On Wed, Aug 31, 2022 at 7:48 AM Miro Hrončok <mhroncok(a)redhat.com> wrote:
On 31. 08. 22 13:39, Neal Gompa wrote:
> On Wed, Aug 31, 2022 at 5:50 AM Miro Hrončok <mhroncok(a)redhat.com> wrote:
>>
>> Hello license folks.
>>
>> I see that Fedora's rpmlint is yet to be taught to understand SPDX:
>>
>> python3-lxml.x86_64: W: invalid-license BSD-3-Clause
>> python3-lxml.x86_64: W: invalid-license MIT-CMU
>>
>> Is this support tracked somewhere? I know openSUSE already uses SPDX, so
>> rpmlint probably knows how to read that. Right?
>>
>
> rpmlint only knows what licenses we tell it, and the Fedora rpmlint
> policy has not been updated yet because we want the
> fedora-license-data package to produce the necessary TOML file that
> rpmlint will source rather than me maintaining another copy of this.
>
> rpmlint will handle both Fedora style and SPDX license tags once we
> have that data file in place.
Great. Is this the file?
https://src.fedoraproject.org/rpms/rpmlint/blob/rawhide/f/licenses.toml
What's needed? Move this file to licenses-legacy.toml and install licenses.toml
from fedora-license-data? I can do that.
Ideally, both files would come from there instead, since they will
maintain the list of allowed licenses there.
I filed an issue for it:
https://gitlab.com/fedora/legal/fedora-license-data/-/issues/65
--
Neal Gompa (FAS: ngompa)