On Mon, Aug 01, 2022 at 12:46:08PM +0100, Daniel P. Berrangé wrote: > On Mon, Aug 01, 2022 at 01:28:03PM +0200, Kevin Kofler via devel wrote: > > Daniel P. Berrangé wrote: > > > I do expect Fedora reviewers to do more than just look at a handful of > > > source files though. For any package review, the header of every source > > > file should checked. Random sampling is not sufficient to identify the > > > exceptions which do occur often, and are not usually mentioned in the > > > top level LICENSE file. If there's no header present, then it is > > > implicitly under the global license, and it is fine to trust that for > > > the purposes of Fedora license tag. > > > > I wish you good luck opening every single of the 167383 files in QtWebEngine > > (checked with 5.15.8, but that is the order of magnitude for all versions) > > to check the license header, if there is any to begin with. (Some of the > > bundled libraries are of the "let's just drop in one license file that > > applies to everything" kind, and it is named differently in each.) > > I'm not saying a human would literally open each file manually. Tools > like 'licensecheck' can automate scanning and reporting from license > headers. Packagers should sanity check its output and examine any cases > where it failed. That's sufficiently accurate to fill in the License > header in the RPM spec as requested by the new guidelines IMHO. I think it's also worth noting that we're only interested in licenses of code that ends up in the binary RPM (so not configure scripts and Makefiles and such). This is clarified here: https://docs.fedoraproject.org/en-US/legal/license-field/ licensecheck isn't very good about this - it basically shows you the license of every file and you have to work it out yourself. Rich. -- Richard Jones, Virtualization Group, Red Hat http://people.redhat.com/~rjones Read my programming and virtualization blog: http://rwmj.wordpress.com virt-p2v converts physical machines to virtual machines. Boot with a live CD or over the network (PXE) and turn machines into KVM guests. http://libguestfs.org/virt-v2v _______________________________________________ devel mailing list -- devel@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe send an email to devel-leave@xxxxxxxxxxxxxxxxxxxxxxx Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/devel@xxxxxxxxxxxxxxxxxxxxxxx Do not reply to spam on the list, report it: https://pagure.io/fedora-infrastructure
