From: ludo@gnu.org (Ludovic Courtès)
To: Dave Love <fx@gnu.org>
Cc: guix-devel@gnu.org
Subject: Re: Question about multiple licenses
Date: Sun, 10 Sep 2017 22:54:35 +0200 [thread overview]
Message-ID: <87zia246lw.fsf@gnu.org> (raw)
In-Reply-To: <874lseqy4m.fsf@albion.it.manchester.ac.uk> (Dave Love's message of "Thu, 07 Sep 2017 17:20:09 +0100")
Dave Love <fx@gnu.org> skribis:
> Ludovic Courtès <ludo@gnu.org> writes:
>
>> Dave Love <fx@gnu.org> skribis:
>>
>>> Alex Vong <alexvong1995@gmail.com> writes:
>>>
>>>> Based on the above general argument, I think we should list all the
>>>> licenses instead of just GPLv2+ since it would be inaccurate to say that
>>>> the whole program is under just GPLv2+.
>>>
>>> Indeed. Not only do you need to list the licences (according to all
>>> "legal advice" I've seen for distributions), but normally also
>>> distribute the relevant licence texts, even for permissive licences if
>>> they require that (e.g. BSD). I raised this recently, as it's not
>>> generally being done, so some Guix binary packages appear to be
>>> copyright-infringing.
>>
>> There’s no such thing as a “Guix binary package” though, which makes it
>> different from traditional distros.
>>
>> In Guix a package is a Scheme object that refers to the source and build
>> method of upstream software.
>
> Sure, but if you use guix pack and distribute the result, it seems
> clearly a copyright infringement, because even BSD requires
>
> 2. Redistributions in binary form must reproduce the above copyright
> notice, this list of conditions and the following disclaimer in the
> documentation and/or other materials provided with the distribution.
[...]
> Well, from what I know about copyright, that isn't the licence of glibc,
> which is the sum of all the licences involved, and you'd have to know
> how to find them if you didn't just unpack the tarball. With pack
> output in a lot of cases you don't have the information.
Right, ‘guix pack’ makes things more complicated—although I would argue
that, contrary to Dockerfiles and the like (which nobody seems to
complain about), Guix makes it easier to do provenance tracking since
there’s an unambiguous source → binary mapping.
How do Debian and Fedora determine the relevant files to copy? We could
investigate ways to do that, but it won’t scale unless we have a mostly
automated way to do it.
(It won’t scale to the size of Stackage, CPAN, Pypi, etc. either…)
Thoughts?
Ludo’.
next prev parent reply other threads:[~2017-09-10 20:54 UTC|newest]
Thread overview: 16+ messages / expand[flat|nested] mbox.gz Atom feed top
2017-08-26 7:40 Question about multiple licenses Arun Isaac
2017-08-28 10:45 ` Alex Vong
2017-08-28 17:25 ` Arun Isaac
2017-08-28 17:29 ` Efraim Flashner
2017-08-29 6:30 ` Arun Isaac
2017-09-01 11:43 ` Dave Love
2017-09-02 16:54 ` Alex Vong
2017-09-07 16:21 ` Dave Love
2017-09-03 11:45 ` Arun Isaac
2017-09-04 14:57 ` Ludovic Courtès
2017-09-07 16:20 ` Dave Love
2017-09-10 20:54 ` Ludovic Courtès [this message]
2017-09-11 11:29 ` Alex Vong
2017-09-11 12:45 ` Andy Wingo
2017-09-12 22:15 ` Dave Love
2017-09-12 22:13 ` Dave Love
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
List information: https://guix.gnu.org/
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=87zia246lw.fsf@gnu.org \
--to=ludo@gnu.org \
--cc=fx@gnu.org \
--cc=guix-devel@gnu.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
Code repositories for project(s) associated with this public inbox
https://git.savannah.gnu.org/cgit/guix.git
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).