[Fedora-legal-list] Re: MIT without copyright notice, requires to include the copyright notice

On Mon, Sep 2, 2024 at 9:23 AM Miro Hrončok wrote: > > I see an important project has decided it's good idea to remove their own > copyright notice from the top of their MIT license file while preserving the > requirement for distributors to keep the copyright notice. > > """ > The above copyright

[Fedora-legal-list] Re: tcplay generic_xts* file licenses

On Mon, Aug 26, 2024 at 9:48 AM Ian McInerney wrote: > > I am working on the Zulucrypt 7.0.0 update and SPDX license audit at the same > time, and there is one license listed in their copyright file that isn't > obvious to me. Specifically, it is the generic_xts files included in the > bundled

[Fedora-legal-list] Re: Should I mention Build-scripts' licensing terms in a spec's License field?

On Mon, Aug 5, 2024 at 10:53 AM Vít Ondruch wrote: > > And the second point is that we won't ever be able to 100% cover RPMs by > license scanners, but we could achieve that for SRPMs. I don't agree. I think the "less than 100%" would similarly apply to SRPMs. They're really the same inquiry with

[Fedora-legal-list] Re: Should I mention Build-scripts' licensing terms in a spec's License field?

On Mon, Aug 5, 2024 at 10:39 AM Vít Ondruch wrote: > > > Dne 05. 08. 24 v 15:24 Richard Fontana napsal(a): > > On Mon, Aug 5, 2024 at 5:40 AM Daniel P. Berrangé > > wrote: > >> On Mon, Aug 05, 2024 at 11:23:08AM +0200, Vít Ondruch wrote: > >>> Dne

[Fedora-legal-list] Re: Should I mention Build-scripts' licensing terms in a spec's License field?

On Mon, Aug 5, 2024 at 5:40 AM Daniel P. Berrangé wrote: > > On Mon, Aug 05, 2024 at 11:23:08AM +0200, Vít Ondruch wrote: > > > > Dne 02. 08. 24 v 21:37 Miroslav Suchý napsal(a): > > > Dne 02. 08. 24 v 9:07 odp. Miroslav Suchý napsal(a): > > > > > > > > > > > > I will love to see more usage of thi

[Fedora-legal-list] Re: Dealing with snippets credited to StackOverflow?

On Thu, Aug 1, 2024 at 4:18 PM Ben Beasley wrote: > > Although I haven’t signed up to do the official review, I was looking at > python-meshio[1], and I found that it contains a function substantially > derived from a StackOverflow answer[2]. While I’m impressed that > upstream cared enough to giv

[Fedora-legal-list] Re: Should I mention Build-scripts' licensing terms in a spec's License field?

On Thu, Aug 1, 2024 at 7:10 AM Vít Ondruch wrote: > > > Dne 01. 08. 24 v 12:54 Neal Gompa napsal(a): > > On Thu, Aug 1, 2024 at 6:33 AM Miroslav Suchý wrote: > >> Dne 01. 08. 24 v 12:28 odp. Peter Lemenkov napsal(a): > >>> Hello! > >>> I stumbled upon the following situation. I am packaging a lib

[Fedora-legal-list] Re: License acceptability check for py-sdl

On Wed, Jul 24, 2024 at 2:20 PM Sandro wrote: > > Hi, > > During package review [1] the license terms of py-sdl [2] were flagged > as problematic. Therefore I'm passing this on to Fedora Legal for > deciding on > > a) Does py-sdl2 come with an acceptable license? > b) If so, which license should b

[Fedora-legal-list] Re: Review and Guidance needed - licenses transforming based on time

On Wed, Jul 17, 2024 at 2:47 PM Vít Ondruch wrote: > > > Dne 17. 07. 24 v 15:45 Richard Fontana napsal(a): > > I think it's "fine" in theory, but somewhat risky. I imagine that in > > some cases it won't be clear whether a particular version mixes B

[Fedora-legal-list] Re: Review and Guidance needed - licenses transforming based on time

On Wed, Jul 17, 2024 at 10:37 AM Michal Schorm wrote: > > On Wed, Jul 17, 2024 at 4:14 PM Daniel P. Berrangé > wrote: > > If it is MariaDB who are pushing this, then I'd note they could > > take steps to make this into a total non-issue. > > Sure. > I'm now here to understand what's the status o

[Fedora-legal-list] Re: Review and Guidance needed - licenses transforming based on time

On Wed, Jul 17, 2024 at 7:33 AM Michal Schorm wrote: > > Hello, > > I'd like a review of 'MariaDB Business Source License (BSL)'. > Here is a specific instance of the license: > > https://github.com/mariadb-corporation/MaxScale/blob/24.02/licenses/LICENSE2106.TXT > Here is FAQ about it: > htt

[Fedora-legal-list] Re: OpenAL docs redistribution / modification?

