Please do not reply directly to this email. All additional comments should be made in the comments box of this bug. https://bugzilla.redhat.com/show_bug.cgi?id=573917 --- Comment #10 from Ruediger Landmann <r.landmann@xxxxxxxxxx> 2011-03-22 19:23:27 EDT --- (In reply to comment #7) > I was watching that discussion, however my understanding is that if upstream > does not supply it, I will be liable if I will add license text and it will be > not that one under which upstream released that package. The risk here is including the *wrong* license text.[0] Which is why it's so important to show upstream the license text that you intend to include in the package, obtain their consent to add that text, and include that consent (with its headers) in the package itself. > From http://fedoraproject.org/wiki/Packaging:LicensingGuidelines (and similar > text in reviewguidelines): > If (and only if) the source package includes the text of the license(s) in its > own file, then that file, containing the text of the license(s) for the package > must be included in %doc. If the source package does not include the text of > the license(s), the packager should contact upstream and encourage them to > correct this mistake. > > Therefore I don't see any "must" requirement to include copy of GPL by myself > if upstream decide that they will not bundle it with tarball. There is no "must" here: if upstream does not want to (or cannot) include it in the tarball, the advice on legal list suggests that we could probably ship the package safely and rely on the copy of the GPL provided with Perl itself. However, best practice (as discussed in that thread) is to include a copy of the GPL with GPL-licensed packages that we ship. In a best case, this is included by upstream itself; less good is to include the license text with the explicit consent of upstream; even less good is to ship without the license text. Because it's not a "must", I will not block the review on this point, but I would strongly prefer it if you asked upstream if you can include a copy of the license if he cannot or will not. He seems to be responsive and friendly -- there's nothing to lose here. If you respond here and tell me that you refuse to ask upstream about this, I will note that in the same legal list thread (just for the purpose of any future reference) and I will continue the review as normal. Sorry to be a pain -- I just think we should always aim high! :) Cheers Rudi [0] 'Now, the reason we simply do not have a policy that says "When a copy of the license text is missing, you must add it" is because there is the possibility that you, the Fedora packager, gets the license wrong, and by including a copy of the incorrect license text, put yourself at potential legal risk when the copyright holder claims you're distributing their software under terms they never gave you permission to use.' -- Configure bugmail: https://bugzilla.redhat.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug. _______________________________________________ package-review mailing list package-review@xxxxxxxxxxxxxxxxxxxxxxx https://admin.fedoraproject.org/mailman/listinfo/package-review