On Mon, Aug 05, 2024 at 11:23:08AM +0200, Vít Ondruch wrote:
> 
> Dne 02. 08. 24 v 21:37 Miroslav Suchý napsal(a):
> > Dne 02. 08. 24 v 9:07 odp. Miroslav Suchý napsal(a):
> > > 
> > > 
> > > I will love to see more usage of this tag, but I believe the
> > > documentatin has to be updated first. PR for packaging guidelines
> > > and legal doc is welcome.
> > > 
> > Here it comes
> > https://gitlab.com/fedora/legal/fedora-legal-docs/-/merge_requests/306
> > 
> > 
> 
> Thank you for the PR, because this is hard one. I think that in ideal world,
> the PR should be worded in a way that:
> 
> 1) The `SourceLicense` tag is always used and it fully describes the content
> of the SRPM, i.e. it should contain all licenses which would be identified
> by some (ideal) scanner
> 
> 2) The `License` tag would be used in cases when the resulting (sub) package
> has different license from the `SourceLicense` (e.g. build scripts are not
> part of the resulting binary obviously).
> 
> The question is if we can get from the current state to the state I proposed
> above.

Implementing this requires a (re-)review of everything in the source tarball,
which is an exercise we just went through for SDPX in many cases. The idea of
doing this again in order to add SourceLicense is not going to fly in terms
of the time investment asked of maintainers.

With regards,
Daniel
-- 
|: https://berrange.com      -o-    https://www.flickr.com/photos/dberrange :|
|: https://libvirt.org         -o-            https://fstop138.berrange.com :|
|: https://entangle-photo.org    -o-    https://www.instagram.com/dberrange :|

-- 
_______________________________________________
legal mailing list -- legal@lists.fedoraproject.org
To unsubscribe send an email to legal-le...@lists.fedoraproject.org
Fedora Code of Conduct: 
https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: 
https://lists.fedoraproject.org/archives/list/legal@lists.fedoraproject.org
Do not reply to spam, report it: 
https://pagure.io/fedora-infrastructure/new_issue

Reply via email to