XPost: linux.debian.devel.qa
--4e149d2211ac0cb4ede95a8b7b58c69af880d3d2a715759baa14a965af06 Content-Transfer-Encoding: quoted-printable
Content-Type: text/plain; charset=UTF-8
[adding -devel, for wider visiblity]
On Sun Sep 8, 2024 at 6:31 PM CEST, Serafeim (Serafi) Zanikolas wrote:
hi,
I've recently taken over adequate(1) and am considering to drop its license compatibility checks, for several reasons:
- unlike 2013, which is when adequate grew this functionality, today many
well-funded organizations actively care about license compliance (e.g. see
fossology.org), so I'd expect major cases of non-compliance to be noticed
- afaict in almost 11 years of adequate's existence, only one actual case of
non-compliance was found (#749801) [0]
- the relevant logic is non-trivial, and prone to false positives in the case
of binary packages shipping multiple libraries with different licenses; it
also hardwires soname/license/version mappings for major libraries (I'd guess
as a workaround for the aforementioned issue), which I consider unsustainable
from a maintenance PoV
if you feel strongly against this proposal, you're more than welcome to join the
adequate maintainers team (today, just me) and make your case with code. of course you're also welcome to join even if you do agree with the proposal!
thanks,
serafi
ps. please cc me in replies
[0] I've looked at piuparts and adequate tagged bugs
--4e149d2211ac0cb4ede95a8b7b58c69af880d3d2a715759baa14a965af06
Content-Type: application/pgp-signature; name="signature.asc"
-----BEGIN PGP SIGNATURE-----
iQIzBAABCAAdFiEEA2RWqo7IwLCLSFYbT59tVQ7WEioFAmb4QfcACgkQT59tVQ7W EipwmRAAsZRzNX8tx+2kpr2VpMvdUbek3W3s9Doho+nUEBNKxcEyTNGEIqCdsvjG SfSnhaYCperK8fG1KLZPbE3yklSBWRx0Twf41zJYtBagZjIp+AraRiGwEmBfrFH+ qLZic9y1BlDdFeBUGIZxlFHK9iYnIyUabSLPmjmyLx+0G7BF1NQ2+laJAz2XsLtt 2LqArLSrCNfA2mZE8z5WjPQ0lYNo8yVEgZfxS+KiMnmOhxQIZdnTHE2LplEcDaTZ y3HLTpn1xaJ8YYOvJE2+6cDKQ+fBBg6S/eVNHkE5KQHdFcDQF7ohIpmPbZso79ef CmAYQzYYLCNEA3WKaTMH4xKrB+826GYlgXghjTkATR1EmhRFks9s8SQMJ0DYPfoR 7/S35vj9N5TbA8ce8gCrOkBiwdiUQeA1pazPfVkl81JpO2EqXRzxkI6wZpDmal3r C2VTb0rJBlikp1bTbfIC7mF5kPGVVMFt2Bv6CneELcwFqmV2MZ9ulDY/WVA1JdhA Z/Wn88NgTA3QzHWrYoEHvDp7v9y3uYKDTXdbNI8Vyt80GrNaCTprFTA/NNTvzdXq A7Tl3nYhNfqdRQh+e0JIVnXNsjofGU0bXGfvtD+ejexv4T6TIf1mSrbPbfEuLUFb q9kF0qf0SbxZBJpWEidIrIcwBR/WEJqPfzqvXXVmmvGazs7nxss=7zPl
-----END PGP SIGNATURE-----
--4e149d2211ac0cb4ede95a8b7b58c69af880d3d2a715759baa14a965af06--
--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)