V Thu, May 26, 2022 at 08:49:16AM -0500, Richard Shaw napsal(a): > On Thu, May 26, 2022 at 8:46 AM Miroslav Suchý <msuchy@xxxxxxxxxx> wrote: > > > Dne 25. 05. 22 v 14:40 Daniel P. Berrangé napsal(a): > > > Ewwww, please no. Apps need to know whether a given RPM is using SPDX > > > or not, independantly of whether they have Fedora git source history > > > available. We just need to record this fact in the specfile explicitly, > > > so it is available both to maintainers and to any apps parsing the > > > spec and to any apps querying the installed RPMDB. > > > > We can hardly avoid a transition period. So any application (and I am > > aware of just rpminspect and rpmlint) will know > > that everything prior F35 and EPEL-7 use short names. And everything after > > F39 and EPEL 10 will use SPDX. > > > > In the between we just need to somehow track what was migrated and what > > not. That can be bugzilla, special macro (which > > likely should be removed after few years) or git log. > > > > While functional, I don't like embedded spdx within the license tag. It's > just ugly... But could we not have some sort of special tag/statement in > the git log / %changelog that can be picked up programmatically? > Does a marker of the conversion need to be visible in the binary packages? If it does not, I would simply mass inject a comment line above each License tag in the spec files that old Fedora identifiers are in use and they are expected to by migrated to SPDX identifiers: # Fedora license identifiers in use, please migrate to SPDX and then remove # this comment before F39. <https://fedoraproject.org/wiki/Changes/...> License: MIT Later, when Fedora forbids the old identifiers, all spec files can be inspected for that line. You will find either: License: MIT-Modern-Variant which would mean that the packager did the migration, or: # Fedora license identifiers in use, please migrate to SPDX and then remove # this comment before F39. <https://fedoraproject.org/wiki/Changes/...> License: MIT meaning that the package has not yet been migrated. Of course there is a class of spec files which do not contain any License tag, like font packages. But those also can be identified by nonpresence of the tag and handled specially and fixed by correcting the generating srpm-macro before a mass rebuild. Finally we can block failed-to-build packages from a distribution. -- Petr
Attachment:
signature.asc
Description: PGP signature
_______________________________________________ devel mailing list -- devel@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe send an email to devel-leave@xxxxxxxxxxxxxxxxxxxxxxx Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/devel@xxxxxxxxxxxxxxxxxxxxxxx Do not reply to spam on the list, report it: https://pagure.io/fedora-infrastructure
