On Tue, 2007-07-24 at 15:57 -0400, Jesse Keating wrote: > On Tue, 24 Jul 2007 12:49:59 -0700 > Arjan van de Ven <arjan@xxxxxxxxxxxxx> wrote: > > > gplv3 is not compatible with v2, but for what would it need to be? YOu > > can have v2 and v3 programs in the same distro just like you can have > > v2 and other licensed programs in the same distro. > > > > It only becomes a problem when you're linking (and for most cases that > > is fine) or are otherwise a derived work. > > Yes, and that's why we need to know, so we can examine the linking path > and ensure that we're not breaking any (l)gplv2 only licenses. We > can't just rely upon upstream, as they have no idea what we're linking > to their software. Not so easy, some packages may contain differently licensed binaries/libraries. As an example samba is GPLv2 (GPLv3 with the next release) but some key libraries are LGPLv2 (v3 next). These libraries have been released under the LGPL explicitly because some other projects wanted to use them and needed (because of foreign constraints) a more liberal license. So a tool that marks samba as GPLv3 may raise a high number of false positives. I guess many other projects will fall under the same conditions. Also sometimes plugins falls in a grey area while technically a graph may seem to link incompatible licensed code that is not clearly derivative. Lots of corner cases. Finally managing exceptions (like the OpenSSL one many projects have) may not be easy at all. Simo. -- fedora-devel-list mailing list fedora-devel-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/fedora-devel-list
