On Mon, May 23, 2022 at 12:37 PM Jilayne Lovejoy <jlovejoy(a)redhat.com> wrote:
Hi Fedora legal and packaging,
I'm cross-posting this, as I think it's relevant to both groups.
The current policy for filling out the license field of the spec file (as described at
https://docs.fedoraproject.org/en-US/packaging-guidelines/LicensingGuidel... ) states,
"The License: field refers to the licenses of the contents of the binary rpm. When in
doubt, ask."
As we consider how to improve documentation related to Fedora licensing, it would be
helpful to hear people's thoughts on the following:
1) how do you (package maintainers) interpret this policy in practice?
2) what further information/documentation about this policy would be helpful?
3) should this policy be different, and if so, how?
4) any other related thoughts or observations
I generally interpret it to mean the effective license that covers the
resulting artifacts shipped in the binary RPM. I think this is fine,
but we definitely have a gap in RPM packaging in that we can't declare
the license of the Source RPM anywhere. This is particularly kludgy
when you have vendored or bundled code.
To be honest, I don't particularly relish redoing the licensing of
some things with SPDX identifiers because it's going to triple the
length of the license string there. Too much specificity can hurt...
I don't have specific solutions here, but I would like to avoid having
the list licenses for literally everything in a source tree when it
doesn't matter for binary RPMs.
--
真実はいつも一つ!/ Always, there's only one truth!