Předmět: | SPDX Statistics - Munich Agreement edition |
---|---|
Datum: | Fri, 29 Sep 2023 09:02:33 +0200 |
Od: | Miroslav Suchý <msuchy@xxxxxxxxxx> |
Společnost: | Red Hat Czech, s.r.o. |
Komu: | Development discussions related to Fedora <devel@xxxxxxxxxxxxxxxxxxxxxxx> |
Hot news: we are over 50 %!!! With almost 4k license tags converted in past 2 weeks. How it was possible?
First - it is because you rocks and really lots of work has been done. Both on our (Change owners) side and on you as package maintainers.
But the biggest impact was migration of texlive package.
Texlive is huge package and it has 6558 subpackages and 4010
License tags. Texlive package was converted to SPDX format long
time ago. But it is not sufficient to use SPDX formula. The
license has to be approved for usage in Fedora too. I.e. SPDX
IDs added to fedora-license-data collection. It took some time
and the licenses ware review few days ago. This resulted in 3700
license tags being suddenly marked as migrated. That is good,
because it was result of several months of work. There will be
additional work because there is still 339 tags that does not
conform our guidelines and one license has been found as
not-allowed. Richard and Than is working on it and I applaud to
them.
I must highlight that we added 25 license to fedora-license-data in past 2 weeks. That is almost 2 licenses per day (including weekends). When you realize that it requires legal audit, comparing to existing licenses, diving into history, sometimes communicating with stewards of the licenses. Submitting them to SPDX where we discuss it and add markup that allow to have template for several similar licenses... This is simply amazing pace.
Can I ask for additional help? Robert-André packaged
scancode-toolkit for Fedora. This is license-check on steroids.
Very useful and powerful tool. But it has lots of dependencies.
Robert packaged them too. He "just" need reviewers to get this
in Fedora. If you can check "Depends on" of https://bugzilla.redhat.com/show_bug.cgi?id=2235055
and do review of one of these dependecies that will be awesome.
Now lets dive into numbers:
Two weeks ago we had:
* 23143 spec files in Fedora
* 29600 license tags in all spec files
* 16169 tags have not been converted to SPDX yet
* 5903 tags can be trivially converted using `license-fedora2spdx`
* Progress: 45.35% ░░░░██████ 100%
ELN subset:
603 out of 2986 packages are not converted yet
Today we have:
* 23100 spec files in Fedora
* 29479 license tags in all spec files
* 12870 tags have not been
converted to SPDX yet
* 5817 tags can be trivially converted using `license-fedora2spdx`
* Progress: 56.34% ░░░░░█████ 100%
ELN subset:
913
out of 3957 packages are not converted yet
Graph with the burndown chart:
https://docs.google.com/spreadsheets/d/1QVMEzXWML-6_Mrlln02axFAaRKCQ8zE807rpCjus-8s/edit?usp=sharing
https://pagure.io/copr/license-validate/blob/main/f/packages-without-spdx-final.txt
List by package maintainers is here
https://pagure.io/copr/license-validate/blob/main/f/packages-without-spdx-final-maintainers.txt
List of packages from ELN subset that needs to be converted:
https://pagure.io/copr/license-validate/blob/main/f/eln-not-migrated.txt
New version of fedora-license-data has been released. With 25
new licenses (plus bunch of public domain declarations). 18
licenses are waiting to be review by SPDX.org (and then to be
added to fedora-license-data).
https://docs.fedoraproject.org/en-US/legal/allowed-licenses/
was updated too.
New projection when we will be finished is 2024-08-06. Pure
linear approximation.
https://pagure.io/copr/license-validate/blob/main/f/ignore-packages.txt
Either pull-request or
direct email to me is fine.
Why Munich Agreement edition? On today's date [*] at 1938, four biggest European countries agreed that Germany can annex border parts of Czechoslovakia where ethnics German lived. It was done in hope that it will stop the low-intensity war and to keep the peace in Europe. But it was actually prelude to World War II.
https://en.wikipedia.org/wiki/Munich_Agreement
[*] the pact was signed shortly after midnight, so some
resources use tomorrows date.
Do you hesitate how to proceed with the migration? Please follow
https://docs.fedoraproject.org/en-US/legal/update-existing-packages/
Miroslav
_______________________________________________ legal mailing list -- legal@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe send an email to legal-leave@xxxxxxxxxxxxxxxxxxxxxxx Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/legal@xxxxxxxxxxxxxxxxxxxxxxx Do not reply to spam, report it: https://pagure.io/fedora-infrastructure/new_issue