Dear legal,
While checking the contents of our `perl' package, I noticed the following:
(...)
/* NOTE: this is derived from Henry Spencer's regexp code, and should not
* confused with the original package (see point 3 below). Thanks, Henry!
*/
/* Additional note: this code is very heavily munged from Henry's version
* in places. In some spots I've traded clarity for efficiency, so don't
* blame Henry for some of the lack of readability.
*/
/* The names of the functions have been changed from regcomp and
* regexec to pregcomp and pregexec in order to avoid conflicts
* with the POSIX routines of the same names.
*/
(...)
* pregcomp and pregexec -- regsub and regerror are not used in perl
*
* Copyright (c) 1986 by University of Toronto.
* Written by Henry Spencer. Not derived from licensed software.
*
* Permission is granted to anyone to use this software for any
* purpose on any computer system, and to redistribute it freely,
* subject to the following restrictions:
*
* 1. The author is not responsible for the consequences of use of
* this software, no matter how awful, even if they arise
* from defects in it.
*
* 2. The origin of this software must not be misrepresented, either
* by explicit claim or by omission.
*
* 3. Altered versions must be plainly marked as such, and must not
* be misrepresented as being the original software.
*
**** Alterations to Henry's code are...
****
**** Copyright (C) 1991, 1992, 1993, 1994, 1995, 1996, 1997, 1998, 1999,
**** 2000, 2001, 2002, 2003, 2004, 2005, 2006, 2007, 2008
**** by Larry Wall and others
****
**** You may distribute under the terms of either the GNU General Public
**** License or the Artistic License, as specified in the README file.
(...)
You can see the whole file here:
https://metacpan.org/source/SHAY/perl-5.20.1/regexec.c
I looked but couldn't find any common name for this license
of Henry's. Is it on our list? Is it free? What name should
I use in the License tag?
Thank you,
Petr
The licensing wiki says that the IEEE license is a “good” documentation
license. However, with the 2017 release, IEEE switched to this license:
| The Institute of Electrical and Electronics Engineers and The Open Group,
| have given us permission to reprint portions of their documentation.
|
| In the following statement, the phrase ``this text'' refers to portions of
| the system documentation.
|
| Portions of this text are reprinted and reproduced in electronic form in
| the Linux man-pages project, from IEEE Std 1003.1-2017, Standard for
| Information Technology -- Portable Operating System Interface (POSIX), The
| Open Group Base Specifications Issue 7, 2018 Edition, Copyright (C) 2018
| by The Institute of Electrical and Electronics Engineers, Inc and The Open
| Group. In the event of any discrepancy between these versions and the
| original IEEE and The Open Group Standard, the original IEEE and The Open
| Group Standard is the referee document. The original Standard can be
| obtained online at http://www.opengroup.org/unix/online.html .
|
| This notice shall appear on any product containing this material.
<https://mirrors.edge.kernel.org/pub/linux/docs/man-pages/man-pages-posix/ma…>
This license no longer permits modified redistribution, as far as I can
see. Is this still an acceptable documentation license as far as Fedora
is concerned?
Thanks,
Florian
Hello Legal,
I'm bringing back a discussion from 2012[1]: Figlet fonts!
Indeed, I am trying to package python-pyfiglet[2] as a dependency for other
packages. But, after the review, it came up that a lot of weird fonts were
included. At the time, I didn't know anything about the discussion, and
decided
to abort everything.
Recently though, a developer contacted me through the bug report, and
proposed
to help on the issue. He triaged the fonts and separated them depending on
whether they were Open-Source or not, and we were thus able to create a
clean
package with none of the problematic fonts in it.
In that discussion[3], emerged the fact that a discussion over this already
happened ([1]), but it seems that either no consensus was reached, or
that such
consensus was lost to time as I wasn't able to find any conversation on
figlet
either on legal or devel mailing lists archives. And, it seems that the
issue
was just simply avoided since figlet ended up removing the problematic fonts
anyway.
But, upstream would like to keep the problematic fonts if possible in
Fedora.
And so, I would like to ask Legal to either give me the answer, if it
actually
was a settled matter, or to reach a consensus on Figlet fonts.
To resume the situation (as I understand it, I am not a lawyer, obviously):
In the US, fonts glyphs are not copyright-able as it is considered
insufficiently creative. For the same reason, Bitmap fonts (fonts
defined pixel
by pixel) are also not copyright-able, as they are only considered as
data which
represents glyphs. But, Vector fonts (fonts defined using drawing
instructions
and code), is, on the other hand, copyright-able because it is defined
through a
software code.
