Advanced
Mailing List Archive

Mailing List Archive

  1. Home >
  2. Gentoo>
  3. Dev
Duplicate licences
ciaranm at gentoo
Jan 20, 2006, 10:07 PM
Post #1 of 10 (248 views)
Permalink
The duplicate licences situation is getting rather silly... We don't
include each variation for licences that vary only by the copyright
holder (if we did, we'd need a zillion new GPL-2s and BSDs, but instead
they just use <placeholder>s), and we don't care about whitespace
variations.

Also note that if a program's licence consists only of a copyright line
with no licence, we can't legally distribute it. Also also note that
sticking licences in the tree that just say "see the BLAH file" is very
very stupid.

Here's an ugly hack of a script, which is very very buggy:

for a in !(CVS) ; do [[ -z "${a/*.pdf}" ]] && continue ; tr '\015' '\n' < ${a} | grep -vi 'copy\(right\|ing\)' | xargs -0 | tr -s '[[:space:]]' | tr '[[:space:]]' ' ' | sed -e 's/in no event shall \([a-zA-Z0-9]\+ \)\{1,5\}be//ig' -e 's/the name of \([a-zA-Z0-9]\+ \)\{1,5\}shall not//ig' -e 's/authorization from\( [a-zA-Z0-9]\+\)\{1,5\}\.//ig' -e 's/all rights reserved.//ig' -e 's/\. \([a-zA-Z0-9]\+ \)\{1,5\}makes no rep//gi' | tr -d '[[:space:]]' | md5sum | xargs -I, echo , ${a} || break ; done | sort -k1 | uniq --all-repeated=separate -w32 | cut -d- -f2- | tr -d ' ' | fmt -w999

Here's the output, which is far from perfect:

appres bdftopcf bitmap editres fslsfonts fstobdf oclock pclcomp
proxymngr rgb sessreg smproxy xbitmaps xclipboard xconsole xf86dga xfd
xfindproxy xfsinfo xkill xlogo xlsatoms xlsclients xlsfonts xmag
xmodmap xprop xproxymanagementprotocol xset xsm xstdcmap xwd xwininfo
xwud xkbprint xkbutils libXres xf86-input-magictouch xf86-input-palmax
xf86-video-apm xf86-video-dummy xf86-video-fbdev xf86-video-vmware
xvinfo font-adobe-100dpi font-adobe-75dpi

visual vpython

xf86-video-sunbw2 xf86-video-suncg14 xf86-video-suncg3
xf86-video-suncg6 xf86-video-sunleo xf86-video-suntcx
AMS fontcacheproto

xf86-input-joystick xf86-input-void xsetmode xsetpointer

libXxf86dga libXxf86misc

libXprintUtil printproto

font-micro-misc font-misc-misc

xf86-input-elo2300 xf86-input-microtouch

LICENSE-BITSTREAM font-bitstream-type1

fonttosfnt libXvMC libfontenc luit mkfontscale

kbproto libxkbui setxkbmap xdbedizzy

trapproto xtrap

font-bitstream-100dpi font-bitstream-75dpi

dmxproto libdmx

xf86-video-tdfx xf86driproto

libXprintAppUtil xphelloworld xplsprinters xprehashprinterlist

xf86-input-magellan xf86-input-spaceorb

beforelight libXScrnSaver libXpm listres viewres xbiff
xf86-video-rendition xf86-video-vesa xf86-video-vga
encodings font-alias gccmakedep mkfontdir xf86-video-v4l
xorg-sgml-doctools
resourceproto xf86bigfontproto xf86dgaproto xf86miscproto xf86rushproto

font-bh-100dpi font-bh-75dpi

bigreqsproto iceauth imake libSM libXau libXext lndir xauth xcmiscproto
xdpyinfo xinit xmore xsetroot
aczoom evieext libXevie

font-bh-lucidatypewriter-100dpi font-bh-lucidatypewriter-75dpi
font-daewoo-misc font-screen-cyrillic font-xfree86-type1 xorg-cf-files
xcalc xditview xev xeyes xfontsel xgc xload xman xmessage

xf86-input-elographics xf86-input-mutouch

font-bh-ttf font-bh-type1

font-adobe-utopia-100dpi font-adobe-utopia-75dpi font-adobe-utopia-type1

--
Ciaran McCreesh : Gentoo Developer (King of all Londinium)
Mail : ciaranm at gentoo.org
Web : http://dev.gentoo.org/~ciaranm

