https://bugzilla.redhat.com/show_bug.cgi?id=2431593
--- Comment #12 from Sergio Arroutbi <[email protected]> --- (In reply to Yaakov Selkowitz from comment #11) > The output of %cargo_license_summary should be copy-and-pasted VERBATIM in > the comment above the License tag. Fixed > > Where did you get CC0-1.0 as a license? https://github.com/latchset/clevis-pin-trustee/tree/main/LICENSES > > The OR rule is a supplement/exception to the No Effective License Analysis > rule. That means (Apache-2.0 OR MIT) need NOT be listed separately because > both Apache-2.0 and MIT are already listed standalone, per the OR rule. > Also, (Apache-2.0 OR MIT) and (MIT OR Apache-2.0) are the same thing, so > even if the former didn't apply, there would be no need for both. (Perhaps > this can be better spelled out in the OR rule.) Fixed > > The -n %{name}-%{version} arguments to %autosetup are unnecessary, as that > is the default value. Fixed > > %cargo_summary doesn't belong in %install, and there is no need for two > calls. The existing call in %build should be CHANGED per my previous > comments. Also, both %cargo_license_summary and %cargo_license should > FOLLOW %cargo_build, not precede it. I have no %cargo_summary in my .spec file. Do you mean %cargo_license_summary? In that case, it is only being called once. Let me share the current diff file: --- clevis-pin-trustee.spec.current 2026-01-28 09:51:50.639194313 +0100 +++ clevis-pin-trustee.spec.candidate.20260628 2026-01-28 09:51:23.893449453 +0100 @@ -10,24 +10,19 @@ Release: %autorelease Summary: Clevis PIN for Trustee attestation -# Upstream license specification: MIT -# -# The build dependencies have the following licenses: -# -# (Apache-2.0 or MIT) and BSD-3-Clause -# (MIT or Apache-2.0) and Unicode-DFS-2016 -# 0BSD or MIT or Apache-2.0 -# Apache-2.0 -# Apache-2.0 or BSL-1.0 -# Apache-2.0 or MIT -# BSD-2-Clause or Apache-2.0 or MIT -# MIT -# MIT or Apache-2.0 -# MIT or Zlib or Apache-2.0 -# Unicode-3.0 -# Unlicense or MIT -# -License: (Apache-2.0 OR MIT) AND BSD-3-Clause AND (MIT OR Apache-2.0) AND Unicode-DFS-2016 AND (0BSD OR MIT OR Apache-2.0) AND Apache-2.0 AND (Apache-2.0 OR BSL-1.0) AND (Apache-2.0 OR MIT) AND (BSD-2-Clause OR Apache-2.0 OR MIT) AND MIT AND (MIT OR Apache-2.0) AND (MIT OR Zlib OR Apache-2.0) AND Unicode-3.0 AND (Unlicense OR MIT) AND CC0-1.0 +# (Apache-2.0 OR MIT) AND BSD-3-Clause +# (MIT OR Apache-2.0) AND Unicode-DFS-2016 +# 0BSD OR MIT OR Apache-2.0 +# Apache-2.0 +# Apache-2.0 OR BSL-1.0 +# Apache-2.0 OR MIT +# BSD-2-Clause OR Apache-2.0 OR MIT +# MIT +# MIT OR Apache-2.0 +# MIT OR Zlib OR Apache-2.0 +# Unicode-3.0 +# Unlicense OR MIT +License: BSD-3-Clause AND (MIT OR Apache-2.0) AND Unicode-DFS-2016 AND (0BSD OR MIT OR Apache-2.0) AND Apache-2.0 AND (Apache-2.0 OR BSL-1.0) AND (BSD-2-Clause OR Apache-2.0 OR MIT) AND MIT AND (MIT OR Zlib OR Apache-2.0) AND Unicode-3.0 AND (Unlicense OR MIT) AND CC0-1.0 URL: https://github.com/latchset/clevis-pin-trustee Source0: https://github.com/latchset/%{name}/archive/refs/tags/v%{version}.tar.gz @@ -47,20 +42,21 @@ fetching encryption keys from Trustee servers after successful attestation. %prep -%autosetup -n %{name}-%{version} +%autosetup %cargo_prep %generate_buildrequires %cargo_generate_buildrequires %build -# Generate license information for statically-linked dependencies -%cargo_license_summary -%cargo_license # Build using cargo macros %cargo_build +# Generate license information for statically-linked dependencies +%cargo_license_summary +%cargo_license + %install # Generate license file for bundled dependencies %{cargo_license} > LICENSE.dependencies @@ -78,6 +74,7 @@ %files %license LICENSES/MIT.txt +%license LICENSES/CC0-1.0.txt %license LICENSE.dependencies %doc README.md %{_bindir}/%{name} -- You are receiving this mail because: You are on the CC list for the bug. You are always notified about changes to this product and component https://bugzilla.redhat.com/show_bug.cgi?id=2431593 Report this comment as SPAM: https://bugzilla.redhat.com/enter_bug.cgi?product=Bugzilla&format=report-spam&short_desc=Report%20of%20Bug%202431593%23c12 -- _______________________________________________ package-review mailing list -- [email protected] To unsubscribe send an email to [email protected] Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/[email protected] Do not reply to spam, report it: https://forge.fedoraproject.org/infra/tickets/issues/new
