Dne 19. 06. 24 v 5:58 odp. Miro Hrončok napsal(a):
How do you know the License tag is not supposed to be e.g. "GPL-2.0-only AND MIT" or similar?
Converting "GPLv2" (which could mean any number of "weaker" licenses are hidden under the "stronger" GPL in the old notation) to "GPL-2.0-only" (which means all the code is exactly GPL 2.0 only) cannot be done automatically.
I don't know. But it seems like the best option.
What are the options:
1) Wait for all the maintainers to do the conversion themselves. Based on the data I send every two weeks, we can do it in a year. But that target date is 20 days away every two weeks. 2) Do nothing at all. 3) Automatically convert where there's a good chance it's correct.
In our group we made a list of what can be automatically converted. For RH folks this link https://docs.google.com/spreadsheets/d/1thDTCawJTewqMCgC1dDuKu4Hq9DCA57q0VDs... for others this copy https://k00.fr/tnbu0zrs What I posted is what made sense to us. But there are licenses where it doesn't make sense to us. For example. wxWindows which will probably be rewritten to LGPL-2.0-or-later WITH WxWindows-exception-3.1 but the exception may be slightly different and needs to be checked.
I would be very happy if the migration was done manually. Every time I did a manual analysis, I discovered some files under other licenses. But manually checking everything under the current state of the tools is not realistic. But there are a lot of people working in the background to have better tools. For example, I would like to publicly thank Robert-André Mauchin, who has spent a lot of time wrapping scancode=toolkit and its dependencies. This is an excellent tool for file analysis. We are just a small step away from completing all the reviews. When this is done, I'd like to create a tool to alert maintainers to new licenses that are used in a file but not in tarball.
For me, migrating these particular licenses is not a perfectly executed step. But it is a step forward. And any imperfections can be fixed in the future.