On Wed, Jul 17, 2024 at 7:17 AM Marián Konček wrote: > > Hi, does the license at the beginning of the document > https://www.openal.org/documentation/openal-1.1-specification.pdf allow > distribution of versions with the same content but in a different form > (HTML) and with some formatting change

[Fedora-legal-list] Re: Update on Fedora treatment of Nmap licensing

On Thu, Jul 11, 2024 at 11:48 AM Neal Gompa wrote: > > On Thu, Jul 11, 2024 at 11:45 AM David Cantrell wrote: > > > > On 7/11/24 11:19 AM, Richard Fontana wrote: > > > On Thu, Jul 11, 2024 at 10:30 AM Richard Fontana > > > wrote: > > >> > &

[Fedora-legal-list] Re: Update on Fedora treatment of Nmap licensing

On Thu, Jul 11, 2024 at 10:30 AM Richard Fontana wrote: > > On Thu, Jul 11, 2024 at 10:05 AM David Cantrell wrote: > > > > Looking at Fedora now we have nmap-7.95 in Fedora 40 as an update and it > > has: > > > > License: LicenseRef-NPSL-0.94 > >

[Fedora-legal-list] Re: Update on Fedora treatment of Nmap licensing

On Thu, Jul 11, 2024 at 10:05 AM David Cantrell wrote: > > Looking at Fedora now we have nmap-7.95 in Fedora 40 as an update and it has: > > License: LicenseRef-NPSL-0.94 Yes. This is erroneous because `LicenseRef-NPSL-0.94` inaccurately referred to the license we are now calling `LicenseRef-

[Fedora-legal-list] Re: Update on Fedora treatment of Nmap licensing

On Fri, Jul 5, 2024 at 11:33 PM Richard Fontana wrote: > > I've done a long overdue review of the various Nmap licenses and have > updated fedora-license-data accordingly. > > 1. LicenseRef-Nmap: not-allowed > Related issue: > https://gitlab.com/fedora/legal/fedora

[Fedora-legal-list] Update on Fedora treatment of Nmap licensing

I've done a long overdue review of the various Nmap licenses and have updated fedora-license-data accordingly. 1. LicenseRef-Nmap: not-allowed Related issue: https://gitlab.com/fedora/legal/fedora-license-data/-/issues/543 This is Callaway "Nmap", i.e. the GPLv2-incompatible GPLv2 gloss commented

[Fedora-legal-list] Re: [SPDX] Mass license change GPLv2 to GPL-2.0-only

On Wed, Jun 26, 2024 at 10:24 AM Jerry James wrote: > > On Wed, Jun 26, 2024 at 6:17 AM Miroslav Suchý wrote: > > We will get valid SPDX formula. > > Some legacy license names contain spaces. Simply slapping > "LicenseRef-Fedora-" on the front will only affect the first word of > such multiword

[Fedora-legal-list] Re: [SPDX] Mass license change GPLv2 to GPL-2.0-only

On Tue, Jun 25, 2024 at 7:20 PM Miro Hrončok wrote: > > On 25. 06. 24 22:50, Miroslav Suchý wrote: > > Dne 25. 06. 24 v 1:09 odp. Miro Hrončok napsal(a): > >> > >> Could you make the comment something like this? > >> > >> # Automatically converted from old format: GPLv2 > >> # TODO check if th

[Fedora-legal-list] Re: [SPDX] Mass license change GPLv2 to GPL-2.0-only

On Mon, Jun 24, 2024 at 6:36 AM Vít Ondruch wrote: > > > Dne 22. 06. 24 v 12:12 Miroslav Suchý napsal(a): > > Dne 21. 06. 24 v 3:11 odp. Richard Fontana napsal(a): > > Could we wrap remaining Callaway names in a `LicenseRef-` (similar to > your "callaway(MIT)"

[Fedora-legal-list] Re: [SPDX] Mass license change GPLv2 to GPL-2.0-only

On Fri, Jun 21, 2024 at 5:27 AM Vít Ondruch wrote: > But the intent of both is to be temporary, to help understand where we > need to put some work. If this was initial status: > > ~~~ > License: GPLv2 and MIT > ~~~ > > and prior any SPDX work, we would change all .spec files to: > > ~~~ > Licens

[Fedora-legal-list] Re: [SPDX] Mass license change GPLv2 to GPL-2.0-only

On Wed, Jun 19, 2024 at 11:58 AM Miro Hrončok wrote: > > On 18. 06. 24 18:46, Miroslav Suchý wrote: > > Hi. > > > > I am going to do the mass change of the license from GPLv2 to GPL-2.0-only > > Hi. > > How do you know the License tag is not supposed to be e.g. "GPL-2.0-only AND > MIT" or similar?

[Fedora-legal-list] Re: Brainpool Curves in Fedora (openssl, libgcrypt, gnupg)

On Thu, May 16, 2024 at 10:00 AM Fabio Valentini wrote: > > On Tue, Nov 8, 2022 at 4:19 PM Matthew Miller > wrote: > > > > On Wed, Apr 06, 2022 at 05:31:10PM +0200, Felix Schwarz wrote: > > > Am 06.04.22 um 16:13 schrieb Matthew Miller: > > > >So, these things move slowly, but this _is_ bein

[Fedora-legal-list] Re: GlobalProtect-openconnect - License violation or not?

