WARNING: This is a small rant...np :)
I decided to look up my packages on src.fedoraproject.org (I'm still not sure if it's showing me all packages I'm admin of, or just main admin) and start working through them one by one.
Thank you for doing that. Even if you give up at the end.
I have updated my licensecount script which summarises the licenses in a source and uses licensecheck to output SPDX licenses instead, but they output the "short" form as far as I can tell, not the form that we want in the SPEC file.
Try:
licensecheck --shortname-scheme=spdx -r .
this gives me *almost* the wanted result:
./rpmconf.spec:
*No copyright* GPL-3
./bin/rpmconf: GPL-3.0-or-later
./rpmconf/rpmconf.py: GPL-3.0-or-later
Last two lines are correct.
The first line still use the short form. I consider it a
isolated bug of licensecheck - feel free to report issue there.
Additionally, spectool does not complain that the short format for the license is used.
I think that spectool does not complain about anything. Unless it is fatal parsing error. We have rpmlint and rpminspect for that. AFAIK both tool has been already migrated and will complain when you use short format.
While no matter what we do, there are maintainers that are not going to proactively update their packages, until we unify the tools and documentation to "do the right thing", we're pissing in the wind.
*nod* but it is Herculean task and chicken-egg problem. The
tooling hesitate to migrate until the data migrated, the data can
be hardly migrated until the tooling migrated. And there is not
just one tool, but lots of them. Personally, I am very satisfied
how many tooling has been migrated so far. But I recognize it is
not everything.
Googling only found: https://docs.fedoraproject.org/en-US/legal/update-existing-packages/#_process_used
When we have consistent tools and documentation I will resume my efforts to update my package.
On a side note, I keep seeing the statistics around what packages can be "trivially" converted to SPDX format, but I really think this is an opportunity to re-evaluate the licences on all packages to make sure they're correct.
*nod* That is why I am asking maintainers to do the migration on
their own. You know your package, you know the quirk, the
licensing issues. You can do that easily. If the Change Owners had
to do the audit manualy it would took 20 years.
We have plan to do the automated auditing - likely even after
every commit - but alter to tooling to handle both old and new
format is two times bigger task than handling only the new format.
And would likely produce lots of false output.
If you have an issue and want to help I highly recommend visiting SPDX office hours - see mails in this ML with subject "SPDX office hours", there is present at least one lawyer and at least one devel.
Miroslav
_______________________________________________ devel mailing list -- devel@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe send an email to devel-leave@xxxxxxxxxxxxxxxxxxxxxxx Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/devel@xxxxxxxxxxxxxxxxxxxxxxx Do not reply to spam, report it: https://pagure.io/fedora-infrastructure/new_issue
