On Fri, May 08, 2020 at 03:41:36AM +0530, Purusharth Saxena wrote: The copying.md file includes this: "This program library is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation; either version 3 of the License, or (at your option) any later version." The '+' on the GPLv3+ means "GPL version 3 or any later version. It's also a good idea to check for license text in individual files in the project. For GPL projects, I like to do this: find . -type f | xargs grep "General Public" Which does a more or less ok job of finding files with what is probably a GPL boilerplate. That gives me 39 files. Now, that's all files including non-source. But in this case I am looking for any file that would indicate something other than GPLv3+ Further refining: find . -type f | xargs grep "General Public" | \ cut -d ':' -f 1 | sort | uniq Gives me 10 files. I can do this: find . -type f | xargs grep "General Public" | \ cut -d ':' -f 1 | sort | uniq \ xargs grep -i "any later version" And see it matches 6 files. So 4 of those original files found lack the same kind of boilerplate. Running the previous command and comparing it to what was found, I see the sounds files in v1/ and v2/ were left out. Specifically: v1/tools/htmlfind.c.bak v2/libtpcabss/temp/algtimes.c v2/libtpcabss/temp/blotimes.c v2/libtpcabss/temp/scanditronics.c Forget for a moment that there's a ".c.bak" file. That's odd to find in version control, but we'll look at it anyway. I am manually inspecting each of those files with less(1) and I find: v1/tools/htmlfind.c.bak: GPLv2+ v2/libtpcabss/temp/algtimes.c: GPLv2+ v2/libtpcabss/temp/blotimes.c: GPLv2+ v2/libtpcabss/temp/scanditronics.c: GPLv2+ So these files carry a GPL version 2.0 boilerplate. I am not sure if libtpcabss is built as a separate shared library or not. And I also don't know if all of the code it links in carries GPLv2+ boilerplates. My guess is no, but you should verify. Since the project is GPLv3+ and it incorporates GPLv2+ code in some capacity, that makes the entire work GPLv3+ from our distribution standpoint. Unless the GPLv2+ files are compiled and linked in to a standalone library with no other GPLv3+ files, then you can't say there is some GPLv2+ component in the project. I would say the License for this package is GPLv3+ NOTE: The package maintainer is responsible for understanding the licenses that apply to the source in the package. You should do an inspection of each source file to see if there are other non-GPL license headers and how those are compiled in to binary objects. The entire work looks to be a derived GPLv3+ work, but it may have some shared libraries that are GPLv2+ or BSD or MIT. Thanks, -- David Cantrell <dcantrell(a)redhat.com&gt; Red Hat, Inc. | Boston, MA | EST5EDT

On Fri, May 08, 2020 18:11:32 +0100, J. Randall Owens wrote: Thank you for both your replies. We know the breakdown of the licenses in the different files (`licensecheck` provides us with it, and is run as part of Fedora review). The query primarily is whether the licensing of the various individual files makes the "effective" license to be GPLv3+ or if it should be noted to be GPLv2+ and GPLv3+. https://fedoraproject.org/wiki/Licensing:FAQ?rd=Licensing/FAQ#What_is_.22... The licensecheck output from the review is also attached. -- Thanks, Regards, Ankur Sinha "FranciscoD" (He / Him / His) | https://fedoraproject.org/wiki/User:Ankursinha Time zone: Europe/London

On Fri, May 08, 2020 at 06:11:32PM +0100, J. Randall Owens wrote: I do actually know about those options. They've just never made it to my muscle memory. cut(1) is my hammer and stdin are nails. ¯\_(ツ)_/¯ In this case, my needlessly exhaustive and verbose command makes it clear to the reader what I'm doing where condensing it with options could be somewhat more confusing depending on the audience. (though cut is also cryptic to anyone who hasn't used it...oh well) Thanks, -- David Cantrell <dcantrell(a)redhat.com&gt; Red Hat, Inc. | Boston, MA | EST5EDT