On Thu, May 16, 2024 at 10:31 AM Jakub Kadlcik wrote: > > Hello Fedora Legal, > a piece of software was recently discovered in Fedora Copr and it is now > causing a contention about whether it should be allowed to be there or not. I > am kindly asking for your ruling. > > The project in question

[Fedora-legal-list] Re: Retiring celestia due to licensing issues

On Tue, Mar 26, 2024 at 3:10 AM Mattia Verga wrote: > > As announced in [1] the message on devel list, I have retired celestia and > celestia-data due to some files have been discovered to be covered under > CC-BY-NC-SA-3.0 (plus some other are still waiting for a full check by > upstream). > I

[Fedora-legal-list] Re: Redis will no longer be OSS... now what?

On Wed, Mar 20, 2024 at 6:21 PM Neal Gompa wrote: > > It looks like Redis, Inc. has announced that future versions of Redis > are no longer OSS and will be dual-licensed SSPL and RSAL[1]. Absent a > fork of Redis coming up, we will likely need to remove Redis from > Fedora. This is quite unfortun

[Fedora-legal-list] Re: AI/ML Model and Pre-Trained Weight Packaging in Fedora

On Fri, Mar 1, 2024 at 10:25 PM Neal Gompa wrote: > At this point, this discussion is a bit much. > > We have game engines with data file downloaders for demo content, we > have web browsers that auto-download things on launch, and so on. > > If you're really worried about it, tweak pytorch to re

[Fedora-legal-list] Re: AI/ML Model and Pre-Trained Weight Packaging in Fedora

On Fri, Mar 1, 2024 at 5:38 PM Tim Flink wrote: > > pip, as an example is intended to allow users to install python packages > > sourced from outside Fedora repos. I don't believe that software which > > used pip after installation with no direct user interaction would be > > allowed in Fedora. >

[Fedora-legal-list] Re: AI/ML Model and Pre-Trained Weight Packaging in Fedora

Following Tim's explanations of various things, here are revised answers to the questions: On Mon, Feb 26, 2024 at 6:32 PM Tim Flink wrote: > Questions > = > > 1. Are pre-trained weights considered to be normal non-code content/data or > do they require special handling? For Fedora lic

[Fedora-legal-list] Re: AI/ML Model and Pre-Trained Weight Packaging in Fedora

On Fri, Mar 1, 2024 at 4:54 PM Neal Gompa wrote: > This sounds like it falls in the same bucket as pip, snapd, gem, and > other similar "package manager" functionality. I agree, that's a good analogy. Richard -- ___ legal mailing list -- legal@lists.f

[Fedora-legal-list] Re: AI/ML Model and Pre-Trained Weight Packaging in Fedora

On Tue, Feb 27, 2024 at 5:58 PM Tim Flink wrote: > > > > On 2/26/24 19:06, Richard Fontana wrote: > > > > >> 4. Is it acceptable to package code which downloads pre-trained weights > >> from a non-Fedora source upon first use post-installation by a user

[Fedora-legal-list] Re: AI/ML Model and Pre-Trained Weight Packaging in Fedora

On Mon, Feb 26, 2024 at 6:32 PM Tim Flink wrote: > 1. Are pre-trained weights considered to be normal non-code content/data or > do they require special handling? My thought is that they should be considered "content" for Fedora packaging purposes. The legal docs say: "For purposes of Fedora l

[Fedora-legal-list] Re: Using the GPL as MPL Secondary license (Was: [Fedora-legal-list] Re: SPDX Statistics - R.U.R. edition)

On Mon, Feb 19, 2024 at 12:28 PM Mark Wielaard wrote: > > Hi Richard, > > On Wed, 2024-01-17 at 21:22 -0500, Richard Fontana wrote: > > On Wed, Jan 17, 2024 at 6:57 PM Mark Wielaard wrote: > > > On Fri, Nov 24, 2023 at 08:07:02PM +0100, Mark Wielaard wrote: > >

[Fedora-legal-list] Re: License review for package scummvm

On Wed, Feb 14, 2024 at 8:12 PM Richard Fontana wrote: > > On Wed, Feb 14, 2024 at 6:55 PM Christian Krause > wrote: > > > > COPYING.GLAD contains: > > - an MIT license (although "Software" is substituted with "materials") > > - an Apache 2

[Fedora-legal-list] Re: License review for package scummvm

On Wed, Feb 14, 2024 at 6:55 PM Christian Krause wrote: > > Hi, > > I would like to ask for some help determining the correct licenses and SPDX > tags for "scummvm". Please see my three questions further down the mail. > > I'm currently updating the scummvm package to a new upstream version (whic

[Fedora-legal-list] Re: License check

On Wed, Feb 7, 2024 at 10:02 AM Orion Poplawski wrote: > But mainly I was looking for confirmation that I do need to list all of > the licenses of all of the third_party code. > > I think > https://docs.fedoraproject.org/en-US/packaging-guidelines/LicensingGuidelines/ > could be clearer on this p

[Fedora-legal-list] Re: IBM non-free patent notice

On Thu, Jan 18, 2024 at 5:23 AM Florian Weimer wrote: > > * Richard Fontana: > > > I think the only complication here is that there is currently no > > active contributor to glibc from IBM, > > This is not accurate, several people from IBM are regularly contributi

