Ralf Corsepius wrote:
This is MUST item number 7 in the Things To Check On Review section in
the PackageReviewGuidelines:
http://fedoraproject.org/wiki/PackageReviewGuidelines#head-05a78c7ca440544397657679f87fbdbd84d9be28
This is not optional, this is the direction we're taking based on review
with Red Hat Legal.
Fedora Core packagers: I don't have control over how you make your
packages (yet!) but you should also strongly consider doing this.
Let me put it this way:
If this legal requirement is as important as you seem to regard it, it
would be legally grossly negligible to RH not to update their packages,
ASAP.
Ralf has an important point here. It is hypocritical to enforce this on
Extras when legal hasn't mandated that Core or RHEL must follow this rule.
However, as RH, other Linux distributors and package vendors ship their
packages without it for > 10 years, I am having strong doubts on FESCO
decision rsp. RH-legal's advice and its importance.
FESCO (and everyone here) is unqualified to make legal opinions, and I
really wonder if legal considered all information carefully when making
this recommendation. Perhaps the recommendation was made in haste
because they are normally very busy. I don't know the details of what
happened.
I personally think it is insane to necessitate the license in every
single package (especially with perl packages, Artistic?). I personally
would want to see more clarification before forcing such an onerous
change upon everything.
The biggest problem of this FESCO mandate however is
"Follow what I say, but not what I do."
Does nobody else see this as a horribly hypocritical? If Red Hat is
serious about enforcing this rule, then first mandate it on Core to lead
by example. Then everyone is forced to discuss the technical annoyances
like below:
How are we supposed to deal with cases where the source did not ship a
full copy of the license in order to add to %doc easily? We are
supposed to add another copy of the license to each SRPM?
If clarification does confirm this requirement, then we should seriously
re-explore the license file consolidation question again. It is stupid
to ship 1000 copies of the GPL and other standard licenses and there are
better ways we could do this. We could have versioned standard licenses
somewhere (and maybe with RPM virtual-provides to ensure that they are
actually installed.)
/path/to/somewhere/GPLv2 (for GPL v2 only)
/path/to/somewhere/LGPLv2
/path/to/somewhere/GPL-newest (for GPL v2 or newer)
/path/to/somewhere/...other standard licenses
Also... what is Debian's policy about all this?
DISCLAIMER: Views expressed here are of Warren Togami as an individual
and not reflective of views of the project or company.
Warren Togami
wtogami@xxxxxxxxxx
