Bug#829667: License headers

Sandro Mani manisandro at gmail.com
Tue Jul 5 09:43:22 UTC 2016 

Hi Jonathan

For reviews, we have a tool (fedora-review) which runs licensecheck 
recursively in the source tree. Fedora-review then prints out the 
detected licenses in the license headers of the files and the 
reviewer/packager is asked to compare these licenses with the actual 
license declared by the project resp. in the package metadata (i.e. the 
spec file).

So I suppose that typically people expect that each source file contains 
a license header (from my point of view this also makes sense if 
individual files are reused outside of the project). But it is not a 
review-blocking issue, our guidelines simply ask us to raise the issue 
upstream.

Thanks

Sandro


On 05.07.2016 11:40, Jonas Smedegaard wrote:
> Hi Sandro,
>
> Thanks for the bugreport, and thanks a lot for packaging licensecheck
> for Fedora - moving it to CPAN was done *exactly* to ease redistribution
> also outside of Debian :-D
>
> Comments below the quote...
>
> Quoting Sandro Mani (2016-07-05 09:24:31)
>> Package: licensecheck
>> Version: 3.0.1
>>
>> The following issue was raised during review of the Fedora package [1]:
>>
>>       These source files are without license headers:
>>       App-Licensecheck-v3.0.1/bin/licensecheck
>>       App-Licensecheck-v3.0.1/lib/App/Licensecheck.pm
>>       Please, ask to upstream to confirm the
>>       licensing of code and/or content/s, and ask to add license headers
>>       https://fedoraproject.org/wiki/Packaging:LicensingGuidelines?rd=Packaging/LicensingGuidelines#License_Clarification
>>
>>
>> COPYRIGHT states clearly that bin/licensecheck and lib/App/Licensecheck.pm are GPL-3.0, but it would not harm to add license headers also?
>>
>> [1] https://bugzilla.redhat.com/show_bug.cgi?id=1352667#c5
> The issue you raise here puzzles me, however: What licensing information
> more specifically do you (or others in Fedora) believe is missing from
> those three files?
>
> Is it perhaps that you/they feel that licensing statements in a _header_
> comment are somehow superior to statements embedded in POD (commonly
> placed near the bottom for Perl modules)?
>
> NB! Please beware that license scanners - both licensecheck and (it
> seems, but I am only guessing) rpmlint - can be only advisory, and if in
> doubt you should read the actual code yourself.
>
>
> Regards,
>
>   - Jonas
>

More information about the pkg-perl-maintainers mailing list