Attached Files:

Re: Duplicate licences [ In reply to ]
joshuabaergen at gentoo
Jan 21, 2006, 12:41 AM
Post #2 of 10 (241 views)
Permalink
Ciaran McCreesh wrote:
> The duplicate licences situation is getting rather silly... We don't
> include each variation for licences that vary only by the copyright
> holder (if we did, we'd need a zillion new GPL-2s and BSDs, but instead
> they just use <placeholder>s), and we don't care about whitespace
> variations.
>
> <snip>
>
>

I'll refer to the MIT license as the one in ${PORTDIR}/licenses,
although I'm sure it exists in roughly the same form under some other
names as well.

The reasons that this system was chosen were correctness and
maintainability. Many of these essentially use the good old MIT license
with various companies' and/or individuals' copyrights at the top, as
you have stated. However, the MIT license does refer to the copyrights
within the license script itself, and many of the licenses have been
slightly altered to include a company's name directly. I'm no lawyer,
but to me this means that the license does indeed include the
copyright. (Note that I'm not intricately familiar with other licenses
that often have copyrights associated, so I don't know if MIT is
unique). If this isn't correct, I'd be very happy to switch all the
packages that use various forms of the MIT license over to it instead
and you can blissfully ignore the next paragraph. However, I'd rather
be on the safe/correct side than save a few MB that have to be
downloaded once.

Now, that splinters the licenses a good amount already, and thus
maintenance becomes an issue. If one half of the licenses are unique,
and we only keep unique ones, packages start depending on other licenses
in a spaghetti-like fashion. We can't just go ahead and change any
given license since it will mess up other packages dependent on that
license. Like good programming practice, I would argue that less is not
necessarily better.

Although I'm happy to take suggestions, my warning is to think from the
maintainer's perspective while proposing. That doesn't mean I'll whine
and say go away, but rather that I'll expect you to provide some
reasonable thought about maintainability, and possibly, like above, some
data to help us out. To me, the argument first comes down to whether or
not my thoughts in the first paragraph are valid.

Joshua Baergen
--
gentoo-dev@gentoo.org mailing list
Re: Duplicate licences [ In reply to ]
ciaranm at gentoo
Jan 21, 2006, 1:08 AM
Post #3 of 10 (242 views)
Permalink
On Sat, 21 Jan 2006 00:41:06 -0700 Joshua Baergen
<joshuabaergen@gentoo.org> wrote:
| The reasons that this system was chosen were correctness and
| maintainability. Many of these essentially use the good old MIT
| license with various companies' and/or individuals' copyrights at the
| top, as you have stated. However, the MIT license does refer to the
| copyrights within the license script itself, and many of the licenses
| have been slightly altered to include a company's name directly. I'm
| no lawyer, but to me this means that the license does indeed include
| the copyright.

So you propose we go through and change every package in the tree that
uses BSD or MIT (or GPL with the copyright disclaimer)?

| Now, that splinters the licenses a good amount already, and thus
| maintenance becomes an issue. If one half of the licenses are
| unique, and we only keep unique ones, packages start depending on
| other licenses in a spaghetti-like fashion. We can't just go ahead
| and change any given license since it will mess up other packages
| dependent on that license. Like good programming practice, I would
| argue that less is not necessarily better.

Were that the case, we'd do as Debian do and distribute a licence with
every single package.

Every other package maintainer manages to get it right. That it's a bit
more work to do things properly is no excuse.

--
Ciaran McCreesh : Gentoo Developer (King of all Londinium)
Mail : ciaranm at gentoo.org
Web : http://dev.gentoo.org/~ciaranm

Attached Files:

Re: Duplicate licences [ In reply to ]
carlo at gentoo
Jan 21, 2006, 6:39 AM
Post #4 of 10 (241 views)
Permalink
On Saturday 21 January 2006 09:08, Ciaran McCreesh wrote:
> Were that the case, we'd do as Debian do and distribute a licence with
> every single package.

