-------- Přeposlaná zpráva -------- Předmět: SPDX Statistics - Easter edition Datum: Sun, 9 Apr 2023 11:34:20 +0200 Od: Miroslav Suchý msuchy@redhat.com Společnost: Red Hat Czech, s.r.o. Komu: Development discussions related to Fedora devel@lists.fedoraproject.org
Two weeks ago we had:
22882 spec files in Fedora
29366license tags in all spec files
19784 tags have not been converted to SPDX yet(huray, we are under 20k)
7912tags can be trivially converted using `license-fedora2spdx`
Today we have:
* 22918 spec files in Fedora
* 29406license tags in all spec files
* 19348 tags have not been converted to SPDX yet
* 7521tags can be trivially converted using `license-fedora2spdx`
* Progress: 34% ░░░███████ 100%
ELN subset:
* 2159 out of 4688 packages has been converted
The list of packages needed to be converted is again here:
https://pagure.io/copr/license-validate/blob/main/f/packages-without-spdx-fi...
List by package maintainers is here
https://pagure.io/copr/license-validate/blob/main/f/packages-without-spdx-fi...
New version of fedora-license-data and license-validate has been released.
Legal docs and especially
https://docs.fedoraproject.org/en-US/legal/allowed-licenses/
was updated too.
I updated the progress in this spreadsheet:
https://docs.google.com/spreadsheets/d/1QVMEzXWML-6_Mrlln02axFAaRKCQ8zE807rp...
You converted about 500 license tags in 14 days.
New projection when we will be finished is 2024-06-05. Pure linear approximation.
If your package does not have neither git-log entry nor spec-changelog entry mentioning SPDX and you know your license tag matches SPDX formula, you can put your package on ignore list
https://pagure.io/copr/license-validate/blob/main/f/ignore-packages.txt
Either pull-request or email to me is fine. I already put there some packages that has been reported in past.
Tip of the day:
There is great tool to audit a package - FOSSology. And Oregon State University runs a free instance https://fossology.osuosl.org/repo/ (login: fossy, password: fossy).
It is maintained for free, but every night the content is wiped away.
Why Easter? Well, because we have Easter now :) But I will add one fun fact. Here in Czechia we have folk custom consisting in whipping women by men using a rod or braided wicker also called pomlázka, performed on Easter Monday.
https://www.youtube.com/watch?v=l9vDVuiQcWM
Do you hesitate how to proceed with the migration? Please follow
https://docs.fedoraproject.org/en-US/legal/update-existing-packages/
or attend SPDX office hours (see different thread in this mailing list)
Miroslav
I have a question. FlexiBLAS is GPLv3 with the "Linking over a controlled interface" exception [1], but I don't see how to specify this.
[1] https://fedoraproject.org/wiki/Changes/FlexiBLAS_as_BLAS/LAPACK_manager#Lice...
On Sun, 9 Apr 2023 at 11:34, Miroslav Suchý msuchy@redhat.com wrote:
-------- Přeposlaná zpráva -------- Předmět: SPDX Statistics - Easter edition Datum: Sun, 9 Apr 2023 11:34:20 +0200 Od: Miroslav Suchý msuchy@redhat.com Společnost: Red Hat Czech, s.r.o. Komu: Development discussions related to Fedora devel@lists.fedoraproject.org
Two weeks ago we had:
22882 spec files in Fedora
29366 license tags in all spec files
19784 tags have not been converted to SPDX yet (huray, we are under 20k)
7912 tags can be trivially converted using `license-fedora2spdx`
Today we have:
22918 spec files in Fedora
29406 license tags in all spec files
19348 tags have not been converted to SPDX yet
7521 tags can be trivially converted using `license-fedora2spdx`
Progress: 34% ░░░███████ 100%
ELN subset:
- 2159 out of 4688 packages has been converted
The list of packages needed to be converted is again here:
https://pagure.io/copr/license-validate/blob/main/f/packages-without-spdx-final.txtList by package maintainers is here
https://pagure.io/copr/license-validate/blob/main/f/packages-without-spdx-fi...
New version of fedora-license-data and license-validate has been released.
Legal docs and especially
https://docs.fedoraproject.org/en-US/legal/allowed-licenses/
was updated too.
I updated the progress in this spreadsheet:
https://docs.google.com/spreadsheets/d/1QVMEzXWML-6_Mrlln02axFAaRKCQ8zE807rp...
You converted about 500 license tags in 14 days.
New projection when we will be finished is 2024-06-05. Pure linear approximation.
If your package does not have neither git-log entry nor spec-changelog entry mentioning SPDX and you know your license tag matches SPDX formula, you can put your package on ignore list
https://pagure.io/copr/license-validate/blob/main/f/ignore-packages.txt
Either pull-request or email to me is fine. I already put there some packages that has been reported in past.