[Fedora-legal-list] Re: LicenseRef-Fedora-SourceLicenses (Was: Re: SPDX Statistics - R.U.R. edition)

On Thu, Jan 18, 2024 at 8:15 AM Vít Ondruch wrote: > > BTW this is interesting discussion about license field not being > expressive enough: > > https://github.com/puma/puma/issues/3311#issuecomment-1886065710 > > TLDR: "What I do not want is for someone to think BSD, MIT in the > license field ap

[Fedora-legal-list] Re: LicenseRef-Fedora-SourceLicenses (Was: Re: SPDX Statistics - R.U.R. edition)

On Thu, Jan 18, 2024 at 8:09 AM Vít Ondruch wrote: > > It seems to me that SPDX on itself supports: > DocumentRef-"(idstring)" > > https://spdx.github.io/spdx-spec/v2.3/SPDX-license-expressions/ > > Therefore if we support SPDX and SPDX supports this, then we support it, > don't we? Yes, in theo

[Fedora-legal-list] Re: license-tag purpose/goal (Was: Re: SPDX Statistics - R.U.R. edition)

On Wed, Jan 17, 2024 at 5:57 PM Mark Wielaard wrote: > > > I have no attachment to RPM-style > > > license tags, though Red Hat finds them marginally useful for some > > > purposes. > > > > What are the purposes for which Red Hat finds the spec license tags > > useful? > > I am still interested i

[Fedora-legal-list] Re: IBM non-free patent notice (Was: Re: SPDX Statistics - R.U.R. edition)

On Wed, Jan 17, 2024 at 6:15 PM Mark Wielaard wrote: > > Hi Richard, > > On Fri, Nov 24, 2023 at 08:07:02PM +0100, Mark Wielaard wrote: > > On Mon, 2023-09-18 at 20:47 -0400, Richard Fontana wrote: > > > While the Sun RPC problem *may* have been excised from glibc, ju

[Fedora-legal-list] Re: When can license notices be removed or not (Was: Re: SPDX Statistics - R.U.R. edition)

On Wed, Jan 17, 2024 at 6:34 PM Mark Wielaard wrote: > Although I don't like the advice I am interested when such license > notices can be removed. That would make some discussions about whether > or not to include extra tags/expressions easier (if it is possible to > just remove the notice, then

[Fedora-legal-list] Re: Using the GPL as MPL Secondary license (Was: [Fedora-legal-list] Re: SPDX Statistics - R.U.R. edition)

On Wed, Jan 17, 2024 at 6:57 PM Mark Wielaard wrote: > > Hi Richard, > > On Fri, Nov 24, 2023 at 08:07:02PM +0100, Mark Wielaard wrote: > > On Mon, 2023-09-18 at 20:47 -0400, Richard Fontana wrote: > > > On Sun, Sep 17, 2023 at 11:37 AM Mark Wielaard wrote: > >

[Fedora-legal-list] Re: LicenseRef-Fedora-SourceLicenses (Was: Re: SPDX Statistics - R.U.R. edition)

On Wed, Jan 17, 2024 at 5:47 PM Mark Wielaard wrote: > > Hi Richard, > > Going to chop this discssion into smaller parts. > > On Fri, Nov 24, 2023 at 08:07:02PM +0100, Mark Wielaard wrote: > > On Mon, 2023-09-18 at 20:47 -0400, Richard Fontana wrote: > > > I think

[Fedora-legal-list] Re: Request additions to allowed licenses for Fedora (Multics & GAL).

On Sat, Jan 13, 2024 at 5:01 PM Jeff Johnson wrote: > > Greetings, > > In hopes of eventually packaging DPS8M (https://dps8m.gitlab.io), the 36‑bit > GE Large Systems / Honeywell / Bull 600/6000‑series mainframe computer > simulator (and the associated Multics operating system files), I'd like t

[Fedora-legal-list] Re: Suggested user and developer actions

On Tue, Jan 9, 2024 at 1:28 PM Neal Gompa wrote: > > On Tue, Jan 9, 2024 at 1:24 PM Benson Muite > wrote: > > > > Hi, > > > > Am reviewing remind, a calendar application: > > https://bugzilla.redhat.com/show_bug.cgi?id=2246133 > > > > It has a strong encouragement for users and developers: > > h

[Fedora-legal-list] Re: SPDX Statistics - R.U.R. edition

On Sat, Dec 9, 2023 at 6:48 PM Mark Wielaard wrote: > > SPDX is community-driven project. Under Linux Foundation. With all > > materials open and all decisions done in public. > > Even if it is, then it is still problematic to request Fedora > contributors to file issues in these external third-p

[Fedora-legal-list] Re: OpenSSL CRYPTOGAMS / golang-x-crypto license

On Mon, Dec 4, 2023 at 1:00 PM Daniel P. Berrangé wrote: > > I'm looking at the package (golang-x-crypto) which has a file containing > this header: > > // Copyright 2019 The Go Authors. All rights reserved. > // Use of this source code is governed by a BSD-style > // license that can be fou

[Fedora-legal-list] Re: License of test that tests SPDX ids?

