Hi,
On 08/01/2021 04:59, Meh Mbeh Ida Delphine wrote:
>
> Due to some mismatches, warnings pop up during the build. Below are some
> few sample warnings and I'm aware of false positives;
Why do you think they are false positives?
>
> WARNING: glibc-2.32-r0 do_package: License for package nscd is {'GPL-2.0
> WITH Linux-syscall-note'} vs GPLv2 & LGPLv2.1
Check this file:
FileName:
./spdx_temp/git/.pc/0026-inject-file-assembly-directives.patch/sysdeps/aarch64/crti.S
FileChecksum: SHA1: 83c9d68d2f83ca0af8af2a918533f21004aac238
LicenseConcluded: NOASSERTION
LicenseInfoInFile: LGPL-2.1-or-later
LicenseInfoInFile: LicenseRef-scancode-unlimited-linking-exception-lgpl
FileCopyrightText: <text>Copyright (c) 1995-2020 Free Software
Foundation, Inc.
</text>
I play around with meta-spdxscanner and if you run e.g. scancode-toolkit
it tells you:
FileName: ./spdx_temp/git/nscd/cache.c
FileChecksum: SHA1: ecec99d5427b03fe5c390f5fd78274a2a7c625e7
LicenseConcluded: NOASSERTION
LicenseInfoInFile: GPL-3.0-or-later
FileCopyrightText: <text>Copyright (c) 1998-2020 Free Software
Foundation, Inc.
</text>
;)
Which comes from:
This program is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License as published
by the Free Software Foundation; version 2 of the License, or
(at your option) any later version.
So once someone determines what's the real license, I guess packages
could be licensed accordingly ;)
LICENSE_glibc-xxx = "GPLv3+"
is it? Bring in the lawyers.
> WARNING: glibc-2.32-r0 do_package: License for package sln is {'GPL-2.0
> WITH Linux-syscall-note'} vs GPLv2 & LGPLv2.1
> WARNING: glibc-2.32-r0 do_package: License for package ldconfig is
> {'GPL-2.0 WITH Linux-syscall-note'} vs GPLv2 & LGPLv2.1
> WARNING: glibc-2.32-r0 do_package: License for package glibc is
> {'GPL-2.0 WITH Linux-syscall-note'} vs GPLv2 & LGPLv2.1
> WARNING: glibc-2.32-r0 do_package: License for package glibc-staticdev
> is {'GPL-2.0 WITH Linux-syscall-note'} vs GPLv2 & LGPLv2.1
> WARNING: libcap-ng-0.8-r0 do_package: License for package libcap-ng is
> {'GPL-2.0 WITH Linux-syscall-note'} vs GPLv2+ & LGPLv2.1+> WARNING:
libtirpc-1.2.6-r0 do_package: License for package libtirpc is
> {'GPL-2.0 WITH Linux-syscall-note'} vs BSD-3-Clause
> WARNING: ptest-runner-2.4.0+gitAUTOINC+834670317b-r0 do_package: License
> for package ptest-runner is {'GPL-2.0-or-later'} vs GPLv2+
I assume GPLv2+ is supposed to mean GPL-2.0-or-later.
One fix would be to put in the LICENSE field of ptest-runnner
GPL-2.0-or-later instead of GPLv2+. Another fix could be to add the
mapping between GPLv2+ and GPL-2.0-or-later.
> WARNING: libcap-2.44-r0 do_package: License for package libcap is
> {'GPL-2.0 WITH Linux-syscall-note'} vs BSD | GPLv2> WARNING:
libcap-2.44-r0 do_package: License for package libcap-staticdev
> is {'GPL-2.0 WITH Linux-syscall-note'} vs BSD | GPLv2
> WARNING: openssl-1.1.1h-r0 do_package: License for package
> openssl-engines is {'GPL-2.0 WITH Linux-syscall-note', 'GPL-2.0+ WITH
> Linux-syscall-note'} vs openssl
> > Any suggestions on improvements I can make to this functionality?
>
> Cheers,
> Ida.
Regards,
Robert
-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.
View/Reply Online (#51954): https://lists.yoctoproject.org/g/yocto/message/51954
Mute This Topic: https://lists.yoctoproject.org/mt/79516164/21656
Group Owner: [email protected]
Unsubscribe: https://lists.yoctoproject.org/g/yocto/unsub
[[email protected]]
-=-=-=-=-=-=-=-=-=-=-=-
