[Piuparts-devel] proposal to drop licence compatibility checks from adequate
Serafeim (Serafi) Zanikolas
sez at debian.org
Sat Sep 28 18:50:46 BST 2024
[adding -devel, for wider visiblity]
On Sun Sep 8, 2024 at 6:31 PM CEST, Serafeim (Serafi) Zanikolas wrote:
> hi,
>
> I've recently taken over adequate(1) and am considering to drop its license
> compatibility checks, for several reasons:
>
> - unlike 2013, which is when adequate grew this functionality, today many
> well-funded organizations actively care about license compliance (e.g. see
> fossology.org), so I'd expect major cases of non-compliance to be noticed
> - afaict in almost 11 years of adequate's existence, only one actual case of
> non-compliance was found (#749801) [0]
> - the relevant logic is non-trivial, and prone to false positives in the case
> of binary packages shipping multiple libraries with different licenses; it
> also hardwires soname/license/version mappings for major libraries (I'd guess
> as a workaround for the aforementioned issue), which I consider unsustainable
> from a maintenance PoV
>
> if you feel strongly against this proposal, you're more than welcome to join the
> adequate maintainers team (today, just me) and make your case with code. of
> course you're also welcome to join even if you do agree with the proposal!
>
> thanks,
> serafi
>
> ps. please cc me in replies
>
> [0] I've looked at piuparts and adequate tagged bugs
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 833 bytes
Desc: not available
URL: <http://alioth-lists.debian.net/pipermail/piuparts-devel/attachments/20240928/c65374b8/attachment.sig>
More information about the Piuparts-devel
mailing list