On Thu, Nov 23, 2023 at 9:27 AM Miroslav Suchý wrote: > > I started packaging Cavil and I stumbled upon this gem > > https://github.com/openSUSE/cavil/blob/master/t/legal-bot/error-invalid-xml-kiwi/fffe100e5a9a3e7f6d1fd97512215287/error-invalid-xml-kiwi.kiwi > > there are more like this. > > It ha

[Fedora-legal-list] Re: SPDX Statistics - R.U.R. edition

On Fri, Nov 24, 2023 at 2:07 PM Mark Wielaard wrote: > > But then for the Hybrid BSD license that parts of bzip and valgrind > uses it actually has different identifiers depending on the version of > the package (it actually has both bzip2-1.0.5 and bzip2-1.0.6 which are > literally exactly the sa

[Fedora-legal-list] Re: valgrind devel headers license tag (bzip2-1.0.6?)

On Fri, Nov 24, 2023 at 11:36 AM Mark Wielaard wrote: > > Hi Richard, > > On Mon, 2023-11-20 at 09:41 -0500, Richard Fontana wrote: > > You could propose this change to the SPDX legal team by submitting an > > issue at https://github.com/spdx/license-list-XML but histo

[Fedora-legal-list] Re: valgrind devel headers license tag (bzip2-1.0.6?)

On Mon, Nov 20, 2023 at 6:26 AM Mark Wielaard wrote: > > Hi Richard, > > On Fri, 2023-11-17 at 13:52 -0500, Richard Fontana wrote: > > This seems indeed to match bzip2-1.06 -- Jilayne, I assume the full > > text of what is wrapped in the tag could be ignored > >

[Fedora-legal-list] Re: valgrind devel headers license tag (bzip2-1.0.6?)

On Fri, Nov 17, 2023 at 1:18 PM Mark Wielaard wrote: > > Hi, > > valgrind as a whole is licensed under the GPLv2+, but has a couple of > development headers, all separately packaged in the valgrind-devel > subpackage) with a lax-permissive license. Since they are meant to > embed valgrind specific

[Fedora-legal-list] Re: License of SPDX license list data itself

On Mon, Nov 13, 2023 at 3:54 PM Fabio Valentini wrote: > Hi all, > > I'm currently working on packaging cargo-deny, and it includes (a very > old version) of a compressed form of the SPDX license data from > https://github.com/spdx/license-list-data. > > The package needs the SPDX license-list-da

[Fedora-legal-list] Re: CC0 license of dlmalloc in sgx-sdk package review

On Thu, Nov 2, 2023 at 12:29 PM Daniel P. Berrangé wrote: > To close the loop on this, after a little more email discussion with > Doug Lee, he graciously agreed to replace the CC0 license with MIT-0 > as seen here, so there should no longer be any license problem for > projects bundling dlmalloc

[Fedora-legal-list] Re: Effective license analysis: required or not?

On Mon, Oct 30, 2023 at 8:45 AM Vít Ondruch wrote: > > The worst thing is that it appears to me, that often only we care about > such subtleties. Welcome to my life. :) Richard ___ legal mailing list -- legal@lists.fedoraproject.org To unsubscribe send

[Fedora-legal-list] Re: Effective license analysis: required or not?

On Mon, Aug 21, 2023 at 7:04 AM Florian Weimer wrote: > Below, I'm collecting a list of observations of what I believe is the > current approach in this area, as taken by package maintainers carrying > out the SPDX conversion. To me, it strongly suggest that the SPDX > identifiers we derive toda

[Fedora-legal-list] Re: license of empty file

On Sun, Oct 22, 2023 at 2:00 AM Miroslav Suchý wrote: > > Webkitgtk has interresting file: > >Documentation/jsc-glib-4.1/fonts.css > > The file has this content: > > /* > * SPDX-FileCopyrightText: 2021 GNOME Foundation > * > * SPDX-License-Identifier: Apache-2.0 OR GPL-3.0-or-later > */ > > An

[Fedora-legal-list] Re: License for perl-Math-Random-ISAAC

On Fri, Oct 20, 2023 at 4:37 PM Emmanuel Seyman wrote: > > > Hello, all. > > I was updating the spec file of perl-Math-Random-ISAAC and wanted to > migrate the License field to the SPDX format. > > The license field says "MIT or GPL+ or Artistic" but the upstream > package README says: > > " Legal

[Fedora-legal-list] Re: License of sip

On Thu, Oct 19, 2023 at 6:03 AM Miroslav Suchý wrote: > > Dne 19. 10. 23 v 11:18 Sandro Mani napsal(a): > > Hi > > Updating mingw-sip I've re-verified the license to convert it to SPDX, and > came across the SIP license which does not exist as a SPDX identifier. [1] > states > > """ > > SIP is a

[Fedora-legal-list] Re: License of rpm-local-generator-support

y > RPM, the answer would probably be yes. > > > Vít > > > [1] > https://github.com/rpm-software-management/rpm/issues/782#issuecomment-1748317568 > > > > Dne 16. 10. 23 v 17:53 Richard Fontana napsal(a): > > On Mon, Oct 16, 2023 at 11:01 AM Vít Ondruch wrote: >

