Dne 05. 08. 24 v 17:19 Richard Fontana napsal(a):
On Mon, Aug 5, 2024 at 10:53 AM Vít Ondruch <vondruch@xxxxxxxxxx> wrote:And the second point is that we won't ever be able to 100% cover RPMs by license scanners, but we could achieve that for SRPMs.I don't agree. I think the "less than 100%" would similarly apply to SRPMs. They're really the same inquiry with the same challenges (misidentified licenses, false positives, phony licenses ...).
I have deliberately ignored all the possible challenges. Ideally, we should be able to automatically detect 100% licenses in source code.
The only difference is that some of the enumerated licenses in a hypothetical `SourceLicense:` would be removed from `License:`. So `SourceLicense:` is maybe recording a step in the computation of `License:` that might otherwise not be recorded.
I don't disagree, but if you see challenges in detecting source licenses, then determining binary license is even harder.
Vít
Attachment:
OpenPGP_signature.asc
Description: OpenPGP digital signature
-- _______________________________________________ legal mailing list -- legal@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe send an email to legal-leave@xxxxxxxxxxxxxxxxxxxxxxx Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/legal@xxxxxxxxxxxxxxxxxxxxxxx Do not reply to spam, report it: https://pagure.io/fedora-infrastructure/new_issue
