On Thu, 2020-06-18 at 14:31 +0200, Philippe Ombredanne wrote:
On Thu, Jun 18, 2020 at 12:37 AM Richard PurdieJust to be really clear, the license ID of a given specific
package *is* correct and definitive. What is unclear is the license of
the license information.
The challenge is that one software project can be split into multiple
binary packages and those binary packages can have finer grained
For example, gcc which contains libgcc. gcc is GPL-3.0 and libgcc is
the under the runtime license exception. We specifically mark the
binary packages with the correct license.
This isn't enough for some legal departments and some licenses, we have
to have the full license text somewhere. We have options:
a) Include the full license text in every binary package
b) Have a licence package per test and require each binary package to
depend on that license package
c) As per b) but have the package management or tools figure out the
dependencies if requested
d) Have a license package per piece of software containing all the
licensing texts for that piece of software.
There are pros and cons for all of these, some of the issues are very
significant, particularly in a constrained embedded system. Rightly or
wrongly, we have d) implemented today and this is consistent with what
other distros like Debian do (although they merge docs and license
info, we split them).
Also, this assumes the licenses can be split into specific individual
chunks. I suspect in some cases this is not possible.
The question is what license is that package in d) under.
If we went for one of the other approaches, we'd be able to remove
license texts that were not "active" but I suspect the implementations
are extremely complex, fragile and overkill. Its also not what we've
been asked to fix.
You also wrote:No, we're not. We're trying to convey that the package contains licenseIMHO that's the root of the problem, you are including and mixingWe also put the license texts into its own package. Right now
texts under whatever license the license text is under, not binaries
under a specific license. We need an identifier that says "this is all
the license information about piece of software X". We could have a
single identifier however I think its clear that there are going to be
different licenses for different license texts (where they are even