On Mon, Aug 28, 2023 at 6:40 PM Vít Ondruch <vondruch@xxxxxxxxxx> wrote: > > > Dne 28. 08. 23 v 17:26 Petr Pisar napsal(a): > > V Sun, Aug 27, 2023 at 12:30:01PM -0400, Richard Fontana napsal(a): > >> On Tue, Aug 22, 2023 at 3:34 AM Petr Pisar <ppisar@xxxxxxxxxx> wrote: > >>> V Mon, Aug 21, 2023 at 01:04:29PM +0200, Florian Weimer napsal(a): > >>>> * Most package maintainers probably assume that License: tags on all > >>>> built RPMs (source RPMs and binary RPMs) should reflect binary package > >>>> contents, at least when all subpackages are considered in aggregate. > >>>> Often, Source RPMs contain the same License: line as binary RPMs. > >>>> > >>> That's a shortcomming of RPM. It reuses License tag of the main subpackage for > >>> source RPM. > >> Out of curiosity, is what subpackage is the "main" subpackage a well > >> defined concept, or is it just "the builit package that is described > >> first in the spec file" and beyond that a matter of convention? I > >> couldn't find the answer to this in a few minutes of naive searching. > >> > > I don't think the "main" title is an offical RPM term. Probably that's why you > > were unable to find it. It's used at few places in Fedora packaging guidelines > > <https://docs.fedoraproject.org/en-US/packaging-guidelines/>. > > > > Otherwise, the concept is well defined. At least empirically. > > > > The "main" subpackage is a subpackage which is defined with Name spec tag. All > > subsequent subpackages can and are only defined with a %package macro. RPM > > requires the Name tag to exist and come before any %package macros. Hence, > > the main subpackage which shares a License value with a source package is > > usually and effectively the first subpackage. > > > > I write usually, because there can be spec files which do not produce a binary > > package for the first subpackage. Then the only package where the Name tag > > (and its License tag, if overriden in other subpackages) manifests is the > > source package. We use these spec files without main binary subpackge rarely > > in EPEL. > > > Isn't it the default case for python packages? IOW I don't think it is > that rare (although I am not sure why you mention EPEL instead of Fedora). It's also the default case for all packages for Rust crates (about ~2200 packages in Fedora), and for most Go packages. In the Rust case, the main package's name is rust-foo, but names of built binary packages are rust-foo-devel, rust-foo+bar-devel, and optionally, foo (but *not* rust-foo). This way, the license tag for the source package (i.e. the "main" package, the thing that doesn't really exist) applies to all these *-devel subpackages (which is what we want), and the "foo" package gets a separate license tag (to account for statically linked dependencies). So yes, we rely on and adhere to the "License tag reflects binary package contents" rule. Fabio _______________________________________________ legal mailing list -- legal@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe send an email to legal-leave@xxxxxxxxxxxxxxxxxxxxxxx Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/legal@xxxxxxxxxxxxxxxxxxxxxxx Do not reply to spam, report it: https://pagure.io/fedora-infrastructure/new_issue
