Hot news:
- I walked through all packages with "Public Domain" license. For all such packages I identified the public domain dedication and added it to https://gitlab.com/fedora/legal/fedora-license-data/-/blob/main/public-domain-text.txt?ref_type=heads Richard F. did the review and I opened PRs for such packages to change the license to LicenseRef-Fedora-Public-Domain. There are about 30 PRs wating to be merged. In several cases I had to open issue as the public domain dedication is not easy and has some sort of problem.
- Unfortunately in several cases, the evaluation of dedication (either public domain or "Redistributable") was found as not good enough. I.e. the license is not allowed. Several packages has been already retired in Fedora Linux because of that. You can track it here: https://bugzilla.redhat.com/show_bug.cgi?id=2310597
- I started walking through "Redistributable, no modification permitted" that is usually used in firmware package. It is much smaller set of packages compared to Public Domain set. I should have it done by next report. But the analysis is much harder.
- sometimes you used in License tag deprecated license id
https://spdx.github.io/spdx-spec/v2.3/SPDX-license-list/#a3-deprecated-licenses
Note that while we usually abbreviate the communication that you
must use SPDX ID, but there is silent part "and approved for usage
in Fedora Linux". I.e. such ID must be in fedora-license-data. And
these deprecated ID are not there (and never will be).
- We have 59 open issues for
fedora-license-data
https://gitlab.com/fedora/legal/fedora-license-data/-/issues/?sort=updated_desc&state=opened&first_page_size=50
From past experience, you should expect that it will take
about 3 months to proceed all these issues.
- For most packages the
license change is "just" committed to dist-git. The change in
binary RPM will be visible after next mass rebuild (scheduled to
2025-01-15).
Two weeks ago we had:
* 24311 spec files in Fedora
* 30967 license tags in all spec files
* 360 tags are not SPDX complient (number from line bellow minus packages with LicenseRef-Callaway-*)
* 2658 tags have not been converted to SPDX yet
* 86 tags can be trivially converted using `license-fedora2spdx`
* Progress: 98.84% ░░░░░░░░░█ 100%
ELN subset:
68 out of 2310 packages are not converted yet (progress 97.06%)
Today we have:
* 24340 spec files in Fedora
* 30993 license tags in all spec files
* 305 tags are
not SPDX compliant (number from line bellow minus packages
with LicenseRef-Callaway-*)
* 2587 tags have not been
converted to SPDX yet
* 56 tags can be trivially converted using `license-fedora2spdx`
*
Progress: 99.02% ░░░░░░░░░█
100%
ELN subset:
62
out of 2313 packages are not converted yet
(progress 97.32%)
Graph of these data with the burndown chart:
https://docs.google.com/spreadsheets/d/1QVMEzXWML-6_Mrlln02axFAaRKCQ8zE807rpCjus-8s/edit?usp=sharing
https://pagure.io/copr/license-validate/blob/main/f/packages-without-spdx-final.txt
List by package maintainers is here
https://pagure.io/copr/license-validate/blob/main/f/packages-without-spdx-final-maintainers.txt
Packages that are neither in SPDX nor in Callaway format (highest priority for now) - 59 packages:
https://pagure.io/copr/license-validate/blob/main/f/neither-nor-remaining-packagers.txt
Most of such packages has open issue in fedora-license-data. A
lot of them are waiting for SPDX to approved the license and
assign ID.
New version of fedora-license-data has been released. With:
7 new licenses and lots of public domain dedications and
several firmware licenses
12 licenses are waiting to be reviewed by SPDX.org (and then
to be added to fedora-license-data) https://gitlab.com/fedora/legal/fedora-license-data/-/issues/?label_name%5B%5D=SPDX%3A%3Ablocked
https://docs.fedoraproject.org/en-US/legal/allowed-licenses/
was updated too.
New projection when we will be finished is 2024-11-30 (+13 days from last report). Pure linear approximation. This information no longer makes sense. Most of the packages are already SPDX compliant and for most of the remaining packages we have open issue that will take weeks/months to be resolved. I will remove this prediction from future reports.
https://pagure.io/copr/license-validate/blob/main/f/ignore-packages.txt
Either pull-request or direct email to me is fine.
Miroslav
-- _______________________________________________ devel mailing list -- devel@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe send an email to devel-leave@xxxxxxxxxxxxxxxxxxxxxxx Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/devel@xxxxxxxxxxxxxxxxxxxxxxx Do not reply to spam, report it: https://pagure.io/fedora-infrastructure/new_issue