On Sat, Jul 30, 2022 at 05:51:34PM +0200, Kevin Kofler via devel wrote: > Matthew Miller wrote: > > New guidance on “effective license” analysis > > -------------------------------------------- > > > > Many software packages consist of code with different free and open > > source licenses. Previous practice often involved “simplification” of > > the package license field when the packager believed that one license > > subsumed the other — for example, using just “GPL” when the source code > > includes parts licensed under a BSD-style license as well. Going > > forward, packagers and reviewers should not make this kind of analysis, > > and rather use (for example) “GPL-2.0-or-later AND MIT”. This approach > > is easier for packagers to apply in a consistent way. > > While this may make things easier when there are just two or three licenses > involved (just list them and move on), in any practical code base where > there are usually dozens of small pieces of copied&pasted code under various > subtly-different BSD/MIT-style licenses, this is an incredibly huge amount > of bureaucracy, and IMHO just not implementable (and I am not alone thinking > that, see Michael Catanzaro's reply). In order to perform the simplification that Fedora previously used, it was neccessary to first know what the full license list was. From that full list some elements could be eliminated if considered to be subsumed by another license in the list. With the new process the need to know the full license list is just as it was before. The simplication step is just eliminated. This should be a net win. Either way reviewers need to determine the full license list of the source being packaged, unless the inference was that previously reviewers were taking short cuts, not actually bothering to do a full license review of the code, and just making assumptions about the overall simplified license. That would not have been compliant with our review process though. With regards, Daniel -- |: https://berrange.com -o- https://www.flickr.com/photos/dberrange :| |: https://libvirt.org -o- https://fstop138.berrange.com :| |: https://entangle-photo.org -o- https://www.instagram.com/dberrange :| _______________________________________________ devel mailing list -- devel@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe send an email to devel-leave@xxxxxxxxxxxxxxxxxxxxxxx Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/devel@xxxxxxxxxxxxxxxxxxxxxxx Do not reply to spam on the list, report it: https://pagure.io/fedora-infrastructure
