Hot news:
- SPDX upstream finally got approved some of our licenses waiting in the queue.
- in fedora-license-data - Richard and I are working together on old and painful issues. The number of open issues is
now 52. I am so happy about it, because it was over 60 for ages.
- almost every week I notice maintainer who has local copy of spec file and when they rebase package they overwrite the
migrated license tag. If you have such workflow, please check for the changes in dist-git first.
- legal documentations got several updates:
https://docs.fedoraproject.org/en-US/legal/update-existing-packages/#_public_domain_or_ultrapermissive
https://docs.fedoraproject.org/en-US/legal/update-existing-packages/#_licenseref_kde_accepted
https://docs.fedoraproject.org/en-US/legal/license-review-process/ (note about
funny licenses being treated seriously)
- kernel was documented as exception to BSD-3-Clause-Clear so kernel package is
finally reported as OK.
- There are 3 packages in Fedora with not-allowed license. Despite my reports and ping they does not seems to have a
plan. I plan to open FESCO issue and retire these packages. For list of packages see tracking bug
https://bugzilla.redhat.com/show_bug.cgi?id=2310597
Five weeks ago we had:
* 24495 spec files in Fedora
* 31150license tags in all spec files
* 115 tags are not SPDX compliant (number from line bellow minus packages with
LicenseRef-Callaway-*)
* 2184tags have not been converted to SPDX yet
* 12 tags can be trivially converted using `license-fedora2spdx`
* Progress: 99.83% ░░░░░░░░░█100%
ELN subset:
54 out of 2301 packages are not converted yet (progress 97.50%)
Today we have:
* 24479 spec files in Fedora
* 31088license tags in all spec files
* 108 tags are not SPDX compliant (number from line bellow minus packages with
LicenseRef-Callaway-*)
* 2143tags have not been converted to SPDX yet
* 11 tags can be trivially converted using `license-fedora2spdx`
* Progress: 99.63% ░░░░░░░░░█100%
ELN subset:
58 out of 2322 packages are not converted yet (progress 97.65%)
Graph of these data with the burndown chart:
https://docs.google.com/spreadsheets/d/1QVMEzXWML-6_Mrlln02axFAaRKCQ8zE807rpCjus-8s/edit?usp=sharing
The list of packages needed to be converted is here:
https://pagure.io/copr/license-validate/blob/main/f/packages-without-spdx-final.txt
List by package maintainers is here
https://pagure.io/copr/license-validate/blob/main/f/packages-without-spdx-final-maintainers.txt
Packages that are neither in SPDX nor in Callaway format (highest priority for
now) - 31 packages:
https://pagure.io/copr/license-validate/blob/main/f/neither-nor-remaining-packagers.txt
Most of such packages has open issue in fedora-license-data. A lot of them are waiting for SPDX to approved the license
and assign ID.
I released new version of fedora-license-data with 10 new license and bunch of
public domain or ultra permissive findings.
6 licenses are waiting to be reviewed by SPDX.org (and then to be added to fedora-license-data)
https://gitlab.com/fedora/legal/fedora-license-data/-/issues/?label_name%5B%5D=SPDX%3A%3Ablocked
If your package does not have neither git-log entry nor spec-changelog entry mentioning SPDX and you know your license
tag matches SPDX formula, you can put your package on ignore list
https://pagure.io/copr/license-validate/blob/main/f/ignore-packages.txt
Either pull-request or direct email to me is fine.
Miroslav
--
_______________________________________________
devel mailing list -- devel@lists.fedoraproject.org
To unsubscribe send an email to devel-le...@lists.fedoraproject.org
Fedora Code of Conduct:
https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives:
https://lists.fedoraproject.org/archives/list/devel@lists.fedoraproject.org
Do not reply to spam, report it:
https://pagure.io/fedora-infrastructure/new_issue
