Get Gentoo!
gentoo.org sites
gentoo.org Wiki Bugs Forums Packages
Planet Archives Sources
Infra Status

Gentoo Archives: gentoo-dev

From: Rich Freeman <rich0@g.o>
To: gentoo-dev <gentoo-dev@l.g.o>
Subject: Re: [gentoo-dev] [RFC] Solving the problem of huge number of wrong LICENSES=*GPL-[23]
Date: Sun, 26 Aug 2018 11:35:44
Message-Id: CAGfcS_kF=QndWu0Hyh8Zup8TWSJfCidJwb84uJ2hmpk9jq2e1g@mail.gmail.com
In Reply to: Re: [gentoo-dev] [RFC] Solving the problem of huge number of wrong LICENSES=*GPL-[23] by "Michał Górny"
1 On Sun, Aug 26, 2018 at 7:15 AM Michał Górny <mgorny@g.o> wrote:
2 >
3 > On Sun, 2018-08-26 at 13:09 +0200, Paweł Hajdan, Jr. wrote:
4 > > On 26/08/2018 12:53, Mart Raudsepp wrote:
5 > > > The common issue here is that upstream COPYING files really do only
6 > > > talk about one of the versions. And then you get to validate or source
7 > > > files to be sure that they do have a "or later" clause in them. And
8 > > > then on each bump you ideally should validate it again, etc, that no
9 > > > sources without "or later" allowance are in there...
10 > >
11 > > Yup, precise tracking of license metadata can be a pain.
12 > >
13 > > I'm not really sure if that level of it is worth for us as a distro. For
14 > > _importing_ other project's source code directly into one's project
15 > > precise license compatibility matters a lot. That's not the scenario
16 > > we're in. I see LICENSES as mostly a mechanism for end users to accept
17 > > or reject EULAs etc, and I'm curious what are other common scenarios.
18 > >
19 > > Michał, could you elaborate on why not distinguishing more precisely
20 > > between these GPL variants in LICENSES is a _problem_ ? I can certainly
21 > > see the information is not always accurate, but it's not obvious to me
22 > > how severe is the downside, what are the consequences in practice.
23 > >
24 >
25 > I'm not aware of any major implications. However, I think that if we
26 > provide for the distinction, the distinction should be used correctly.
27 >
28
29 IMO QA policy ought to be that the license is correct.
30
31 How much time/effort goes into policing the policy in the case of
32 2/3/2+/3+ is a different matter. If people want to do it, great, but
33 IMO it isn't adding tremendous value. I doubt we have any users
34 relying on license filtering to distinguish between GPL2/2+. If
35 somebody files a bug pointing out an incorrect license it should be
36 fixed as a matter of policy, but I'm not sure more than that is
37 necessary in this particular case. If we were talking about nonfree
38 licenses being missed that would be more critical.
39
40 --
41 Rich
Report Message
Find on MARC Find on Google Groups