Hello everyone,
I'm trying to improve the Yocto Project's license tracing based on a
proof-of concept implementation of linking sources with SPDX headers to
output files by Richard at
http://git.yoctoproject.org/cgit/cgit.cgi/poky-contrib/log/?h=rpurdie/license-experiments-osls
.
The code in package.bbclass creates a list of SPDX headers found for the
sources that make up a given set of binaries that make up an individual
package using debug symbols to map sources to the binaries. This is then
compared with the license field of the given package containing those
binaries.
Due to some mismatches, warnings pop up during the build. Below are some
few sample warnings and I'm aware of false positives;
WARNING: glibc-2.32-r0 do_package: License for package nscd is {'GPL-2.0
WITH Linux-syscall-note'} vs GPLv2 & LGPLv2.1
WARNING: glibc-2.32-r0 do_package: License for package sln is {'GPL-2.0
WITH Linux-syscall-note'} vs GPLv2 & LGPLv2.1
WARNING: glibc-2.32-r0 do_package: License for package ldconfig is
{'GPL-2.0 WITH Linux-syscall-note'} vs GPLv2 & LGPLv2.1
WARNING: glibc-2.32-r0 do_package: License for package glibc is {'GPL-2.0
WITH Linux-syscall-note'} vs GPLv2 & LGPLv2.1
WARNING: glibc-2.32-r0 do_package: License for package glibc-staticdev is
{'GPL-2.0 WITH Linux-syscall-note'} vs GPLv2 & LGPLv2.1
WARNING: libcap-ng-0.8-r0 do_package: License for package libcap-ng is
{'GPL-2.0 WITH Linux-syscall-note'} vs GPLv2+ & LGPLv2.1+
WARNING: libtirpc-1.2.6-r0 do_package: License for package libtirpc is
{'GPL-2.0 WITH Linux-syscall-note'} vs BSD-3-Clause
WARNING: ptest-runner-2.4.0+gitAUTOINC+834670317b-r0 do_package: License
for package ptest-runner is {'GPL-2.0-or-later'} vs GPLv2+
WARNING: libcap-2.44-r0 do_package: License for package libcap is {'GPL-2.0
WITH Linux-syscall-note'} vs BSD | GPLv2
WARNING: libcap-2.44-r0 do_package: License for package libcap-staticdev is
{'GPL-2.0 WITH Linux-syscall-note'} vs BSD | GPLv2
WARNING: openssl-1.1.1h-r0 do_package: License for package openssl-engines
is {'GPL-2.0 WITH Linux-syscall-note', 'GPL-2.0+ WITH Linux-syscall-note'}
vs openssl
Any suggestions on improvements I can make to this functionality?
Cheers,
Ida.
-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.
View/Reply Online (#51926): https://lists.yoctoproject.org/g/yocto/message/51926
Mute This Topic: https://lists.yoctoproject.org/mt/79516164/21656
Group Owner: [email protected]
Unsubscribe: https://lists.yoctoproject.org/g/yocto/unsub
[[email protected]]
-=-=-=-=-=-=-=-=-=-=-=-
