Discussion:
Packages licenses
Xose Vazquez Perez
2003-11-07 15:47:13 UTC
Permalink
hi,

I have extracted the 'License' tag of all RH9 packages, sorry FC1 is not here yet.
And I see a chaotic style, duplicates... A clearer policy and style should be used
in Fedora.

idea?
Maybe, rpmbuild should check 'License' against a list of OSI compatible licenses,
otherwise a -nocl (--noOSIcompatiblelicense) flag should be used to build it.

--cut--
3DFX GLIDE Source Code General Public License
Apacheish
Apache Software License
Arphic Public License (GPL-like)
Artistic
BSD
BSD/GPL
BSDish
BSD-like
BSD-like and LGPL
BSD-style
Copyright © 1999-2002 Red Hat, Inc. All rights reserved.
Copyright © 2002 Red Hat, Inc. All rights reserved.
distributable
Distributable
Distributable (BSD-like)
Distributable under Licenses
eGenix.com Public License (Python)
FDL
Free
freely distributable
Freely distributable
Freely Distributable
Freely redistributable
Freely Redistributable
Free, no warranties.
freeware
Freeware
GNU General Public License
GNU GPL
GNU GPL Version 2
GPL
GPL2
GPL and Artistic
GPL/BSD
GPL/distributable
GPL, LGPL
GPL/LGPL
GPL/LGPL/GFDL
GPL/MIT
GPL / new BSD License / other
GPL (not Firmware)
GPL or artistic
GPL or Artistic
GPL or BSD
GPL (programs), relaxed LGPL (libraries), and public domain (docs)
GPL/QPL
GPL, URW holds copyright
GPL/XFree86
IBM Public License
LaTeX Project Public License (http://www.latex-project.org/lppl.txt)
LGPL
LGPL and GPL
LGPL/GPL
MIT
MIT, freely distributable.
MPL
OMRON Corporation, OMRON Software Co., Ltd.
Open Group Public License
OpenLDAP
OSI certified
PSF - see LICENSE
public domain
Public domain
Public Domain
Redistributable
Special (see Copyright Notice)
The PHP License
University of Washington Free-Fork License
W3C IPR
W3C (see: http://www.w3.org/Consortium/Legal/copyright-software.html)
XFree86
X-like
--this-is-the-end--

--
HTML mails are going to trash automagically
Tim Waugh
2003-11-07 16:10:32 UTC
Permalink
Post by Xose Vazquez Perez
And I see a chaotic style, duplicates... A clearer policy and style should be used
in Fedora.
The trouble is that a license can't always be described in a couple of
words. Sometimes you really do need to read through COPYING to know
what kind of license it is.

Tim.
*/
Elliot Lee
2003-11-07 16:20:34 UTC
Permalink
Post by Xose Vazquez Perez
I have extracted the 'License' tag of all RH9 packages, sorry FC1 is not
here yet. And I see a chaotic style, duplicates... A clearer policy and
style should be used in Fedora.
idea? Maybe, rpmbuild should check 'License' against a list of OSI
compatible licenses, otherwise a -nocl (--noOSIcompatiblelicense) flag
should be used to build it.
Having a flag like that is not likely, because some of the licenses may be
fine but not formally OSI-approved, and because the system used to build
the packages doesn't allow passing options such as -nocl.

You're right that there are many duplicates that could use fixing. Once it
is decided which license strings need to change, you can file patches in
bugzilla for all the ones that obviously need changing (e.g. s/Freely
distributable/Freely redistributable/i).

