On Wed, Aug 9, 2023 at 7:35 AM Marián Konček <mkoncek@xxxxxxxxxx> wrote: > > Yes, I would like to package only that part. > > Does license review need to be done before or after submitting a package > review in Bugzilla? I don't think we (Fedora Legal people) care about that in general (unless there's some specific reason to think that a package wouldn't be allowed in Fedora for some non-license-related reason). > Regarding opening issues on fedora / spdx: > * one part is about adding / not adding Oracle / Sun's variant of > BSD-3-Clause > * the other is about accepting differently formatted Apache-1.1? > > Does formatting matter to SPDX? I have lost track of this but I think the issue was not formatting but some of the language of the Apache Software License 1.1 variant did not match the SPDX identifier. In general, formatting is irrelevant. Richard > > On 8. 8. 2023 20:24, Richard Fontana wrote: > > On Tue, Aug 8, 2023 at 9:00 AM Marián Konček <mkoncek@xxxxxxxxxx> wrote: > >> As part of the jaxb 4.0.2 -> 4.0.3 update, part of this package is > >> needed for its code generation. Therefore, I would like to package it in > >> Fedora. This package has complex licensing which is why I am asking for > >> a review. Note that I only need the "xsdlib" subdirectory. > >> > >> I only need a stripped-down version of this package as if by > >> downloading: > >> https://github.com/xmlark/msv/archive/refs/tags/msv-2022.7.tar.gz > >> > >> and running (inside the msv-msv-2022.7 directory): > >> > >> find . -mindepth 1 -maxdepth 1 -type d ! -name 'xsdlib' -exec rm -rf {} + > >> rm -rf xsdlib/src/main/resources > >> rm -rf xsdlib/src/test > >> grep -l -r --ignore-case 'proprietary' | xargs rm -v > >> > >> Most problematic license files are: copyright.txt and license.txt in > >> https://github.com/xmlark/msv/tree/main/docs/xsdlib. To my knowledge, > >> all files that remained use explicit BSD-3-Clause or Apache-1.1. > >> Question is whether we could have removed the copyright.txt and > >> license.txt files in the first place. > >> > >> Current upstream: https://github.com/xmlark/msv > >> Previous package in Fedora (used different source repository): > >> https://koji.fedoraproject.org/koji/packageinfo?packageID=2576 > >> Previous bug related to licensing: > >> https://bugzilla.redhat.com/show_bug.cgi?id=87684 > >> > >> Also grep --ignore-case for "proprietary" "confidential", "nuclear". > > Can you create a package just from that subset of the xsdlib > > directory as you indicated above? > > > > In those files, what I saw on a quick review was: > > > > - pom.xml : there's a Sun BSD license that is probably OK for Fedora > > but does not seem to match any known variant. (It's tempting to just > > ignore this but since it's probably OK we might as well add it.) > > > > - Oracle 3-clause BSD licenses: most of these seem to be BSD-3-Clause, > > but there was one for which SPDX would need to revise the markup, I > > think ( xsdlib/src/main/java/com/sun/msv/datatype/regexp/InternalImpl.java) > > > > - The Apache 1.1 license appearing on a number of source files does > > not quite match SPDX Apache-1.1, would require SPDX revision to the > > Apache-1.1 markup > > > > So these seem fairly nonproblematic but it would be helpful if you > > could create issues for these in fedora-license-data and then at > > github.com/spdx/license-list-XML. > > > > But if you need to package any of the other stuff in this repository > > that may complicate things further. > > > > Richard > > > -- > Marián Konček > _______________________________________________ > legal mailing list -- legal@xxxxxxxxxxxxxxxxxxxxxxx > To unsubscribe send an email to legal-leave@xxxxxxxxxxxxxxxxxxxxxxx > Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ > List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines > List Archives: https://lists.fedoraproject.org/archives/list/legal@xxxxxxxxxxxxxxxxxxxxxxx > Do not reply to spam, report it: https://pagure.io/fedora-infrastructure/new_issue _______________________________________________ legal mailing list -- legal@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe send an email to legal-leave@xxxxxxxxxxxxxxxxxxxxxxx Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/legal@xxxxxxxxxxxxxxxxxxxxxxx Do not reply to spam, report it: https://pagure.io/fedora-infrastructure/new_issue
