On 23-08-2023 21:59, Robert-André Mauchin wrote:
Regarding this, I am testing a new tool for license analysis.
With "new tool" are you referring to Fossology as mentioned Florian's initial message?
I took a random package from an SPDX PR in my Inbox. https://src.fedoraproject.org/rpms/90-Second-Portraits/pull-request/1 Surprise, surprise, we have non free code, this is just amazing!
Surprise, surprise, indeed. I submitted that PR as part of the SPDX workshop during Flock given by Tom "spot" Callaway and The Right Honourable Miroslav Suchý [1].
Seeing what the tool unearthed, I'm wondering if this should be made part of fedora-review. The current license check does not detect all the licenses nor the problematic font the new tool does. The license check is what I usually rely on doing reviews including my own package submissions.
[1] https://www.youtube.com/live/Hjhe6jtx3Zw?feature=shared&t=8657&start=2:24:15
-- Sandro _______________________________________________ legal mailing list -- legal@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe send an email to legal-leave@xxxxxxxxxxxxxxxxxxxxxxx Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/legal@xxxxxxxxxxxxxxxxxxxxxxx Do not reply to spam, report it: https://pagure.io/fedora-infrastructure/new_issue