-- Elliot
Xose Vazquez Perez
2003-11-07 16:50:13 UTC
Permalink
Post by Elliot Lee
Having a flag like that is not likely, because some of the licenses may be
fine but not formally OSI-approved, and because the system used to build
the packages doesn't allow passing options such as -nocl.
You're right that there are many duplicates that could use fixing. Once it
is decided which license strings need to change, you can file patches in
bugzilla for all the ones that obviously need changing (e.g. s/Freely
distributable/Freely redistributable/i).
the worse is that there are packages with *wrong* 'License' tag: ex. db4

querida:~ $ rpm -q --qf '%{name}\t%{license}\n' db4
db4 GPL

/usr/share/doc/db4-4.0.14/LICENSE shows that it's BSD-alike

_All package maintainers_ *should check* 'License' tag!!
--
HTML mails are going to trash automagically
Owen Taylor
2003-11-07 17:16:58 UTC
Permalink
Post by Xose Vazquez Perez
Post by Elliot Lee
Having a flag like that is not likely, because some of the licenses may be
fine but not formally OSI-approved, and because the system used to build
the packages doesn't allow passing options such as -nocl.
You're right that there are many duplicates that could use fixing. Once it
is decided which license strings need to change, you can file patches in
bugzilla for all the ones that obviously need changing (e.g. s/Freely
distributable/Freely redistributable/i).
the worse is that there are packages with *wrong* 'License' tag: ex. db4
querida:~ $ rpm -q --qf '%{name}\t%{license}\n' db4
db4 GPL
/usr/share/doc/db4-4.0.14/LICENSE shows that it's BSD-alike
_All package maintainers_ *should check* 'License' tag!!
Read that carefully. It's very much not BSD-like. It's not the GPL
either, however, though it could roughly be described as GPL-like
in general intent.

Regards,
Owen
Mike A. Harris
2003-11-07 20:12:18 UTC
Permalink
Post by Owen Taylor
Post by Xose Vazquez Perez
Post by Elliot Lee
You're right that there are many duplicates that could use fixing. Once it
is decided which license strings need to change, you can file patches in
bugzilla for all the ones that obviously need changing (e.g. s/Freely
distributable/Freely redistributable/i).
the worse is that there are packages with *wrong* 'License' tag: ex. db4
querida:~ $ rpm -q --qf '%{name}\t%{license}\n' db4
db4 GPL
/usr/share/doc/db4-4.0.14/LICENSE shows that it's BSD-alike
_All package maintainers_ *should check* 'License' tag!!
Read that carefully. It's very much not BSD-like. It's not the GPL
either, however, though it could roughly be described as GPL-like
in general intent.
Personally I wouldn't call a license GPL-like in an official
sense. It opens the door for people to be mislead that a license
is GPL compatible when it might not be. If a license does not
have a specific name given to it, then I make one up based on the
package name. So for this case, if the LICENSE file doesn't say
"foo LICENSE", I would say this package's license is:

License: db4 license

That tells people clearly this is a special license that is
different from other licenses, and they need to read the license
for themselves in order to know what the terms are. It makes it
less likely people will make false legal assumptions and misuse
the code against the author's wishes. Of course, the rpm license
header is just a summary line, and isn't authoritative, so people
should always check the author's own written license text,
however I think the rpm license tag should convey the license
type as close as possible in as few words as possible, or else
give vague term like "db4 license" which inspires the reader to
find the license inside the package and read it to determine what
"db4 license" really means.