Tip of the day:
There is great tool to audit a package - FOSSology. And Oregon State University runs a free instance https://fossology.osuosl.org/repo/ (login: fossy, password: fossy).
It is maintained for free, but every night the content is wiped away.
Why Easter? Well, because we have Easter now :) But I will add one fun fact. Here in Czechia we have folk custom consisting in whipping women by men using a rod or braided wicker also called pomlázka, performed on Easter Monday.
https://www.youtube.com/watch?v=l9vDVuiQcWM
Do you hesitate how to proceed with the migration? Please follow
https://docs.fedoraproject.org/en-US/legal/update-existing-packages/
or attend SPDX office hours (see different thread in this mailing list)
Miroslav
legal mailing list -- legal@lists.fedoraproject.org To unsubscribe send an email to legal-leave@lists.fedoraproject.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/legal@lists.fedoraproject.org Do not reply to spam, report it: https://pagure.io/fedora-infrastructure/new_issue
On Sun, Apr 9, 2023 at 5:11 PM Iñaki Ucar iucar@fedoraproject.org wrote:
I have a question. FlexiBLAS is GPLv3 with the "Linking over a controlled interface" exception [1], but I don't see how to specify this.
[1] https://fedoraproject.org/wiki/Changes/FlexiBLAS_as_BLAS/LAPACK_manager#Lice...
Please submit an issue at https://gitlab.com/fedora/legal/fedora-license-data/-/issues For more information, see: https://docs.fedoraproject.org/en-US/legal/license-review-process/
Richard
Dne 10. 04. 23 v 0:24 Richard Fontana napsal(a):
I have a question. FlexiBLAS is GPLv3 with the "Linking over a controlled interface" exception [1], but I don't see how to specify this.
[1]https://fedoraproject.org/wiki/Changes/FlexiBLAS_as_BLAS/LAPACK_manager#Lice...
Please submit an issue at https://gitlab.com/fedora/legal/fedora-license-data/-/issues For more information, see: https://docs.fedoraproject.org/en-US/legal/license-review-process/
I see that Inaki already submitted the issue and have his issue in progress, so I this will be for others - here is example of such process:
I had similar issue where `datovka` uses `|GPLv3+ with exceptions` and I cannot find the exception in SPDX list. So I opened|
|https://gitlab.com/fedora/legal/fedora-license-data/-/issues/126%7C
|after short discussion whether it is similar to something existing, Jilayne and Richard suggested that this is indeed something new and I opened |
|https://github.com/spdx/license-list-XML/issues/1912%7C
|Once the SPDX will create indicator for this, I will open MR and create the file in|
|https://gitlab.com/fedora/legal/fedora-license-data/-/tree/main/data%7C
|using this template|
|https://gitlab.com/fedora/legal/fedora-license-data/-/blob/main/TEMPLATE.tom... |
|and when merged, I can use this SPDX identifier in Fedora's package.|
|Miroslav |
On 4/9/23 10:43 PM, Miroslav Suchý wrote:
Dne 10. 04. 23 v 0:24 Richard Fontana napsal(a):
I have a question. FlexiBLAS is GPLv3 with the "Linking over a controlled interface" exception [1], but I don't see how to specify this.
[1]https://fedoraproject.org/wiki/Changes/FlexiBLAS_as_BLAS/LAPACK_manager#Lice...
Please submit an issue at https://gitlab.com/fedora/legal/fedora-license-data/-/issues For more information, see: https://docs.fedoraproject.org/en-US/legal/license-review-process/
I see that Inaki already submitted the issue and have his issue in progress, so I this will be for others - here is example of such process:
adding one step here :)
I had similar issue where `datovka` uses `|GPLv3+ with exceptions` and I cannot find the exception in SPDX list. So I opened|
|https://gitlab.com/fedora/legal/fedora-license-data/-/issues/126%7C
|after short discussion whether it is similar to something existing, Jilayne and Richard suggested that this is indeed something new and I opened |
|https://github.com/spdx/license-list-XML/issues/1912%7C
|Once the SPDX will create indicator for this, |
|(this should be by way of a decision as to inclusion of the exception to the SPDX License List and a pull request made to add it to the SPDX License List - the PR can by made by the submitter (in this case Miroslav) or wait for someone from SPDX-legal to do it :)|
|I will open MR and create the file in|
|https://gitlab.com/fedora/legal/fedora-license-data/-/tree/main/data%7C
|using this template|
|https://gitlab.com/fedora/legal/fedora-license-data/-/blob/main/TEMPLATE.tom...
|
|and when merged, I can use this SPDX identifier in Fedora's package.|
|Miroslav |
legal mailing list --legal@lists.fedoraproject.org To unsubscribe send an email tolegal-leave@lists.fedoraproject.org Fedora Code of Conduct:https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines:https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives:https://lists.fedoraproject.org/archives/list/legal@lists.fedoraproject.org Do not reply to spam, report it:https://pagure.io/fedora-infrastructure/new_issue