On Thu, May 22, 2025 at 12:00:04PM -0000, Martin Gansser wrote: > The second question concerns the listing of the individual files and the > assignment of the SPDX license [2] > in the rpm spec file. > > [2] https://martinkg.fedorapeople.org/ErrorReports/licensecheck_spdx.txt > [3] https://martinkg.fedorapeople.org/ErrorReports/speed-dreams.spec > > How should the whole thing be handled?
The licensecheck tool is not entirely reliable. Consider its list of detected licenses as rough approximation - it will sometimes invent licenses that aren't present, or omit licenses that are present. So you need to manuall sanity check the results At least, you need to check whether each license really does exist in the codebase, in a file that gets incoporated into the shipped RPMS. You can ignore license in code that is not built for Fedora, or stuff that isn't shipped such as the build system files. Also sample some soruces files to see if there are other licenses it missed - particularly if licensecheck reported some wierd/unexpected licenses. Finding 1 applicable file under each license, is sufficient to justify including it in the RPM License field. So once you have your list of individual licenses/license expressions for individual files, join them all together with "AND" into the final SDPX expression for the RPM license field. With regards, Daniel -- |: https://berrange.com -o- https://www.flickr.com/photos/dberrange :| |: https://libvirt.org -o- https://fstop138.berrange.com :| |: https://entangle-photo.org -o- https://www.instagram.com/dberrange :| -- _______________________________________________ devel mailing list -- devel@lists.fedoraproject.org To unsubscribe send an email to devel-le...@lists.fedoraproject.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/devel@lists.fedoraproject.org Do not reply to spam, report it: https://pagure.io/fedora-infrastructure/new_issue
