxxxx Do not reply to spam on the list, report it: https://pagure.io/fedora-infrastructure
