Re: Is srpm allowed to violate a license if %prep restores compliance?

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 


Dne 21. 03. 21 v 11:52 Zbigniew Jędrzejewski-Szmek napsal(a):

On Sun, Mar 21, 2021 at 11:47:17AM +0200, Otto Urpelainen wrote:

Greetings,

I am doing my first Fedora package review [1], for litehtml library.
The source tree contains some bundled items that, in violation of
original licenses, do not include a copy of the relevant licenses.
There are two problem items:

1. gumbo-parser is included in source form and only contains link to
the correct license in source files and repository README, but
license text itself is not included like the license, Apache
Software License 2.0, demands.

This one is easy to fix: just include the license file as another
Source. It'll then be part of the srpm, even though it's not part of
the Source0 tarball. Since the upstream *links* to a license, there
is no risk of confusion about the text, you can even use this exact
URL for the Source line…
Just FTR, including license file as SOURCE have always been wrong suggestion, because the review guidelines [1] states the following:
MUST: If (and only if) the source package includes the text of the license(s) in its own file, then that file, containing the text of the license(s) for the package must be included in %license.[4] 




Please note that the guidelines also say that the packager MUST
contact upstream and ask them to fix the issue [1].



And this is just SHOULD:
SHOULD: If the source package does not include license text(s) as a separate file from upstream, the packager SHOULD query upstream to include it. [28]
Granted, the licensing guidelines you are referring to might be interpreted differently. 


Vít
[1] https://docs.fedoraproject.org/en-US/packaging-guidelines/ReviewGuidelines/ 






[1] https://docs.fedoraproject.org/en-US/packaging-guidelines/LicensingGuidelines/#_license_text

Attachment: OpenPGP_signature
Description: OpenPGP digital signature

_______________________________________________
packaging mailing list -- packaging@xxxxxxxxxxxxxxxxxxxxxxx
To unsubscribe send an email to packaging-leave@xxxxxxxxxxxxxxxxxxxxxxx
Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: https://lists.fedoraproject.org/archives/list/packaging@xxxxxxxxxxxxxxxxxxxxxxx
Do not reply to spam on the list, report it: https://pagure.io/fedora-infrastructure
[Index of Archives]     [Fedora Users]     [Fedora Desktop]     [Fedora SELinux]     [Big List of Linux Books]     [Yosemite Forum]     [KDE Users]

  Powered by Linux