https://bugzilla.redhat.com/show_bug.cgi?id=2085444 --- Comment #74 from Daniel Berrangé <berrange@xxxxxxxxxx> --- (In reply to Yunying Sun from comment #73) > (In reply to Daniel Berrangé from comment #69) > > I looked for other examples of package reviews since this CC0 license > > change, and > > the recent additino os wasi-libc had to replace the dlmalloc impl with a > > different > > one under MIT license. They could have chosen to use an older versin of > > dlmalloc > > under the previous license, don't know why they chose a completely new malloc > > impl. So I think the precedent is that after 1 year since the announcement, > > adding new packages with CC0 content is no longer permitted. > Hi Daniel, > > About the CC0 license issue, linux-sgx team tended not to downgrade dlmalloc > to the CC-PDDC licensed v2.8.4 for security concerns. > That leaves two options as we can see: > > Option 1: We relicense sdk/tlibc/stdlib/malloc.c to BSD by adding a > secondary header like what openjdk does: > https://github.com/openjdk/jdk/blob/master/src/java.base/share/classes/java/ > util/concurrent/AbstractExecutorService.java > This is the way the author of dlmalloc recommended. Will this work for > Fedora? > > Option 2: We add note to explain that the original dlmalloc is under CC0, > and linux-sgx changes to it is under BSD. Like what wasi-libc has in its > License: > https://github.com/WebAssembly/wasi-libc/blob/main/LICENSE > Despite wasi-libc seems still using dlmalloc as its default: > https://github.com/WebAssembly/wasi-libc/blob/main/Makefile#L19 > In its package spec, CC0 does not need to be listed anymore in License > field: > https://src.fedoraproject.org/rpms/wasi-libc/blob/rawhide/f/wasi-libc. > spec#_9. > > Which option do you suggest we take? Or any other alternatives? I don't have sufficient confidence in either of these options of changing the license myself, so I've requested Fedora Legal to give an opinion: https://lists.fedoraproject.org/archives/list/legal@xxxxxxxxxxxxxxxxxxxxxxx/thread/DOE4BT2OCTAFQYECG3ZCQMKOIINOYZUX/ -- You are receiving this mail because: You are always notified about changes to this product and component You are on the CC list for the bug. https://bugzilla.redhat.com/show_bug.cgi?id=2085444 Report this comment as SPAM: https://bugzilla.redhat.com/enter_bug.cgi?product=Bugzilla&format=report-spam&short_desc=Report%20of%20Bug%202085444%23c74 _______________________________________________ package-review mailing list -- package-review@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe send an email to package-review-leave@xxxxxxxxxxxxxxxxxxxxxxx Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/package-review@xxxxxxxxxxxxxxxxxxxxxxx Do not reply to spam, report it: https://pagure.io/fedora-infrastructure/new_issue
