4:34 a.m.
-------- Přeposlaná zpráva --------
Předmět: SPDX Statistics - Easter edition
Datum: Sun, 9 Apr 2023 11:34:20 +0200
Od: Miroslav Suchý <msuchy(a)redhat.com>
Společnost: Red Hat Czech, s.r.o.
Komu: Development discussions related to Fedora <devel(a)lists.fedoraproject.org>
Two weeks ago we had:
* 22882 spec files in Fedora
* 29366license tags in all spec files
* 19784 tags have not been converted to SPDX yet(huray, we are under 20k)
* 7912tags can be trivially converted using `license-fedora2spdx`
Today we have:
* 22918 spec files in Fedora
* 29406license tags in all spec files
* 19348 tags have not been converted to SPDX yet
* 7521tags can be trivially converted using `license-fedora2spdx`
* Progress: 34% ░░░███████ 100%
ELN subset:
* 2159 out of 4688 packages has been converted
The list of packages needed to be converted is again here:
https://pagure.io/copr/license-validate/blob/main/f/packages-without-spdx...
List by package maintainers is here
https://pagure.io/copr/license-validate/blob/main/f/packages-without-spdx...
New version of fedora-license-data and license-validate has been released.
Legal docs and especially
https://docs.fedoraproject.org/en-US/legal/allowed-licenses/
was updated too.
I updated the progress in this spreadsheet:
https://docs.google.com/spreadsheets/d/1QVMEzXWML-6_Mrlln02axFAaRKCQ8zE80...
You converted about 500 license tags in 14 days.
New projection when we will be finished is 2024-06-05. Pure linear approximation.
If your package does not have neither git-log entry nor spec-changelog entry mentioning
SPDX and you know your license
tag matches SPDX formula, you can put your package on ignore list
https://pagure.io/copr/license-validate/blob/main/f/ignore-packages.txt
Either pull-request or email to me is fine. I already put there some packages that has
been reported in past.
Tip of the day:
There is great tool to audit a package - FOSSology. And Oregon State University runs a
free instance
https://fossology.osuosl.org/repo/ (login: fossy, password: fossy).
It is maintained for free, but every night the content is wiped away.
Why Easter? Well, because we have Easter now :) But I will add one fun fact. Here in
Czechia we have folk custom
consisting in whipping women by men using a rod or braided wicker also called pomlázka,
performed on Easter Monday.
https://www.youtube.com/watch?v=l9vDVuiQcWM
Do you hesitate how to proceed with the migration? Please follow
https://docs.fedoraproject.org/en-US/legal/update-existing-packages/
or attend SPDX office hours (see different thread in this mailing list)
Miroslav
4:10 p.m.
I have a question. FlexiBLAS is GPLv3 with the "Linking over a
controlled interface" exception [1], but I don't see how to specify
this.
[1] https://fedoraproject.org/wiki/Changes/FlexiBLAS_as_BLAS/LAPACK_manager#L...
On Sun, 9 Apr 2023 at 11:34, Miroslav Suchý <msuchy(a)redhat.com> wrote:
-------- Přeposlaná zpráva --------
Předmět: SPDX Statistics - Easter edition
Datum: Sun, 9 Apr 2023 11:34:20 +0200
Od: Miroslav Suchý <msuchy(a)redhat.com>
Společnost: Red Hat Czech, s.r.o.
Komu: Development discussions related to Fedora <devel(a)lists.fedoraproject.org>
Two weeks ago we had:
* 22882 spec files in Fedora
* 29366 license tags in all spec files
* 19784 tags have not been converted to SPDX yet (huray, we are under 20k)
* 7912 tags can be trivially converted using `license-fedora2spdx`
Today we have:
* 22918 spec files in Fedora
* 29406 license tags in all spec files
* 19348 tags have not been converted to SPDX yet
* 7521 tags can be trivially converted using `license-fedora2spdx`
* Progress: 34% ░░░███████ 100%
ELN subset:
* 2159 out of 4688 packages has been converted
The list of packages needed to be converted is again here:
https://pagure.io/copr/license-validate/blob/main/f/packages-without-spdx...
List by package maintainers is here
https://pagure.io/copr/license-validate/blob/main/f/packages-without-spdx...
New version of fedora-license-data and license-validate has been released.
Legal docs and especially
https://docs.fedoraproject.org/en-US/legal/allowed-licenses/
was updated too.
I updated the progress in this spreadsheet:
https://docs.google.com/spreadsheets/d/1QVMEzXWML-6_Mrlln02axFAaRKCQ8zE80...
You converted about 500 license tags in 14 days.
New projection when we will be finished is 2024-06-05. Pure linear approximation.
If your package does not have neither git-log entry nor spec-changelog entry mentioning
SPDX and you know your license tag matches SPDX formula, you can put your package on
ignore list
https://pagure.io/copr/license-validate/blob/main/f/ignore-packages.txt
Either pull-request or email to me is fine. I already put there some packages that has
been reported in past.
Tip of the day:
There is great tool to audit a package - FOSSology. And Oregon State University runs a
free instance https://fossology.osuosl.org/repo/ (login: fossy, password: fossy).
It is maintained for free, but every night the content is wiped away.
