Note: This is a beta release of Red Hat Bugzilla 5.0. The data contained within is a snapshot of the live data so any changes you make will not be reflected in the production Bugzilla. Also email is disabled so feel free to test any aspect of the site that you want. File any problems you find or give feedback here.
Bug 1601110 - ccnet: bad license tag in spec file (should be "GPLv2")
Summary: ccnet: bad license tag in spec file (should be "GPLv2")
Keywords:
Status: NEW
Alias: None
Product: Fedora
Classification: Fedora
Component: ccnet
Version: 29
Hardware: Unspecified
OS: Unspecified
unspecified
unspecified
Target Milestone: ---
Assignee: Julien Enselme
QA Contact: Fedora Extras Quality Assurance
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2018-07-13 22:28 UTC by Felix Schwarz
Modified: 2018-08-14 09:53 UTC (History)
2 users (show)

Fixed In Version:
Doc Type: If docs needed, set a value
Doc Text:
Clone Of:
Environment:
Last Closed:


Attachments (Terms of Use)

Description Felix Schwarz 2018-07-13 22:28:43 UTC
ccnet.spec ( https://src.fedoraproject.org/rpms/ccnet/blob/master/f/ccnet.spec ) states:

  License:        GPLv3

However that is wrong. LICENSE.txt from the tarball in our SRPM says the code is under GPLv2 (with OpenSSL linking exception).

It seems ccnet switched its license at some point (when the initial review was done in bug 1129429 the tarball contained GPLv3 code). Maybe the confusion was also created due to confusion of ccnet and ccnet-server where the same/similar code is distributed under different licenses (see also https://github.com/haiwen/ccnet-server/issues/19 for some licensing background).

Anyway the shipped LICENSE.txt says GPLv2 and Fedora's spec file must respect that.

Comment 1 Julien Enselme 2018-08-01 19:40:23 UTC
I don't think so. We are building from  https://github.com/haiwen/ccnet which is GPLv2. Since it is the right holders who published the code in this repo under this license, I don't think we must change it.

Comment 2 Felix Schwarz 2018-08-05 11:47:13 UTC
(In reply to Julien Enselme from comment #1)
> I don't think so. We are building from  https://github.com/haiwen/ccnet
> which is GPLv2. Since it is the right holders who published the code in this
> repo under this license, I don't think we must change it.

Maybe I'm wrong but I'll try to explain my concerns:

Fedora's package system currently contains v6.1.8.tar.gz (referenced git master). That package contains a file "LICENSE.txt" which says:
"This program is released under GPLv2, with the following addition
permission to link with OpenSSL library."

(nitpicking) Also to be precise we are not "building from https://github.com/haiwen/ccnet". The source tar.gz was probably downloaded from github but what matters are the file contents in the tar.gz because a github repo might change while our tar.gz is stored separately.

Anyway this is just nitpicking because as you wrote yourself even the github repo says "GPLv2 with linking exception" and that does not match the license tag in Fedora's spec file (GPLv3).

I'm not 100% sure what the license tag in the spec file should be but I suggest:

  License:  GPLv2 with exceptions

Fedora's main licensing page ( https://fedoraproject.org/wiki/Licensing:Main?rd=Licensing#Good_Licenses ) lists only "GNU General Public License v2.0 only, with Classpath exception" but Fedora considers "openssl" to be a "system library" ( https://fedoraproject.org/wiki/Licensing:FAQ#What.27s_the_deal_with_the_OpenSSL_license.3F ). Maybe "License: GPLv2" is appropriate as well.

Anyway you should initiate Fedora's "License Change" process as described in the docs: https://fedoraproject.org/wiki/Licensing:Main?rd=Licensing#License_Changes
You should be able to use that also to get the license tag right.

Comment 3 Jan Kurik 2018-08-14 09:53:30 UTC
This bug appears to have been reported against 'rawhide' during the Fedora 29 development cycle.
Changing version to '29'.


Note You need to log in before you can comment on or make changes to this bug.