I bet there're more than a few ebuilds where this isn't the case. You can't
even blame anyone, since there's no proper licence section in the ebuild
howto or anywhere else in our documentation. And it is even worse: E.g. the
original ZLIB license file we've stored in the license directory names the
copyright holders of zlib, so basically we attribute every software with
LICENSE="ZLIB" in its ebuild to the authors of zlib.


Carsten
Re: Duplicate licences [ In reply to ]
joshuabaergen at gentoo
Jan 21, 2006, 9:53 AM
Post #5 of 10 (240 views)
Permalink
Ciaran McCreesh wrote:
> So you propose we go through and change every package in the tree that
> uses BSD or MIT (or GPL with the copyright disclaimer)?
>
>
I propose that we decide on the correct way of doing things first, then
decide a plan of action from that. And that includes an opinion from
someone who knows what they're talking about, whether it be legal advice
or a clarification to the point of the licenses directory.

As Carsten pointed out one e-mail down in the thread, there's no real
documentation about what licenses should be, so currently it's a "he
said-she said" issue.
> Every other package maintainer manages to get it right. That it's a bit
> more work to do things properly is no excuse.
>
>
You seem to contradict your above statement here. In any case, it's
less work to just make almost everything MIT.

Joshua Baergen
--
gentoo-dev@gentoo.org mailing list
Re: Duplicate licences [ In reply to ]
ciaranm at gentoo
Jan 21, 2006, 10:07 AM
Post #6 of 10 (245 views)
Permalink
On Sat, 21 Jan 2006 09:53:53 -0700 Joshua Baergen
<joshuabaergen@gentoo.org> wrote:
| Ciaran McCreesh wrote:
| > So you propose we go through and change every package in the tree
| > that uses BSD or MIT (or GPL with the copyright disclaimer)?
|
| I propose that we decide on the correct way of doing things first,
| then decide a plan of action from that. And that includes an opinion
| from someone who knows what they're talking about, whether it be
| legal advice or a clarification to the point of the licenses
| directory.

The correct way of doing things is to follow existing practice, even if
it hasn't been formally documented. We've had licences with
placeholders in the tree for over three years now.

| As Carsten pointed out one e-mail down in the thread, there's no real
| documentation about what licenses should be, so currently it's a "he
| said-she said" issue.

No, it's a "what have we been doing previously?" issue. Getting
licences right is one of those common knowledge things that you're
expected to know, documented or not.

--
Ciaran McCreesh : Gentoo Developer (King of all Londinium)
Mail : ciaranm at gentoo.org
Web : http://dev.gentoo.org/~ciaranm

Attached Files:

Re: Duplicate licences [ In reply to ]
joshuabaergen at gentoo
Jan 22, 2006, 2:59 PM
Post #7 of 10 (241 views)
Permalink
Joshua Baergen wrote:
> The reasons that this system was chosen were correctness and
> maintainability. Many of these essentially use the good old MIT
> license with various companies' and/or individuals' copyrights at the
> top, as you have stated. However, the MIT license does refer to the
> copyrights within the license script itself, and many of the licenses
> have been slightly altered to include a company's name directly. I'm
> no lawyer, but to me this means that the license does indeed include
> the copyright. (Note that I'm not intricately familiar with other
> licenses that often have copyrights associated, so I don't know if MIT
> is unique). If this isn't correct, I'd be very happy to switch all
> the packages that use various forms of the MIT license over to it
> instead and you can blissfully ignore the next paragraph. However,
> I'd rather be on the safe/correct side than save a few MB that have to
> be downloaded once.
>
> <snip>
>
> Joshua Baergen
I'd still like clarification on this. I fully realize that we've been
using generalized placeholders for a long time, but that doesn't really
matter in the end if it's not legal.
--
gentoo-dev@gentoo.org mailing list
Re: Duplicate licences [ In reply to ]
cech at upc
Jan 22, 2006, 5:00 PM
Post #8 of 10 (239 views)
Permalink
On Sun, Jan 22, 2006 at 02:59:39PM -0700, Joshua Baergen wrote:
> Joshua Baergen wrote:
> >The reasons that this system was chosen were correctness and
> >maintainability. Many of these essentially use the good old MIT
> >license with various companies' and/or individuals' copyrights at the
> >top, as you have stated. However, the MIT license does refer to the
> >copyrights within the license script itself, and many of the licenses
> >have been slightly altered to include a company's name directly. I'm
> >no lawyer, but to me this means that the license does indeed include
> >the copyright. (Note that I'm not intricately familiar with other
> >licenses that often have copyrights associated, so I don't know if MIT
> >is unique). If this isn't correct, I'd be very happy to switch all
> >the packages that use various forms of the MIT license over to it
> >instead and you can blissfully ignore the next paragraph. However,
> >I'd rather be on the safe/correct side than save a few MB that have to
> >be downloaded once.
> >
> ><snip>
> >
> >Joshua Baergen
> I'd still like clarification on this. I fully realize that we've been
> using generalized placeholders for a long time, but that doesn't really
> matter in the end if it's not legal.

