https://bugzilla.redhat.com/show_bug.cgi?id=1826034 --- Comment #7 from Jeremy Newton <alexjnewt@xxxxxxxxxxxx> --- (In reply to Michel Alexandre Salim from comment #4) > Going through the automated fedora-review result right now, but re: the > licenses -- looks like sanitizers-cmake is only used as part of the build > process, so I'm not sure we need to list its license in the RPM metadata > (though it being bundled as a source makes the issue a bit muddled; normally > build dependencies are pulled in as a BuildRequires). You are (and cubeb is) > using it the way sanitizers-cmake upstream intended though -- per > https://github.com/arsenm/sanitizers-cmake -- so it's probably fine this way > for now. Indeed. It's MIT, so there's no need to provide a license with it, but since it's a build script (not distributed with binaries) and the license it's still available in the sources, it should be okay as-is. (In reply to Michel Alexandre Salim from comment #5) > ... > [!]: License field in the package spec file matches the actual license. > > Ignore Expat - the license checker somehow misidentifies the > MIT-licensed files in sanitizers-cmake. > > *but* > - The Android files should probably be removed, or you need to add ASL > 2.0 to the list of licenses > - Some files are actually BSD-licensed (add BSD to the list of licenses) > - The files with unknown license presumably fall under the project's > ISC license > > Note: Checking patched sources after %prep for licenses. Licenses > found: "Unknown or generated", "ISC License", "Expat License", "Apache > License 2.0", "BSD 3-clause "New" or "Revised" License". 73 files have > unknown license. Detailed output of licensecheck in > /home/michel/src/fedora/reviews/1826034-cubeb/licensecheck.txt > Sure, I can delete the android files in %prep. I usually do this, but I must have missed it. I'll add BSD too. > [!]: If the source package does not include license text(s) as a separate > file from upstream, the packager SHOULD query upstream to include it. > > Might be worth asking upstream to also declare some files are ASL 2.0 > and BSD licensed and include those license files in their repo Understood, but this is a common practice I find. Usually, the project license, or "assumed" license, is included and any other licenses are declared in the file. I find most open-source projects will especially skip distributing weak copyleft licenses if it makes up a minor percentage of the code. > > [!]: %check is present and all tests pass. > > Not a review blocker, but from looking at .gitmodules googletest is > needed to run tests -- might be nice to include it and enable tests once > this package is in Fedora For sure, I haven't had time to test this, but it's definitely a "nice to have" after I start building it. -- You are receiving this mail because: You are on the CC list for the bug. You are always notified about changes to this product and component _______________________________________________ package-review mailing list -- package-review@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe send an email to package-review-leave@xxxxxxxxxxxxxxxxxxxxxxx Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/package-review@xxxxxxxxxxxxxxxxxxxxxxx