[Fedora-legal-list] Re: License of rpm-local-generator-support

On Mon, Oct 16, 2023 at 11:01 AM Vít Ondruch wrote: > > Hi, > > I have submitted rpm-local-generator-support package for a review [1]. It > can't be simpler: > > https://fedorapeople.org/cgit/vondruch/public_git/rpm-local-generator-support.git/plain/rpm-local-generator-support.spec?id=469fcda122c

[Fedora-legal-list] Re: python-dateutil SPDX license -- some code is Apache-2.0 and all code is BSD-3-Clause

On Mon, Oct 16, 2023 at 10:41 AM Petr Pisar wrote: > > V Mon, Oct 16, 2023 at 03:20:30PM +0200, Miro Hrončok napsal(a): > > https://github.com/dateutil/dateutil/blob/2.8.2/LICENSE > > > > tl;dr: > > > > > ...snip Apache-2.0... > > > > > > The above license applies to all contributions after 2017-1

[Fedora-legal-list] Re: SPDX short name for "Redistributable, no modification permitted" (firmware)

On Sun, Oct 15, 2023 at 5:13 AM Robert-André Mauchin wrote: > > Hi, > > I'm doing a MR on an old package that contains firmware data. > > I wanna convert to SPDX, what is the equivalent to "Redistributable, no > modification > permitted" in SPDX. > > The license is: > > The files in the directory

[Fedora-legal-list] Re: Need help with x2godrive licensing.

On Thu, Sep 28, 2023 at 9:45 PM Orion Poplawski wrote: > > I'm trying to package x2gokdrive for Fedora (review [1]), but running > into some questions/issues with the licensing: > > 1 - There is no license file in the released tarball > > 2 - The debian/copyright file in the git repo [2] states th

[Fedora-legal-list] Re: Updates of licenses

On Wed, Sep 27, 2023 at 1:35 PM Daniel P. Berrangé wrote: > > On Wed, Sep 27, 2023 at 08:29:05PM +0300, Benson Muite wrote: > > Would be helpful to add HPND-export-US-modify to allowed licenses: > > https://bugzilla.redhat.com/show_bug.cgi?id=2238438 > > https://github.com/spdx/license-list-XML/pu

[Fedora-legal-list] Re: Does the FPCA automatically relicense older unlicensed contributions if a Later Default License is added?

On Tue, Sep 26, 2023 at 2:05 PM Aaron Rainbolt wrote: > > (I already signed the FPCA, as I'm fine even if the answer to my > question is "yes", but I would like to make sure I understand how this > works.) > > "Once a Later Default License has been designated, Your Unlicensed > Contribution shall

[Fedora-legal-list] Re: SPDX Statistics - R.U.R. edition

On Sun, Sep 17, 2023 at 11:37 AM Mark Wielaard wrote: > > To be clear I don't mind using a different set of short-hands in the > License tags. Although it feels a little odd to try to create separate > identifiers for lax-permissive MIT/BSD like licenses which sometimes > just different in one or

[Fedora-legal-list] Re: SPDX license when no GPL version is listed in source ?

On Mon, Sep 18, 2023 at 2:16 PM Daniel P. Berrangé wrote: > > Auditing the augeas project source file licenses I found a handful of > files where the license was not specified sufficiently clearly. I've > raised this upstream: [ . . . ] > For the files which merely say: > > This file is licens

[Fedora-legal-list] Re: msv (xsdlib) licensing review

bout accepting differently formatted Apache-1.1? > > Does formatting matter to SPDX? I have lost track of this but I think the issue was not formatting but some of the language of the Apache Software License 1.1 variant did not match the SPDX identifier. In general, formatting is irrelevant. Rich

[Fedora-legal-list] Simplification of package license expressions involving dual licenses

Fedora legal docs currently say: "If your package is built from files under multiple distinct licenses, and some files are licensed under a choice of two (or more) licenses, then the License: field must include the appropriate OR and AND expressions The license expression must reflect the disj

[Fedora-legal-list] Re: CC0 license of dlmalloc in sgx-sdk package review

On Thu, Sep 7, 2023 at 11:35 AM Daniel P. Berrangé wrote: > > Does anyone have feedback on this license review questionmark > > On Tue, Aug 29, 2023 at 12:11:38PM +0100, Daniel P. Berrangé wrote: > > Hi Legal > > > > The 'sgx-sdk' package is currently open for review with a view to > > adding to

[Fedora-legal-list] Re: Making no-conditions identifiers optional in the License: field

On Mon, Sep 4, 2023 at 10:03 AM Miroslav Suchý wrote: > > Dne 01. 09. 23 v 9:54 Daniel P. Berrangé napsal(a): > > Shorter is indeed better because it is far easier for humans to read when > > it is more concise, especially so because > > once the expression is flattened, the SPDX identifiers coul

[Fedora-legal-list] Re: Making no-conditions identifiers optional in the License: field

On Wed, Aug 30, 2023 at 1:08 PM Fabio Valentini wrote: > Wouldn't dropping licenses (or exceptions) that entail no conditions > just be another way to do "effective license analysis" (i.e. who needs > to decide whether the license entails no conditions)? > Listing everything might be verbose, but

