On Fri, Nov 17, 2023 at 1:18 PM Mark Wielaard <mjw@xxxxxxxxxxxxxxxxx> wrote: > > Hi, > > valgrind as a whole is licensed under the GPLv2+, but has a couple of > development headers, all separately packaged in the valgrind-devel > subpackage) with a lax-permissive license. Since they are meant to > embed valgrind specific (code) annotations into other > programs/libraries they carry an explicit exception from the GPL. > > There are 7 such files, all exactly the same, except for the embedded > file name, "This file is part of..." description and Copyright notice. > See below for the exact text and variants. > > It would be nice to give this binary subpackage its own License tag. > > But I have some trouble figuring out which (SPDX) tag to use. > > The closest seems to be what SPDX calls "bzip2-1.0.6" (which kind of > makes sense since Julian Seward started both the bzip2 and valgrind > projects). https://spdx.org/licenses/bzip2-1.0.6.html > > I could use that identifier. But it seems to be an oddly specific > identifier, for an older version of bzip2. And the Fedora bzip2 package > just uses BSD-4-Clause. I could also use BSD-4-Clause since that is > more generic. But the text of what SPDX calls BSD-4-Clause doesn't > really match (so maybe the Fedora bzip2 package got that wrong?) Sounds like it, but I'll try to look into that later. > What would be to best license tag to use here? > > They all look as follows: > > /* -*- c -*- > ---------------------------------------------------------------- > > Notice that the following BSD-style license applies to this one > file (valgrind.h) only. The rest of Valgrind is licensed under the > terms of the GNU General Public License, version 2, unless > otherwise indicated. See the COPYING file in the source > distribution for details. > > ---------------------------------------------------------------- > > This file is part of Valgrind, a dynamic binary instrumentation > framework. > > Copyright (C) 2000-2017 Julian Seward. All rights reserved. > > Redistribution and use in source and binary forms, with or without > modification, are permitted provided that the following conditions > are met: > > 1. Redistributions of source code must retain the above copyright > notice, this list of conditions and the following disclaimer. > > 2. The origin of this software must not be misrepresented; you must > not claim that you wrote the original software. If you use this > software in a product, an acknowledgment in the product > documentation would be appreciated but is not required. > > 3. Altered source versions must be plainly marked as such, and must > not be misrepresented as being the original software. > > 4. The name of the author may not be used to endorse or promote > products derived from this software without specific prior written > permission. > > THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS > OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED > WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE > ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY > DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL > DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE > GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS > INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, > WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING > NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS > SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. > > ---------------------------------------------------------------- This seems indeed to match bzip2-1.06 -- Jilayne, I assume the full text of what is wrapped in the <copyrightText> tag could be ignored for purposes of matching? i.e. https://github.com/spdx/license-list-XML/blob/main/src/bzip2-1.0.6.xml#L10-L13 The SPDX Matching Guidelines say: "To avoid a license mismatch merely because the copyright notice (usually found above the actual license or exception text) is different. The copyright notice is important information to be recorded elsewhere in the SPDX document, but for the purposes of matching a license to the SPDX License List, it should be ignored because it is not part of the substantive license text." but this does not define what a "copyright notice" is. If we don't hear from Jilayne, I'd go ahead with assuming that this is a perfect match. :) - Richard > > Notice that the above BSD-style license applies to this one file > (valgrind.h) only. The entire rest of Valgrind is licensed under > the terms of the GNU General Public License, version 2. See the > COPYING file in the source distribution for details. > > ---------------------------------------------------------------- > */ > > They only differ in "this one file > ([valgrind|cachegrind|callgrind|drd|helgrind|memcheck|dhat].h) only" at > the top and the bottom. And the description and Copyright notice. > > > This file is part of Cachegrind, a high-precision tracing profiler > built with Valgrind. > > Copyright (C) 2023-2023 Nicholas Nethercote. All rights reserved. > > -- > > This file is part of callgrind, a valgrind tool for cache simulation > and call tree tracing. > > Copyright (C) 2003-2017 Josef Weidendorfer. All rights reserved. > > -- > > This file is part of DRD, a Valgrind tool for verification of > multithreaded programs. > > Copyright (C) 2006-2020 Bart Van Assche <bvanassche@xxxxxxx>. > All rights reserved. > > -- > > This file is part of Helgrind, a Valgrind tool for detecting errors > in threaded programs. > > Copyright (C) 2007-2017 OpenWorks LLP > info@xxxxxxxxxxxxxxxx > > -- > > This file is part of MemCheck, a heavyweight Valgrind tool for > detecting memory errors. > > Copyright (C) 2000-2017 Julian Seward. All rights reserved. > > -- > > This file is part of DHAT, a Valgrind tool for profiling the > heap usage of programs. > > Copyright (C) 2020 Nicholas Nethercote. All rights reserved. > > -- > > Thanks, > > Mark > -- > _______________________________________________ > legal mailing list -- legal@xxxxxxxxxxxxxxxxxxxxxxx > To unsubscribe send an email to legal-leave@xxxxxxxxxxxxxxxxxxxxxxx > Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ > List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines > List Archives: https://lists.fedoraproject.org/archives/list/legal@xxxxxxxxxxxxxxxxxxxxxxx > Do not reply to spam, report it: https://pagure.io/fedora-infrastructure/new_issue -- _______________________________________________ legal mailing list -- legal@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe send an email to legal-leave@xxxxxxxxxxxxxxxxxxxxxxx Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/legal@xxxxxxxxxxxxxxxxxxxxxxx Do not reply to spam, report it: https://pagure.io/fedora-infrastructure/new_issue