What leads you to believe the license texts distributed in portage tree
are legaly binding with respect to the packages? Each packgage carries
(or at least should carry) its license embeded inside. In my
understanding, licanse pointers in ebuilds are purely informative and
allow you to check the terms of the license (and decide if the license
is acceptable) before you actually perform any legaly binding action
(like running 'emerge app-foo/bar').

Regards,
Peter Cech
--
gentoo-dev@gentoo.org mailing list
Re: Duplicate licences [ In reply to ]
joshuabaergen at gentoo
Jan 22, 2006, 9:06 PM
Post #9 of 10 (242 views)
Permalink
Peter Cech wrote:
>
>
> What leads you to believe the license texts distributed in portage tree
> are legaly binding with respect to the packages? Each packgage carries
> (or at least should carry) its license embeded inside. In my
> understanding, licanse pointers in ebuilds are purely informative and
> allow you to check the terms of the license (and decide if the license
> is acceptable) before you actually perform any legaly binding action
> (like running 'emerge app-foo/bar').
>
> Regards,
> Peter Cech
>
Well, from the documentation, all I have to go on is:

"This variable specifies what license the program is covered under, i.e.
GPL-2, BSD, etc..."[1]

I interpret that as the actual license of the software. It's not made
clear that LICENSE points to a generalized representation (although I
find that solution much more rational) or that it points to the actual
software license.

It appears that the people who feel most comfortable with the current
solution are those who have been around a good deal of time, which would
indicate to me that the reason that things are done now was made a while
ago but never documented.

[1] http://www.gentoo.org/proj/en/devrel/handbook/handbook.xml?part=2&chap=1
--
gentoo-dev@gentoo.org mailing list
Re: Duplicate licences [ In reply to ]
1i5t5.duncan at cox
Jun 17, 2008, 1:01 AM
Post #10 of 10 (246 views)
Permalink
Peter Cech posted <20060123000011.GC16835@upc.uniba.sk>, excerpted below,
on Mon, 23 Jan 2006 01:00:11 +0100:

> What leads you to believe the license texts distributed in portage tree
> are legaly binding with respect to the packages? Each packgage carries
> (or at least should carry) its license embeded inside. In my
> understanding, licanse pointers in ebuilds are purely informative and
> allow you to check the terms of the license (and decide if the license
> is acceptable) before you actually perform any legaly binding action
> (like running 'emerge app-foo/bar').

One of the legal issues involved is that Gentoo normally strips the
COPYING or similar files that would normally come with the package and be
placed in /usr/share/doc/. The idea is that one copy of the GPLv2 (for
example) on the system is enough. Thus, what the package carries is
stripped out in favor of the Gentoo placeholder version, and the question
is whether that placeholder version is then satisfactory from a legal
standpoint, or not.

The points made to date indicate that the old timers tend to be
comfortable with the current situation, but nobody has provided a
satisfactory legal reference or opinion that justifies this position.
Just because it's been done that way for some time doesn't mean it's
legally correct, and that's what's worrying to some posters (myself
included, altho I'm not a Gentoo dev).

--
Duncan - List replies preferred. No HTML msgs.
"Every nonfree program has a lord, a master --
and if you use the program, he is your master." Richard Stallman in
http://www.linuxdevcenter.com/pub/a/linux/2004/12/22/rms_interview.html


--
gentoo-dev@gentoo.org mailing list

©2024 GT.net. A Gossamer Threads company.
5th Floor, 455 Granville St., Vancouver, BC V6C 1T1, Canada | Legal