[adding -devel, for wider visiblity] On Sun Sep 8, 2024 at 6:31 PM CEST, Serafeim (Serafi) Zanikolas wrote: > hi, > > I've recently taken over adequate(1) and am considering to drop its license > compatibility checks, for several reasons: > > - unlike 2013, which is when adequate grew this functionality, today many > well-funded organizations actively care about license compliance (e.g. see > fossology.org), so I'd expect major cases of non-compliance to be noticed > - afaict in almost 11 years of adequate's existence, only one actual case of > non-compliance was found (#749801) [0] > - the relevant logic is non-trivial, and prone to false positives in the case > of binary packages shipping multiple libraries with different licenses; it > also hardwires soname/license/version mappings for major libraries (I'd > guess > as a workaround for the aforementioned issue), which I consider > unsustainable > from a maintenance PoV > > if you feel strongly against this proposal, you're more than welcome to join > the > adequate maintainers team (today, just me) and make your case with code. of > course you're also welcome to join even if you do agree with the proposal! > > thanks, > serafi > > ps. please cc me in replies > > [0] I've looked at piuparts and adequate tagged bugs
signature.asc
Description: PGP signature
