From mboxrd@z Thu Jan  1 00:00:00 1970
From: Alex Griffin <a@ajgrf.com>
Subject: Re: License auditing
Date: Thu, 04 Aug 2016 09:40:51 -0500
Message-ID: <1470321651.2999447.685989545.7F3461C9@webmail.messagingengine.com>
References: <CAL1_im=8gC_Dq4YYn6vstB=vq6VPWPRvp65MgSedUiHYkO29DQ@mail.gmail.com>
	<20160803180342.GA11621@jasmine> <87poppy47o.fsf@gnu.org>
	<1470258703.2769072.685294401.7618CBA4@webmail.messagingengine.com>
	<87eg64vcjb.fsf@gnu.org>
Mime-Version: 1.0
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: quoted-printable
Return-path: <guix-devel-bounces+gcggd-guix-devel=m.gmane.org@gnu.org>
Received: from eggs.gnu.org ([2001:4830:134:3::10]:52996)
	by lists.gnu.org with esmtp (Exim 4.71) (envelope-from <a@ajgrf.com>)
	id 1bVJpe-0005AZ-Hf
	for guix-devel@gnu.org; Thu, 04 Aug 2016 10:41:11 -0400
Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71)
	(envelope-from <a@ajgrf.com>) id 1bVJpa-0007M7-5n
	for guix-devel@gnu.org; Thu, 04 Aug 2016 10:41:09 -0400
In-Reply-To: <87eg64vcjb.fsf@gnu.org>
List-Id: "Development of GNU Guix and the GNU System distribution."
	<guix-devel.gnu.org>
List-Unsubscribe: <https://lists.gnu.org/mailman/options/guix-devel>,
	<mailto:guix-devel-request@gnu.org?subject=unsubscribe>
List-Archive: <http://lists.gnu.org/archive/html/guix-devel/>
List-Post: <mailto:guix-devel@gnu.org>
List-Help: <mailto:guix-devel-request@gnu.org?subject=help>
List-Subscribe: <https://lists.gnu.org/mailman/listinfo/guix-devel>,
	<mailto:guix-devel-request@gnu.org?subject=subscribe>
Errors-To: guix-devel-bounces+gcggd-guix-devel=m.gmane.org@gnu.org
Sender: "Guix-devel" <guix-devel-bounces+gcggd-guix-devel=m.gmane.org@gnu.org>
To: =?utf-8?Q?Ludovic=20Court=C3=A8s?= <ludo@gnu.org>
Cc: guix-devel <guix-devel@gnu.org>

On Thu, Aug 4, 2016, at 09:23 AM, Ludovic Court=C3=A8s wrote:
> Strictly speaking it=E2=80=99s wrong, but I think it better reflects the =
intent
> of the authors (I think authors who throw a GPLv3 =E2=80=98COPYING=E2=80=
=99 file without
> bothering to add file headers probably think that GPLv3 and maybe later
> versions apply, but not previous versions.)

Ah, I guess that seems more reasonable when the whole situation is laid
out.

> I suppose many package violations could be detected using Guix, but
> you=E2=80=99re right that subtle cases like this one can go undetected.
>=20
> In the end, we=E2=80=99re talking about legal documents whose interpretat=
ion
> isn=E2=80=99t as formal as we would like.  So I suspect that no single to=
ol can
> provide what you want=E2=80=94there is no =E2=80=9Clicense calculus=E2=80=
=9D.  Tools like
> Fossology go a long way, but AFAIK they are no substitute for proper
> manual auditing.

I know it can't and shouldn't be fully automated, but we can still build
useful tools to help us.

--=20
Alex Griffin