On Fri, 2007-07-27 at 09:47 +0200, Nicolas Mailhot wrote: > Le jeudi 26 juillet 2007 à 22:33 -0700, Toshio Kuratomi a écrit : > > > So, AIUI, Firefox would be under: > > License: (GPLv2+ || LGPLv2.1+ || MPLv1.1+) > > This kind of notation is pretty useless. in theory many packages are > dual or tri-licensed. In reality the multi-licensing if often collapsed > due to deps (upstream or downstream) that impose one particular license. > If we go the "or" route no one will check, and everyone will assume the > most permissive license applies (even if it's not the case due to the > packages fedora builds again) > > IMHO in the case of multi-licensing we should choose one of the possible > licenses and stick with it. Only revisit the choice if another fedora > package forces us to, and let the packager of this other package do the > licensing analysis. I think the problem is that when Firefox is under GPLv2+, LGPLv2.1+ and MPLv1.1+, differing Fedora packages that want to link to it will each choose the appropriate license that matches it, for linking purposes. So, we really can't just pick a license and stick with it, because that's just not correct. I'm also not sure I want the packager to bear the burden, and I suspect the various upstreams would get rather angry over our attempts to "simplify" their licensing. :) We've had a sort of "or" route for a while now (Foo/Bar/Baz), but the problem is that we've also had packagers using that as an "and" where it applies. Also, I've found that most packagers either don't want to, or aren't qualified to do licensing analysis. I'm getting better at it through practice, but I'm certainly not perfect either (which is why I defer to the thoughts of more skilled folks, either at Red Hat or the FSF, when I have any doubt). > This is different from the case where different bits of a component > are under different licences. There we have no choice but carefully > track licensing boundaries? Well, I wouldn't say we have no choice, since we've not been doing this in Fedora so far, but it certainly seems to be a logical continuation (at least to me). Having a list of all the licenses that all the files in a package uses is useful, but when one of those files has a license related conflict (I linked against foo in package bar, was it GPLv3 or not?), it would be very helpful to have a quick way to check at a glance, without exploding a source tree. ~spot -- Fedora-packaging mailing list Fedora-packaging@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/fedora-packaging
