On Thu, Aug 4, 2016, at 09:23 AM, Ludovic Courtès wrote: > Strictly speaking it’s wrong, but I think it better reflects the intent > of the authors (I think authors who throw a GPLv3 ‘COPYING’ file without > bothering to add file headers probably think that GPLv3 and maybe later > versions apply, but not previous versions.)
Ah, I guess that seems more reasonable when the whole situation is laid out. > I suppose many package violations could be detected using Guix, but > you’re right that subtle cases like this one can go undetected. > > In the end, we’re talking about legal documents whose interpretation > isn’t as formal as we would like. So I suspect that no single tool can > provide what you want—there is no “license calculus”. Tools like > Fossology go a long way, but AFAIK they are no substitute for proper > manual auditing. I know it can't and shouldn't be fully automated, but we can still build useful tools to help us. -- Alex Griffin