HTH
--
Mike A. Harris ftp://people.redhat.com/mharris
OS Systems Engineer - XFree86 maintainer - Red Hat
Mike A. Harris
2003-11-07 20:07:30 UTC
Permalink
Post by Xose Vazquez Perez
Post by Elliot Lee
Having a flag like that is not likely, because some of the licenses may be
fine but not formally OSI-approved, and because the system used to build
the packages doesn't allow passing options such as -nocl.
You're right that there are many duplicates that could use fixing. Once it
is decided which license strings need to change, you can file patches in
bugzilla for all the ones that obviously need changing (e.g. s/Freely
distributable/Freely redistributable/i).
the worse is that there are packages with *wrong* 'License' tag: ex. db4
querida:~ $ rpm -q --qf '%{name}\t%{license}\n' db4
db4 GPL
/usr/share/doc/db4-4.0.14/LICENSE shows that it's BSD-alike
_All package maintainers_ *should check* 'License' tag!!
I agree completely, however mistakes happen, and it's something
that can't be avoided. It's a bug just like any other bug, so
file a bug report.
--
Mike A. Harris ftp://people.redhat.com/mharris
OS Systems Engineer - XFree86 maintainer - Red Hat
Mike A. Harris
2003-11-07 20:04:25 UTC
Permalink
Post by Elliot Lee
Post by Xose Vazquez Perez
I have extracted the 'License' tag of all RH9 packages, sorry FC1 is not
here yet. And I see a chaotic style, duplicates... A clearer policy and
style should be used in Fedora.
idea? Maybe, rpmbuild should check 'License' against a list of OSI
compatible licenses, otherwise a -nocl (--noOSIcompatiblelicense) flag
should be used to build it.
Having a flag like that is not likely, because some of the licenses may be
fine but not formally OSI-approved, and because the system used to build
the packages doesn't allow passing options such as -nocl.
You're right that there are many duplicates that could use fixing. Once it
is decided which license strings need to change, you can file patches in
bugzilla for all the ones that obviously need changing (e.g. s/Freely
distributable/Freely redistributable/i).
I completely agree, however before people submit patches, or
suggest changes, I think we really do need to make an official
rubber stamped list of specific license names. The list should
NOT be considered a complete list of all licenses, but rather, it
should be considered the official way to word the licenses that
are contained in the list. For example, the GPL license should
be stated consistently as either "GPL" everywhere, or as "GNU
GPL" or whatever is decided. 2 more would probably be "BSD" and
"BSD with advertising clause", "MIT", etc... In other words for
each license which is rather well known or at least common, we
should standardize the names, and put them on an official list of
proper spelling for those licenses up on the Fedora site.

While this may be considered a very negligible and trivial thing
to many people, and it more or less is really, if we want to
clean something like this up, then it needs to be standardized
and have an official stamp of approval put on it by being on the
Fedora website, so that people can be pointed to it. That also
avoids different people from doing it their own way just to be
different, using the argument "there is no standard, who cares".
--
Mike A. Harris ftp://people.redhat.com/mharris
OS Systems Engineer - XFree86 maintainer - Red Hat
Xose Vazquez Perez
2003-11-07 22:55:04 UTC
Permalink
Post by Mike A. Harris
I completely agree, however before people submit patches, or
suggest changes, I think we really do need to make an official
rubber stamped list of specific license names. The list should
Maybe there is more... but rpmlint- a tool to check common errors
on RPM packages -( http://people.mandrakesoft.com/~flepied/projects/rpmlint/ )
has a basic set of them.

--cut--
# liste grabbed from www.opensource.org/licenses

DEFAULT_VALID_LICENSES = (
'GPL',
'LGPL',
'GFDL',
'OPL',
'Artistic',
'BSD',
'MIT',
'QPL',
'MPL',
'IBM Public License',
'Apache License',
'PHP License',
'Public Domain',
'Modified CNRI Open Source License',
'zlib License',
'CVW License',
'Ricoh Source Code Public License',
'Python license',
'Vovida Software License',
'Sun Internet Standards Source License',
'Intel Open Source License',
'Jabber Open Source License',
'Nokia Open Source License',
'Sleepycat License',
'Nethack General Public License',
'Common Public License',
'Apple Public Source License',
'X.Net License',
'Sun Public License',
'Eiffel Forum License',
'W3C License',
'Zope Public License',
# non open source licences:
'Proprietary',
'Freeware',
'Shareware',
'Charityware'
)
--end--

note: rpmlint is a python tool ;-)

--
HTML mails are going to trash automagically

Paul Nasrat
2003-11-07 16:30:23 UTC
Permalink
Post by Xose Vazquez Perez
Maybe, rpmbuild should check 'License' against a list of OSI
compatible licenses,
There are rpmlint modules for License IIRC.

Paul
Loading...