Then, we come to Figlet fonts. For those not aware of what Figlet fonts,
they
are also known as ASCII fonts:
__ __ ____ __ ____
/ / / /__ / / /___ / / ___ ____ _____ _/ / /
/ /_/ / _ \/ / / __ \ / / / _ \/ __ `/ __ `/ / /
/ __ / __/ / / /_/ / / /___/ __/ /_/ / /_/ / /_/
/_/ /_/\___/_/_/\____( ) /_____/\___/\__, /\__,_/_(_)
|/ /____/
The issue with those is that no ruling (as far as I know) ever concerned
that
type of font in US Court. Though, one argument would be that Figlet
fonts are
similar to Bitmap fonts, as they only contain data about glyphs, and do
not, in
the same way as Vector fonts do, contain code giving to the computer drawing
instructions for the fonts. As such Figlet fonts are not modular, or
extensible,
they just contain raw data about a font.
But still, all this is speculation, and, as I said, I am not a lawyer, so I
don't have any slight idea if such a defense would hold in court.
I hope to have resumed the situation clearly enough and that I didn't
make any
mistake.
Greetings,
Lyes Saadi
[1]: https://bugzilla.redhat.com/show_bug.cgi?id=820642
[2]: https://bugzilla.redhat.com/show_bug.cgi?id=1876108
[3]: https://github.com/pwaller/pyfiglet/issues/89
PS: Can we remove the FE-legal blocker from the review request now that
all the
fonts have been sorted out?
Greetings,
As part of some ongoing efforts to improve information relating to
Fedora licensing and licensing policy, we want to provide better
documentation around the various license approval categories for
Fedora, as currently set forth here:
https://fedoraproject.org/wiki/Licensing:Main
but which probably will live in the future on docs.fedoraproject.org.
Here's a rough draft which I wanted to publish here for review.
Feedback/criticisms/suggestions welcome.
Side note: This preserves Tom Callaway's historical usage of "good" to
mean "Fedora-approved", but I have mixed feelings about this
terminology.
1. Licenses for Code
“Code” means software code, any other functional material whose
principal purpose is to control or facilitate the building of
packages, such as an RPM spec file, and other kinds of material that
the Fedora Council has classified as "code" rather than "content", but
does not include font files.
[Comment: This annoyingly and confusingly does not line up with
definitions in the FPCA, but Fedora should get rid of the FPCA anyway]
A license for code is “good” if the Fedora Project determines that the
license is a free/libre//open source license.
[Not sure if it's helpful to add the following:]
In making this determination, Fedora historically relied primarily on
the Free Software Definition as maintained and interpreted by the Free
Software Foundation, but out of necessity Fedora passed judgment on
many licenses never addressed by the FSF and, in the process, built up
an informal body of interpretation and policymaking (admittedly,
mostly undocumented) that went far beyond what the FSF had done.
Fedora has also sometimes considered the decisions of other community
Linux distributions and other important efforts to define and apply
FLOSS norms, most notably the OSI’s Open Source Definition. In a small
number of cases, Fedora has disagreed with decisions of the FSF and
OSI regarding whether particular licenses are FLOSS.
2. Licenses for Documentation
Any license that is good for code is also good for documentation.
In addition, Fedora may designate a license as good for documentation
if (a) the license meets the standards for good licenses for code, (b)
the license is designed primarily for technical documentation or
otherwise has a history of substantial use in free software
communities for documentation, and (c) the license is not commonly or
normally used for code.
[Comment: this feels unsatisfactory to me, for multiple reasons, but I
think it does accurately represent the historical Fedora policy.]
3. Licenses for Content
“Content” means any material that is not code, documentation, fonts or
binary firmware.
Any license that is good for code is also good for content.
In addition, Fedora may designate a license as good for content if it
restricts or prohibits modification but otherwise meets the standards
for good licenses for code.
4. Licenses for Fonts
Any license that is good for code is also good for fonts.
In addition, Fedora may designate a license as good for fonts if it
contains a nominal prohibition on resale or distribution in isolation
but otherwise meets the standards for good licenses for code.
5. Licenses for Binary Firmware
Some applications, drivers, and hardware require binary-only firmware
to boot Fedora or function properly. Fedora permits inclusion of these
files if they meet certain requirements [currently set forth at:
https://fedoraproject.org/wiki/Licensing:Main#Binary_Firmware but the
non-license part of this needs to move somewhere else ].