Why Easter? Well, because we have Easter now :) But I will add one fun fact. Here in
Czechia we have folk custom consisting in whipping women by men using a rod or braided
wicker also called pomlázka, performed on Easter Monday.
https://www.youtube.com/watch?v=l9vDVuiQcWM
Do you hesitate how to proceed with the migration? Please follow
https://docs.fedoraproject.org/en-US/legal/update-existing-packages/
or attend SPDX office hours (see different thread in this mailing list)
Miroslav
_______________________________________________
legal mailing list -- legal(a)lists.fedoraproject.org
To unsubscribe send an email to legal-leave(a)lists.fedoraproject.org
Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives:
https://lists.fedoraproject.org/archives/list/legal@lists.fedoraproject.org
Do not reply to spam, report it: https://pagure.io/fedora-infrastructure/new_issue
--
Iñaki Úcar
5:24 p.m.
On Sun, Apr 9, 2023 at 5:11 PM Iñaki Ucar <iucar(a)fedoraproject.org> wrote:
I have a question. FlexiBLAS is GPLv3 with the "Linking over a
controlled interface" exception [1], but I don't see how to specify
this.
[1] https://fedoraproject.org/wiki/Changes/FlexiBLAS_as_BLAS/LAPACK_manager#L...
Please submit an issue at
https://gitlab.com/fedora/legal/fedora-license-data/-/issues
For more information, see:
https://docs.fedoraproject.org/en-US/legal/license-review-process/
Richard
11:43 p.m.
Dne 10. 04. 23 v 0:24 Richard Fontana napsal(a):
> I have a question. FlexiBLAS is GPLv3 with the "Linking over
a
> controlled interface" exception [1], but I don't see how to specify
> this.
>
> [1]https://fedoraproject.org/wiki/Changes/FlexiBLAS_as_BLAS/LAPACK_manager...
Please submit an issue at
https://gitlab.com/fedora/legal/fedora-license-data/-/issues
For more information, see:
https://docs.fedoraproject.org/en-US/legal/license-review-process/
I see that Inaki already submitted the issue and have his issue in progress, so I this
will be for others - here is
example of such process:
I had similar issue where `datovka` uses `|GPLv3+ with exceptions` and I cannot find the
exception in SPDX list. So I
opened|
|https://gitlab.com/fedora/legal/fedora-license-data/-/issues/126|
|after short discussion whether it is similar to something existing, Jilayne and Richard
suggested that this is indeed
something new and I opened
|
|https://github.com/spdx/license-list-XML/issues/1912|
|Once the SPDX will create indicator for this, I will open MR and create the file in|
|https://gitlab.com/fedora/legal/fedora-license-data/-/tree/main/data|
|using this template|
|https://gitlab.com/fedora/legal/fedora-license-data/-/blob/main/TEMPLATE.toml
|
|and when merged, I can use this SPDX identifier in Fedora's package.|
|Miroslav
|
10:39 a.m.
On 4/9/23 10:43 PM, Miroslav Suchý wrote:
Dne 10. 04. 23 v 0:24 Richard Fontana napsal(a):
>> I have a question. FlexiBLAS is GPLv3 with the "Linking over a
>> controlled interface" exception [1], but I don't see how to specify
>> this.
>>
>>
[1]https://fedoraproject.org/wiki/Changes/FlexiBLAS_as_BLAS/LAPACK_manager...
> Please submit an issue at
> https://gitlab.com/fedora/legal/fedora-license-data/-/issues
> For more information, see:
> https://docs.fedoraproject.org/en-US/legal/license-review-process/
I see that Inaki already submitted the issue and have his issue in
progress, so I this will be for others - here is example of such process:
adding one step here :)
I had similar issue where `datovka` uses `|GPLv3+ with exceptions` and
I cannot find the exception in SPDX list. So I opened|
|https://gitlab.com/fedora/legal/fedora-license-data/-/issues/126|
|after short discussion whether it is similar to something existing,
Jilayne and Richard suggested that this is indeed something new and I
opened
|
|https://github.com/spdx/license-list-XML/issues/1912|
|Once the SPDX will create indicator for this, |
|(this should be by way of a decision as to inclusion of the exception
to the SPDX License List and a pull request made to add it to the SPDX
License List - the PR can by made by the submitter (in this case
Miroslav) or wait for someone from SPDX-legal to do it :)|
|I will open MR and create the file in|
|https://gitlab.com/fedora/legal/fedora-license-data/-/tree/main/data|
|using this template|
|https://gitlab.com/fedora/legal/fedora-license-data/-/blob/main/TEMPLATE.toml
|
|and when merged, I can use this SPDX identifier in Fedora's package.|
|Miroslav
|
_______________________________________________
legal mailing list --legal(a)lists.fedoraproject.org
To unsubscribe send an email tolegal-leave(a)lists.fedoraproject.org
Fedora Code of Conduct:https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines:https://fedoraproject.org/wiki/Mailing_list_guidelines
List
Archives:https://lists.fedoraproject.org/archives/list/legal@lists.fedora...
Do not reply to spam, report it:https://pagure.io/fedora-infrastructure/new_issue
381
days inactive
382
days old
4 comments
4 participants
participants (4)
-
Iñaki Ucar -
Jilayne Lovejoy -
Miroslav Suchý -
Richard Fontana