On 8/30/22 3:11 PM, Richard Fontana wrote:
Hi Jilayne,
All but a few of these came out of my own research into certain Fedora
packages or the "Callaway" licenses previously analyzed by you and I
think others on the SPDX-legal team. As such, they are all very low
priority from my perspective. The priority should be given to any
licenses submitted by actual Fedora package maintainers. I think there
have only been a couple of those so far. In one or two cases I
submitted a license on behalf of the Fedora package maintainer. Those
should be higher priority. Generally, though, if I submit something to
SPDX-legal it is (from my perspective, at least) low priority. I think
it should be easy to identify the (so far) few high priority ones but
I can help with that if needed.
Saw your comments as to what is low priority v. high in the SPDX issues,
thanks, that's helpful! I've tagged them for upcoming milestones
accordingly.
BTW: I am pretty sure only a small percentage of Fedora package
maintainers are subscribed to this list. I don't believe it is
considered mandatory or even recommended for Fedora package
maintainers to do so and I think many may not even know this list
exists!
good point, maybe I'll repost to devel later...
In the fedora-license-data project, I have been using the labels
SPDX::blocked for any case where a license is determined (or already
known from the Callaway era) to be 'allowed' and it has been submitted
to SPDX in order to get an SPDX identifier as described in our
documentation, and where we don't seem to have a final decision from
SPDX yet. I am not using SPDX::blocked to mean "major event holding
things up". If anyone thinks there is better terminology to use here
I'm all ears. :)
thanks for the description. I just went through all the MRs and labeled
them to be able to pull some data, so I have some thoughts I should jot
down on this, so we are using the labels consistently.
I do think it is very important to have a label
showing that things are halted on the Fedora side until SPDX takes
action, because that is a critical and, frankly, controversial element
of the process we decided to set up: Fedora blocks on SPDX adding new
license identifiers, probably the first time in Fedora's history when
Fedora packaging processes have been dependent on actions taken by an
external project/team. I will admit that I am a little skeptical about
whether that is going to work out ultimately but so far (a month into
the new process) it has been OK.
yeah, I guess if we wanted to see where "block" meant waiting, then the
current use of the labels doesn't catch that. but then maybe it's not
worth the time to get that granular, as we'll kind of know more generally?
Regarding 2, I would be happy to help with this but haven't had time
to look into what has to be done. I assume it involves XML and I have
always hated XML aesthetically so that is partly why I have not
contributed any work on the files yet. :)
well, I did one and we can look into getting more help - it's not hard,
if I can do it! ;)
J.
Richard
On Tue, Aug 30, 2022 at 1:46 PM Jilayne Lovejoy <jlovejoy@xxxxxxxxxx> wrote:
Hi all,
Richard has been very busy reviewing licenses and related activities, and consequently approx 13 new license submissions to SPDX on behalf of Fedora. See: https://github.com/spdx/license-list-XML/issues?q=is%3Aopen+is%3Aissue+label%3A%22new+license%2Fexception+request%22 Some of these have corresponding issues in our Gitlab data repo and labeled as "blocked on SPDX."
From the SPDX side to best shepherd these, can I get a little help on two aspects:
1) which of these submissions are priority from a Fedora perspective? That is, are any package maintainers waiting on SPDX (I know some of these are from leftover Fedora licenses we tagged as "needs more research" when we did the initial compare, which seems to suggest it may not be a blocking issue) - comments in the SPDX Github issue would be appreciated as to any that should be prioritized above others.
2) By way of SPDX processes, when a license has been determined to be accepted, we ask the submitter to help prepare the files for the SPDX license data. However, I'm not sure if Richard should be on the hook for all of these! Can anyone else from the Fedora legal community offer to help with this part? If so, indicate in the relevant issue and SPDX folks will point you to documentation to explain the process further (it's pretty easy, even I can do it)
Thanks!
Jilayne
_______________________________________________
legal mailing list -- legal@xxxxxxxxxxxxxxxxxxxxxxx
To unsubscribe send an email to legal-leave@xxxxxxxxxxxxxxxxxxxxxxx
Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: https://lists.fedoraproject.org/archives/list/legal@xxxxxxxxxxxxxxxxxxxxxxx
Do not reply to spam, report it: https://pagure.io/fedora-infrastructure/new_issue
--
_______________________________________________
legal mailing list -- legal@xxxxxxxxxxxxxxxxxxxxxxx
To unsubscribe send an email to legal-leave@xxxxxxxxxxxxxxxxxxxxxxx
Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: https://lists.fedoraproject.org/archives/list/legal@xxxxxxxxxxxxxxxxxxxxxxx
Do not reply to spam, report it: https://pagure.io/fedora-infrastructure/new_issue