https://bugzilla.redhat.com/show_bug.cgi?id=2145272 --- Comment #5 from Petr Pisar <ppisar@xxxxxxxxxx> --- It does not matter what license text LICENSE file quotes. What matters is what a license declaration says because the declaration binds a code and a license. The declaration reads: This is free software; you can redistribute it and/or modify it under the same terms as the Perl 5 programming language system itself. So you go to Perl 5 and there is <https://dev.perl.org/licenses/artistic.html> which is Artistic-1.0-Perl. Not Artistic-1.0. In other words, the LICENSE file quotes a wrong license. I reported it to the upstream <https://github.com/miyagawa/Carmel/issues/100>. If you don't agree, and insists on Artistic-1.0 interpretation, you will have to get an approval from Fedora Legal <https://docs.fedoraproject.org/en-US/legal/license-review-process/#_request_review_of_a_new_license> because "GPL-1.0-or-later OR Artistic-1.0" combination is not allowed in Fedora <https://docs.fedoraproject.org/en-US/legal/allowed-licenses/>. $ rpmlint perl-Carmel.spec ../SRPMS/perl-Carmel-0.1.56-1.fc39.src.rpm ../RPMS/noarch/perl-Carmel-0.1.56-1.fc39.noarch.rpm ======================================== rpmlint session starts ======================================= rpmlint: 2.4.0 configuration: /usr/lib/python3.11/site-packages/rpmlint/configdefaults.toml /etc/xdg/rpmlint/fedora-legacy-licenses.toml /etc/xdg/rpmlint/fedora-spdx-licenses.toml /etc/xdg/rpmlint/fedora.toml /etc/xdg/rpmlint/scoring.toml /etc/xdg/rpmlint/users-groups.toml /etc/xdg/rpmlint/warn-on-functions.toml checks: 31, packages: 3 perl-Carmel.noarch: W: invalid-license Artistic-1.0 perl-Carmel.src: W: invalid-license Artistic-1.0 ========= 2 packages and 1 specfiles checked; 0 errors, 2 warnings, 0 badness; has taken 0.5 s ======== FIX: This license is not allowed in Fedora. Either change it to Artistic-1.0-Perl, or work with Fedora Legal on approving this license, or simply remove the "OR Artistic-1.0" part from the License tag. $ rpm -q --requires -p ../RPMS/noarch/perl-Carmel-0.1.56-1.fc39.noarch.rpm | sort -f | uniq -c 1 /usr/bin/perl 1 perl(:VERSION) >= 5.12.0 1 perl(Capture::Tiny) 1 perl(Carmel) 1 perl(Carmel::App) 1 perl(Carmel::Artifact) 1 perl(Carmel::Builder) 1 perl(Carmel::CPANfile) 1 perl(Carmel::ProgressBar) 1 perl(Carmel::Repository) 1 perl(Carmel::Resolver) 1 perl(Carmel::Runner) 1 perl(Carp) 1 perl(Carton::Dist) 1 perl(Carton::Index) 1 perl(Carton::Package) 1 perl(Carton::Snapshot) 1 perl(Class::Tiny) 1 perl(Class::Tiny) >= 1.001 1 perl(Config) 1 perl(constant) 1 perl(CPAN::DistnameInfo) 1 perl(CPAN::Meta) 1 perl(CPAN::Meta::Requirements) 1 perl(Data::Dumper) 1 perl(DirHandle) 1 perl(Exporter) 1 perl(ExtUtils::Install) >= 1.47 1 perl(ExtUtils::InstallPaths) 1 perl(File::Copy::Recursive) 1 perl(File::pushd) 1 perl(File::pushd) >= 1.009 1 perl(Getopt::Long) 1 perl(IO::Compress::Gzip) 1 perl(JSON) 1 perl(lib) 1 perl(Menlo::CLI::Compat) >= 1.9018 1 perl(Module::CoreList) 1 perl(Module::CPANfile) 1 perl(Module::CPANfile) >= 1.1000 1 perl(Module::Metadata) 1 perl(Module::Metadata) >= 1.000003 1 perl(Module::Runtime) 1 perl(Module::Runtime) >= 0.014 1 perl(parent) 1 perl(Path::Tiny) 1 perl(Path::Tiny) >= 0.068 1 perl(Pod::Usage) 1 perl(POSIX) 1 perl(strict) 1 perl(Try::Tiny) 1 perl(Try::Tiny) >= 0.20 1 perl(version) 1 perl(warnings) 1 perl-libs 1 rpmlib(CompressedFileNames) <= 3.0.4-1 1 rpmlib(FileDigests) <= 4.6.0-1 1 rpmlib(PayloadFilesHavePrefix) <= 4.0-1 1 rpmlib(PayloadIsZstd) <= 5.4.18-1 All dependencies are listed. Ok. TODO: You can filter the underspecified dependncies without version ("perl(Module::Runtime)" versus "perl(Module::Runtime) >= 0.014"). See <https://docs.fedoraproject.org/en-US/packaging-guidelines/AutoProvidesAndRequiresFiltering/>. Binary dependencies are resolvable. Ok. The package builds in Fedora 39 (https://koji.fedoraproject.org/koji/taskinfo?taskID=101282454). Ok. Please resolve the license issue, consider fixing TODO item, and provide an updated spec file. -- You are receiving this mail because: You are on the CC list for the bug. You are always notified about changes to this product and component https://bugzilla.redhat.com/show_bug.cgi?id=2145272 _______________________________________________ package-review mailing list -- package-review@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe send an email to package-review-leave@xxxxxxxxxxxxxxxxxxxxxxx Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/package-review@xxxxxxxxxxxxxxxxxxxxxxx Do not reply to spam, report it: https://pagure.io/fedora-infrastructure/new_issue