[Fedora-legal-list] Re: Making no-conditions identifiers optional in the License: field

On Mon, Aug 28, 2023 at 10:31 AM Vít Ondruch wrote: > > > Dne 24. 08. 23 v 20:52 Richard Fontana napsal(a): > > Some of the complaints that have surfaced since the migration from the > > Callaway system to SPDX seem to be, at root, an aesthetic distaste for > > complex

[Fedora-legal-list] Re: Making no-conditions identifiers optional in the License: field

On Fri, Sep 1, 2023 at 11:56 AM Iñaki Ucar wrote: > > Apologies if this has been discussed before, but why not something > like the debian/copyright file? The License tag could be just a list > of all licenses found, without AND or OR, to avoid the combinatorial > issue, and then a copyright file

[Fedora-legal-list] Re: Making no-conditions identifiers optional in the License: field

On Fri, Sep 1, 2023 at 8:09 AM Vít Ondruch wrote: > > Can we attach percentage to each license? E.g. "Kernel is from 99,9625 % > GPL-2.0-only license" > > I am proposing this mostly as a joke. Nevertheless, it is interesting > information IMHO. This sounds similar to an idea I had a few years ago

[Fedora-legal-list] Re: Making no-conditions identifiers optional in the License: field

On Thu, Aug 31, 2023 at 7:13 PM Jilayne Lovejoy wrote: > >License: Apache-2.0 AND BSD-2-Clause AND BSD-3-Clause AND > > BSD-3-Clause-Clear AND CDDL-1.0 AND copyleft-next-0.3.1 AND > > GPL-1.0-or-later AND GPL-1.0-or-later-WITH-Linux-syscall-note AND > > GPL-2.0-only AND GPL-2.0-only-WITH-L

[Fedora-legal-list] Re: Effective license analysis: required or not?

On Mon, Aug 28, 2023 at 3:25 PM Fabio Valentini wrote: > So yes, we rely on and adhere to the "License tag reflects binary > package contents" rule. So you are reasonably happy with the current rules as they affect the License: field for Rust crate packages? Or is there anything you would like t

[Fedora-legal-list] Re: Bundled Public Domain/CC0-1.0 blake2 library in Python

On Tue, Aug 29, 2023 at 7:18 AM Miro Hrončok wrote: > > Hello, > > when reviewing a pull request by Yaakov [1], I realized Python bundles [2] the > reference blake2 implementation known as libb2 [3]. We already have that > packaged in Fedora as libb2, licensed as CC0. The library itself has: > > >

[Fedora-legal-list] Re: Bundled Public Domain/CC0-1.0 blake2 library in Python

g/publicdomain/zero/1.0/> link refers to > CC0-1.0, a different license from CC-PDDC. > > Last, recently I asked a similar case (a public domain dedication with > a fallback to a license) > <https://gitlab.com/fedora/legal/fedora-license-data/-/issues/306#note_1530527250> &

[Fedora-legal-list] Re: Anarch's CC0 licence

On Mon, Aug 28, 2023 at 3:42 AM Artur Frenszek-Iwicki wrote: > > Hi all, > > so some time ago... oh my, it's been a year already. Either way - > Creative Commons Zero has been re-classified in Fedora > as allowed for content, but not for code. [0] > > I maintain a package, anarch [1], which is lic

[Fedora-legal-list] Re: Effective license analysis: required or not?

On Tue, Aug 22, 2023 at 9:41 AM David Cantrell wrote: > > We did portray this as a re-audit and not simply a change in abbreviations. > I did many presentations on just that and we held numerous hack fests where > we helped people analyze packages to determine the correct license expression >

[Fedora-legal-list] Re: Effective license analysis: required or not?

On Tue, Aug 22, 2023 at 3:34 AM Petr Pisar wrote: > > V Mon, Aug 21, 2023 at 01:04:29PM +0200, Florian Weimer napsal(a): > > * Most package maintainers probably assume that License: tags on all > > built RPMs (source RPMs and binary RPMs) should reflect binary package > > contents, at least wh

[Fedora-legal-list] Re: Effective license analysis: required or not?

On Fri, Aug 25, 2023 at 5:58 AM Florian Weimer wrote: > > * Richard Fontana: > > When we (a bunch of us inside Red Hat that is) started to think about > > revamping the rules on RPM license metadata, we thought about a number > > of options. One thing I should note is

[Fedora-legal-list] Making no-conditions identifiers optional in the License: field

Some of the complaints that have surfaced since the migration from the Callaway system to SPDX seem to be, at root, an aesthetic distaste for complex license expressions in RPM license metadata. This may explain why some favor application of "effective license" analysis. I suspect there is also a s

[Fedora-legal-list] Re: Effective license analysis: required or not?

On Mon, Aug 21, 2023 at 7:04 AM Florian Weimer wrote: > > I think Richard said that he would start a thread like this, but it > hasn't happened, so I feel like should get this off my chest now. > > starts w

[Fedora-legal-list] Re: Nonfree font(s) in 90-Second-Portraits (was: Effective license analysis: required or not?)

