https://bugzilla.redhat.com/show_bug.cgi?id=2431593
--- Comment #14 from Sergio Arroutbi <[email protected]> --- (In reply to Yaakov Selkowitz from comment #13) > (In reply to Sergio Arroutbi from comment #12) > > https://github.com/latchset/clevis-pin-trustee/tree/main/LICENSES > > CC0-1.0 is actually problematic for *code*, but inspection of the source > tree shows that it is only used in the build infrastructure (Cargo.toml, > test.sh, etc.). > > Per > https://docs.fedoraproject.org/en-US/legal/license-field/ > #_source_package_files_not_included_in_binary_rpm , as these files do not > end up in the binary RPMs, their license should be omitted. Therefore, > CC0-1.0 should not be in the License tag nor installed by %license in %files. > Fixed > > > %cargo_summary doesn't belong in %install, and there is no need for two > > > calls. The existing call in %build should be CHANGED per my previous > > > comments. Also, both %cargo_license_summary and %cargo_license should > > > FOLLOW %cargo_build, not precede it. > > > > I have no %cargo_summary in my .spec file. Do you mean > > %cargo_license_summary? > > In that case, it is only being called once. > > Sorry, I meant %cargo_license, there should be only call in %build, > bracketed and redirected. Fixed > > > +License: BSD-3-Clause AND (MIT OR Apache-2.0) AND Unicode-DFS-2016 > > AND (0BSD OR MIT OR Apache-2.0) AND Apache-2.0 AND (Apache-2.0 OR BSL-1.0) > > AND (BSD-2-Clause OR Apache-2.0 OR MIT) AND MIT AND (MIT OR Zlib OR > > Apache-2.0) AND Unicode-3.0 AND (Unlicense OR MIT) AND CC0-1.0 > > Besides dropping CC0-1.0 as mentioned above, the "AND (MIT OR Apache-2.0)" > clause isn't needed for the same reason "(Apache-2.0 OR MIT)" isn't -- both > Apache-2.0 and MIT are already AND'ed in by themselves. Fixed. New diff: --- clevis-pin-trustee.spec.20260129 2026-01-29 10:26:57.330601327 +0100 +++ clevis-pin-trustee.spec.candidate 2026-01-29 10:29:46.039727459 +0100 @@ -22,7 +22,7 @@ # MIT OR Zlib OR Apache-2.0 # Unicode-3.0 # Unlicense OR MIT -License: BSD-3-Clause AND (MIT OR Apache-2.0) AND Unicode-DFS-2016 AND (0BSD OR MIT OR Apache-2.0) AND Apache-2.0 AND (Apache-2.0 OR BSL-1.0) AND (BSD-2-Clause OR Apache-2.0 OR MIT) AND MIT AND (MIT OR Zlib OR Apache-2.0) AND Unicode-3.0 AND (Unlicense OR MIT) AND CC0-1.0 +License: BSD-3-Clause AND Unicode-DFS-2016 AND (0BSD OR MIT OR Apache-2.0) AND Apache-2.0 AND (Apache-2.0 OR BSL-1.0) AND (BSD-2-Clause OR Apache-2.0 OR MIT) AND MIT AND (MIT OR Zlib OR Apache-2.0) AND Unicode-3.0 AND (Unlicense OR MIT) URL: https://github.com/latchset/clevis-pin-trustee Source0: https://github.com/latchset/%{name}/archive/refs/tags/v%{version}.tar.gz @@ -55,7 +55,6 @@ # Generate license information for statically-linked dependencies %cargo_license_summary -%cargo_license %install # Generate license file for bundled dependencies @@ -74,7 +73,6 @@ %files %license LICENSES/MIT.txt -%license LICENSES/CC0-1.0.txt %license LICENSE.dependencies %doc README.md %{_bindir}/%{name} -- You are receiving this mail because: You are always notified about changes to this product and component You are on the CC list for the bug. https://bugzilla.redhat.com/show_bug.cgi?id=2431593 Report this comment as SPAM: https://bugzilla.redhat.com/enter_bug.cgi?product=Bugzilla&format=report-spam&short_desc=Report%20of%20Bug%202431593%23c14 -- _______________________________________________ package-review mailing list -- [email protected] To unsubscribe send an email to [email protected] Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/[email protected] Do not reply to spam, report it: https://forge.fedoraproject.org/infra/tickets/issues/new
