https://bugzilla.redhat.com/show_bug.cgi?id=2246777
--- Comment #4 from Sandro <[email protected]> --- (In reply to Ben Beasley from comment #3) > At a glance: > > - Everything that remains after %prep is indeed MIT, as advertised. > Everything in the original source archive appears to have a license that is > allowable in Fedora, but: > > - The full license status of > packages/python/plotly/plotly/package_data/plotly.min.js can’t be properly > reviewed since it bundles and minifies dependencies without preserving their > identities or license information. That's an issue to be addressed with regards to `python-plotly`. This package doesn't ship any Javascript files. Although, it's rather useless without `plotly`, should that no longer be permissible. > - There is a typo, %pypproject_check_import Well spotted! Good thing it's not being used or the build would fail. ;) Easy fix! > I know this has implications for python-plotly, but I am thinking we might > not even be able to distribute plotly.min.js in source RPMs, let alone in > binary RPMs, since it discards all the license information for its bundled > dependencies, including mandatory license texts (e.g. for MIT and BSD family > licenses). It contains a comment /*! For license information please see > plotly.min.js.LICENSE.txt */, but no such file exists in the distribution. The PyPI sdist tarball - https://files.pythonhosted.org/packages/0d/17/ba496e60f95020227a15f73965a64ea3f176cae7faed2d9302a14524b681/plotly-5.18.0.tar.gz - does contain several license files: plotly-5.18.0/jupyterlab_plotly/nbextension/index.js.LICENSE.txt plotly-5.18.0/jupyterlab_plotly/labextension/static/third-party-licenses.json plotly-5.18.0/jupyterlab_plotly/labextension/static/486.6450efe6168c2f8caddb.js.LICENSE.txt plotly-5.18.0/jupyterlab_plotly/labextension/static/478.b48f45da3d88616ad3f9.js.LICENSE.txt plotly-5.18.0/LICENSE.txt Would these be sufficient to clarify the applicable Javascript licenses? If so, I can have them included in the `python-plotly` package and update the License: tag accordingly, if needed. -- You are receiving this mail because: You are on the CC list for the bug. You are always notified about changes to this product and component https://bugzilla.redhat.com/show_bug.cgi?id=2246777 Report this comment as SPAM: https://bugzilla.redhat.com/enter_bug.cgi?product=Bugzilla&format=report-spam&short_desc=Report%20of%20Bug%202246777%23c4 _______________________________________________ package-review mailing list -- [email protected] To unsubscribe send an email to [email protected] Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/[email protected] Do not reply to spam, report it: https://pagure.io/fedora-infrastructure/new_issue
