From: "Ludovic Courtès" <ludo@gnu.org>
To: Antero Mejr <antero@mailbox.org>
Cc: 61950@debbugs.gnu.org
Subject: [bug#61950] [PATCH] lint: Add 'copyleft' checker.
Date: Mon, 06 Mar 2023 23:38:20 +0100 [thread overview]
Message-ID: <87v8jdfqub.fsf@gnu.org> (raw)
In-Reply-To: <87o7p5u7y2.fsf@mailbox.org> (Antero Mejr's message of "Mon, 06 Mar 2023 16:21:02 +0000")
Antero Mejr <antero@mailbox.org> skribis:
> Ludovic Courtès <ludo@gnu.org> writes:
>
>> 1. It’s entirely fine for, say, a BSD-3 package to link against
>> Readline (GPLv3+). The combination is effectively GPLv3+, but
>> that’s perfectly valid legally speaking.
>
> It's fine for FOSS packages, but if you have proprietary-licensed Guix
> package where the code can't be open-sourced, bringing in a GPL
> dependency is an issue.
Maybe, but it’s not an issue for the Guix project. :-)
> This copyleft linter goes along with the other patch where guix lint
> exits 1. So you can do something like this in a CI pipeline:
>
> 'guix lint -c copyleft my-proprietary-package'
>
> to block developers from adding copyleft dependencies to a non-free package.
I recommend having this out-of-tree. If it helps, changing ‘guix lint’
to it can discover new “checkers”, using (guix discovery), might be okay.
>> 2. It’s tempting to view devise a “licensing calculus” of sorts and
>> automate assessments of licensing compatibility. However, I think
>> it’s overestimating both law and our own licensing annotations: how
>> law applies in a specific case isn’t entirely clear until one goes
>> to court, and our ‘license’ fields fail to represent all the
>> relevant nuances anyway (subcomponents having different licenses,
>> dual/multiple licensing, etc.).
>
> True, this linter check is basic and would not constitute legal advice.
>
> It's more of a broad "software license auditing" sort of thing,
> to allow engineers to do quick compliance checks. In my experience
> it's useful for development in regulated applications of software.
>
> Thanks for the feedback, lmk what you think.
Thanks for explaining. I think I understand the need now but (1) I
think this need is outside the scope of Guix, and (2) I remain wary of
conclusions drawn from automated ‘license’ field inspection.
I hope that makes sense!
Ludo’.
next prev parent reply other threads:[~2023-03-06 22:39 UTC|newest]
Thread overview: 16+ messages / expand[flat|nested] mbox.gz Atom feed top
2023-03-04 4:14 [bug#61950] [PATCH] lint: Add 'copyleft' checker Antero Mejr via Guix-patches via
2023-03-04 4:22 ` [bug#61950] [PATCH 1/3] gnu: libsndfile: Correct license Antero Mejr via Guix-patches via
2023-03-04 4:22 ` [bug#61950] [PATCH 2/3] gnu: libcap: Add bsd-3 license Antero Mejr via Guix-patches via
2023-03-06 16:49 ` Leo Famulari
2023-03-04 4:22 ` [bug#61950] [PATCH 3/3] gnu: nettle-2: Add lgpl3+ to licenses Antero Mejr via Guix-patches via
2023-03-06 16:50 ` Leo Famulari
2023-03-06 16:49 ` [bug#61950] [PATCH 1/3] gnu: libsndfile: Correct license Leo Famulari
2023-03-06 15:53 ` [bug#61950] [PATCH] lint: Add 'copyleft' checker Ludovic Courtès
2023-03-06 16:21 ` Antero Mejr via Guix-patches via
2023-03-06 22:38 ` Ludovic Courtès [this message]
2023-03-22 2:48 ` Maxim Cournoyer
2023-03-22 21:56 ` Antero Mejr via Guix-patches via
2023-03-23 2:48 ` bug#61950: " Maxim Cournoyer
2023-03-06 16:45 ` [bug#61950] " Leo Famulari
2023-03-06 18:56 ` [bug#61950] [PATCH] gnu: nettle-2: Add lgpl3+ to licenses Antero Mejr via Guix-patches via
2023-03-06 21:20 ` Leo Famulari
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
List information: https://guix.gnu.org/
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=87v8jdfqub.fsf@gnu.org \
--to=ludo@gnu.org \
--cc=61950@debbugs.gnu.org \
--cc=antero@mailbox.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
Code repositories for project(s) associated with this public inbox
https://git.savannah.gnu.org/cgit/guix.git
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).