On Thu, Aug 24, 2023 at 12:57 PM Jeremy Newton wrote: > > Yeah, I also noticed another one of my packages has a possible problematic > font, but it's unclear to me: > https://src.fedoraproject.org/rpms/safetyblanket > https://github.com/SimonLarsen/safetyblanket/blob/master/res/fonts/notalot35.tt

[Fedora-legal-list] Nonfree font(s) in 90-Second-Portraits (was: Effective license analysis: required or not?)

On Wed, Aug 23, 2023 at 4:00 PM Robert-André Mauchin wrote: > https://src.fedoraproject.org/rpms/90-Second-Portraits/pull-request/1 > > Surprise, surprise, we have non free code, this is just amazing! > > Analysis: > > OFL-1.1 > --- > 90-Second-Portraits-1.01b-16.fc38.src.rpm-extract/90-Second-Po

[Fedora-legal-list] Re: Is this still Boehm-GC?

On Mon, Aug 21, 2023 at 9:04 AM Florian Weimer wrote: > > The SPDX reference pattern uses “Copyright (c)”, and the second > paragraph is in ALL CAPS. Furthermore, the Boehm-GC text says > “program” instead of “shellscript”. > > # Copyright 2018 B. Persson, bj...@rombobeorn.se > # > # This materia

[Fedora-legal-list] Re: Support of modern file formats in exiv2

On Sun, Aug 13, 2023 at 4:18 AM Mattia Verga wrote: > > I have found an old (2021) ticket in BZ regarding exiv2 support being > disabled for some modern file formats. > https://bugzilla.redhat.com/show_bug.cgi?id=1979565 > > There it is said that the ticket is awaiting for some conclusion from Fe

[Fedora-legal-list] Re: License of perl-Data-UUID

On Wed, Aug 9, 2023 at 6:31 AM Jitka Plesnikova wrote: > > Hi, > > I want to update License tag to SPDX format in perl-Data-UUID [1], and > the Makefile.PL in source is declared as being BSD: > >https://metacpan.org/release/RJBS/Data-UUID-1.226/source/Makefile.PL#L75 > > There is no text which

[Fedora-legal-list] Re: msv (xsdlib) licensing review

As for https://github.com/xmlark/msv/blob/main/docs/xsdlib/copyright.txt I think this should be ignored. On Tue, Aug 8, 2023 at 2:24 PM Richard Fontana wrote: > > On Tue, Aug 8, 2023 at 9:00 AM Marián Konček wrote: > > > > As part of the jaxb 4.0.2 -> 4.0.3 update, pa

[Fedora-legal-list] Re: msv (xsdlib) licensing review

On Tue, Aug 8, 2023 at 9:00 AM Marián Konček wrote: > > As part of the jaxb 4.0.2 -> 4.0.3 update, part of this package is > needed for its code generation. Therefore, I would like to package it in > Fedora. This package has complex licensing which is why I am asking for > a review. Note that I on

[Fedora-legal-list] Re: kickstart files and trademark licensing question on Ask Fedora

ile, > after all. > > > On Mon, Aug 07, 2023 at 11:41:37AM -0400, Richard Fontana wrote: > > I had a discussion with Kristin Borths (Red Hat's trademark lawyer) > > last week about this and also refreshed my memory on the license of > > fedora-logos. The conclusion

[Fedora-legal-list] Re: kickstart files and trademark licensing question on Ask Fedora

something that would qualify as a 'remix' but doesn't use the secondary mark. Richard On Wed, Aug 2, 2023 at 2:09 PM Richard Fontana wrote: > > On Wed, Aug 2, 2023 at 10:14 AM Matthew Miller > wrote: > > > > https://discussion.fedoraproject.org/t/does-dis

[Fedora-legal-list] Re: relaxng-datatype license

See: https://github.com/java-schema-utilities/relaxng-datatype-java/pull/4 On Sat, Aug 5, 2023 at 1:16 PM Richard Fontana wrote: > > On Fri, Aug 4, 2023 at 2:32 PM Richard Fontana wrote: > > > > On Fri, Aug 4, 2023 at 9:20 AM Marián Konček wrote: > > > >

[Fedora-legal-list] Re: relaxng-datatype license

On Fri, Aug 4, 2023 at 2:32 PM Richard Fontana wrote: > > On Fri, Aug 4, 2023 at 9:20 AM Marián Konček wrote: > > > > It looks like this project > > (https://github.com/java-schema-utilities/relaxng-datatype-java) will > > need to be added to Fedora as a part

[Fedora-legal-list] Re: relaxng-datatype license

sources it is > more-less clear that it should be BSD: > * https://relaxng.org/ > * https://sourceforge.net/projects/relaxng/ > * comment from Richard Fontana in open Issues in GitHub > (https://github.com/java-schema-utilities/relaxng-datatype-java/issues/1) > > Nevertheless I would

[Fedora-legal-list] Assessment of Fedora legal/license policies

It's been about a year since Fedora switched from the Callaway system [1] to the use of SPDX identifiers for purposes of package license metadata and license classification, along with the publication of significantly revamped and rationalized documentation relating to Fedora legal issues [2]. Thi

  1   2   3   4   5   >