Any license that is good for code is also good for binary firmware.
In addition, Fedora may designate a particular firmware license as
good for firmware if the terms in the license that would not be
acceptable in a good code license are limited to the following:
* Requirements that the firmware be redistributed only as incorporated
in the redistributor's product (or as a maintenance update for
existing end users of the redistributor's product), possibly limited
further to those products of the redistributor that support or contain
the hardware associated with the licensed firmware
* Requirements that the redistributor to pass on or impose conditions
on users that are no more restrictive than those authorized by Fedora
itself with respect to firmware licenses
* Prohibitions on modification, reverse engineering, disassembly or
decompilation
* Requirements that use be in conjunction with the hardware associated
with the firmware license
Richard
Hi all,
As you all know, we have a larger project of moving Fedora license data
to a data format and repository, updating and improving Fedora-legal
documentation related to licensing, and adoption of SPDX ids. In light
of that, it is also relevant to look at the process for review of a new
license for potential inclusion in Fedora.
I'd describe the past/current process as:
- send email to this list, some discussion may ensue on list (with
community members and Red Hat legal), decision made and then license is
added to the applicable wiki table (good or bad) at
https://fedoraproject.org/wiki/Licensing:Main?rd=Licensing
- Of course, up until somewhat recently, this entire workflow was
shepherded by Tom Callaway
Now that we have the license data in a repository, it seems like we can
use Issues and Merge Requests for the process flow, instead of relying
on email. As such, I'd like to propose something along the following lines:
*
**How to request review of a new license*
If you find a license for a package you want to include in Fedora and
that license is not listed in the Fedora License Data, you can submit it
for review as follows:
Note: you must be a Fedora contributer and become part of the Fedora
Gitlab group. See LINK for more on how to become a Fedora contributor.
1) Create a new issue in the Fedora License Data repo with the following
information: license name, link to text of license, package name and
link, why you want to include it in Fedora, whether it is on the SPDX
License List, and the SPDX expression as applicable (see below for hints
on determining if a license text matches a license on the SPDX License List)
2) All discussion related to the license review based on the license
criteria will be on the Issue thread and a decision will be noted there.
` If the license is not on the SPDX License List, then submit the
license to the to the SPDX-legal team at
https://tools.spdx.org/app/submit_new_license/. In addition to the
required information, include a note that it is under review for Fedora
and a link to the related Fedora License Data Gitlab issue.
The ultimate decision for licenses allowed or not-allowed for Fedora
based upon the license criteria rests with Red Hat legal.
3) Once a decision has been made, the person who submitted the license
for review creates a Merge Request for the license using the TOML file
format.
4) Merge Requests will be reviewed and merged by the Fedora License Data
repo maintainers.
Happy to hear your thoughts, feedback, and suggestions!
Thanks,
Jilayne
When verifying the license for sfsexp (
https://bugzilla.redhat.com/show_bug.cgi?id=2095717) in my review, I
noticed it appears to have a modification to the LGPLv2+ license on it. The
full license text provided by the package is:
Copyright (2003-2006). The Regents of the University of California. This
material was produced under U.S. Government contract W-7405-ENG-36 for Los
Alamos National Laboratory, which is operated by the University of
California for the U.S. Department of Energy. The U.S. Government has rights
to use, reproduce, and distribute this software. NEITHER THE GOVERNMENT NOR
THE UNIVERSITY MAKES ANY WARRANTY, EXPRESS OR IMPLIED, OR ASSUMES ANY
LIABILITY FOR THE USE OF THIS SOFTWARE. If software is modified to produce
derivative works, such modified software should be clearly marked, so as not
to confuse it with the version available from LANL.
Additionally, this library is free software; you can redistribute it and/or
modify it under the terms of the GNU Lesser General Public License as
published by the Free Software Foundation; either version 2.1 of the
License, or (at your option) any later version.
This library is distributed in the hope that it will be useful, but WITHOUT
ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
FITNESS FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public License
for more details.
You should have received a copy of the GNU Lesser General Public License
along with this library; if not, write to the Free Software Foundation,
Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, U SA
LA-CC-04-094
(taken from https://github.com/mjsottile/sfsexp/blob/master/COPYING)
This to me reads as a modification to the normal LGPL (since it puts
requirements that derivative works be clearly marked as distinct). Is this
modification acceptable for inclusion in Fedora?
-Ian