Hi,
I think I had read somehwere, or we just discussed it (?), that for tarballs carrying potential patent infringing bits it is not enough to build/package the other parts, but that also the src.rpm needs to be kept clean.
E.g. the upstream tarball needs to be unpacked, the patent encumbered bits removed/patched out and the result repackaged into a new tarball (for example into foo-1.2-patentfree.tar.gz)
Am I remembering correctly? Do we have something like a procedure in the wiki on creating these modified tarballs and commenting the specfile approriately (I couldn't find anything when searching for "patents", but there were perhaps too many hits ...).
If not shouldn't we come up with one? The procedure needs to be documented and be reproducable for reviewers to be able to confirm that the tarball "matches" upstream indeed, since they won't have any nice md5sum method to compare.
On Thu, Dec 28, 2006 at 06:15:37PM +0100, Axel Thimm wrote:
Hi,
I think I had read somehwere, or we just discussed it (?), that for tarballs carrying potential patent infringing bits it is not enough to build/package the other parts, but that also the src.rpm needs to be kept clean.
Indeed, and it is similar for packages with non-free parts, or parts with conflicting licenses.
Am I remembering correctly? Do we have something like a procedure in the wiki on creating these modified tarballs and commenting the specfile approriately (I couldn't find anything when searching for "patents", but there were perhaps too many hits ...).
If not shouldn't we come up with one? The procedure needs to be documented and be reproducable for reviewers to be able to confirm that the tarball "matches" upstream indeed, since they won't have any nice md5sum method to compare.
What I do is that I provide a script in SourceXX, which can be used to unpack, remove the offending files and repack. Then a reviewer may do a diff to verify that the remaining files are the same.
If the patented code is mixed with non-patented code, it becomes harder, maybe you can then make a diff and post it somewhere where patents are not problematic and point to that diff in the bugzilla ticket. I don't know if it is legal to put the url of the diff in a comment in the spec file. Even in the bugzilla ticket I don't know.
You can have a look at the cernlib and grads packages for examples.
Maybe this could be more formally stated.
-- Pat
packaging@lists.fedoraproject.org