Bug#829667: License headers
Sandro Mani
manisandro at gmail.com
Tue Jul 5 09:43:22 UTC 2016
Hi Jonathan
For reviews, we have a tool (fedora-review) which runs licensecheck
recursively in the source tree. Fedora-review then prints out the
detected licenses in the license headers of the files and the
reviewer/packager is asked to compare these licenses with the actual
license declared by the project resp. in the package metadata (i.e. the
spec file).
So I suppose that typically people expect that each source file contains
a license header (from my point of view this also makes sense if
individual files are reused outside of the project). But it is not a
review-blocking issue, our guidelines simply ask us to raise the issue
upstream.
Thanks
Sandro
On 05.07.2016 11:40, Jonas Smedegaard wrote:
> Hi Sandro,
>
> Thanks for the bugreport, and thanks a lot for packaging licensecheck
> for Fedora - moving it to CPAN was done *exactly* to ease redistribution
> also outside of Debian :-D
>
> Comments below the quote...
>
> Quoting Sandro Mani (2016-07-05 09:24:31)
>> Package: licensecheck
>> Version: 3.0.1
>>
>> The following issue was raised during review of the Fedora package [1]:
>>
>> These source files are without license headers:
>> App-Licensecheck-v3.0.1/bin/licensecheck
>> App-Licensecheck-v3.0.1/lib/App/Licensecheck.pm
>> Please, ask to upstream to confirm the
>> licensing of code and/or content/s, and ask to add license headers
>> https://fedoraproject.org/wiki/Packaging:LicensingGuidelines?rd=Packaging/LicensingGuidelines#License_Clarification
>>
>>
>> COPYRIGHT states clearly that bin/licensecheck and lib/App/Licensecheck.pm are GPL-3.0, but it would not harm to add license headers also?
>>
>> [1] https://bugzilla.redhat.com/show_bug.cgi?id=1352667#c5
> The issue you raise here puzzles me, however: What licensing information
> more specifically do you (or others in Fedora) believe is missing from
> those three files?
>
> Is it perhaps that you/they feel that licensing statements in a _header_
> comment are somehow superior to statements embedded in POD (commonly
> placed near the bottom for Perl modules)?
>
> NB! Please beware that license scanners - both licensecheck and (it
> seems, but I am only guessing) rpmlint - can be only advisory, and if in
> doubt you should read the actual code yourself.
>
>
> Regards,
>
> - Jonas
>
More information about the pkg-perl-maintainers
mailing list