V Thu, Sep 09, 2021 at 08:58:10AM +0300, Otto Urpelainen napsal(a): > Benjamin Beasley kirjoitti 8.9.2021 klo 22.07: > > The license for the mpir package has been simplified from “LGPLv3+ and LGPLv2+ and (LGPLv3+ or GPLv2+) and BSD” back to the effective license of “LGPLv3+”. > > > > See also https://fedoraproject.org/wiki/Licensing:FAQ#What_is_.22effective_license.22_and_do_I_need_to_know_that_for_the_License:_tag.3F. While not strictly required when there is a single effective license, a breakdown of the exact licenses for various source files is still included. > > I have followed several discussions about effective licensing already, but I > still do not understand it. I apologize for asking a question that has most > probably been asked and answered many times already, but there really is > something I do not understand here. > > I do understand that the various GNU license here can be combined into just > LGPLv3+. But what happened to the following clause from the BSD license? > > > 2. Redistributions in binary form must reproduce the above copyright > notice, this list of conditions and the following disclaimer in the > documentation and/or other materials provided with the distribution. > > Was that condition somehow erased because the BSD source was compiled > together with other source? I have hard time believing it did. > It was not not erased. The BSD license still applies and the binary package must comply. In Fedora, we distribute these copyright notices in files packaged using %license macro. If mpir does not do that, it violates the BSD license. (Although one could ask whether the source packages with the original sources which Fedora also distributes are not "other materials provided with the distribution". I guess the they are not, because e.g. installation DVD does not contain sources and "everybody" considers it a standalone distribution.) > Or does the License tag encode only some subset of the binary's licensing > conditions? What the License tag encodes is not mandated by the used licenses. E.g. the BSD license does not state that you have to enumarate it in your packaging format. The License tag is only a well-intended hint to our users to know what licenses cover the package. The guidelines say how we populate the License tag. For instance they specificially distinguish between an executable combined from multiple licenses and a package containing multiple files, each with a different license. In the first case you can melt and supersede the licenses with an effective one because it is deemed that a binary executable cannot be untangled back to the original source files. But the latter case still mandates listing all the licenses. > If so, it cannot be used to determine what you are allowed and > not allowed to do with the binary. What is the intended use of the License > tag then? I agree it's a lossy transformation E.g. (GPLv2+ a.c and GPLv3+ b.c files) → GPLv3+ c binary. But the transformation should not be deceiving. E.g. (GPLv2+ a.c and CC0 manual page) → GPLv2+ package. > I would like to have that explained in the FAQ. Even better, the licensing > guidelines [1] should have explanation of this, or a link to the wiki pages > that have licensing related rules and guidance. > I think it much depends on the exact licenses, wheter one license is indeed a superset of the other one. Hence I worry that one cannot write (reasonable short) guidelines which would comprehend all the cases. That's also the reason why I'm not in favour of these guidelines and rather spell all the licenses my packages. -- Petr
Attachment:
signature.asc
Description: PGP signature
_______________________________________________ devel mailing list -- devel@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe send an email to devel-leave@xxxxxxxxxxxxxxxxxxxxxxx Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/devel@xxxxxxxxxxxxxxxxxxxxxxx Do not reply to spam on the list, report it: https://pagure.io/fedora-infrastructure
