From owner-freebsd-ports@freebsd.org Thu Nov 19 12:20:15 2015 Return-Path: Delivered-To: freebsd-ports@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 0B22BA337C1 for ; Thu, 19 Nov 2015 12:20:15 +0000 (UTC) (envelope-from freebsd-listen@fabiankeil.de) Received: from smtprelay01.ispgateway.de (smtprelay01.ispgateway.de [80.67.18.43]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id C2B1918A6 for ; Thu, 19 Nov 2015 12:20:14 +0000 (UTC) (envelope-from freebsd-listen@fabiankeil.de) Received: from [78.35.174.175] (helo=fabiankeil.de) by smtprelay01.ispgateway.de with esmtpsa (TLSv1.2:AES128-GCM-SHA256:128) (Exim 4.84) (envelope-from ) id 1ZzOCC-0007Bp-0c for freebsd-ports@freebsd.org; Thu, 19 Nov 2015 13:20:12 +0100 Date: Thu, 19 Nov 2015 13:19:05 +0100 From: Fabian Keil To: freebsd-ports@freebsd.org Subject: Re: License info Q Message-ID: <20151119131905.19a0920f@fabiankeil.de> In-Reply-To: <564C5E4E.2010906@FreeBSD.org> References: <20151118114839.431a3adf@fabiankeil.de> <564C5E4E.2010906@FreeBSD.org> MIME-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha1; boundary="Sig_/vQkdaSBv9.x.Wr_HpayVyqn"; protocol="application/pgp-signature" X-Df-Sender: Nzc1MDY3 X-BeenThere: freebsd-ports@freebsd.org X-Mailman-Version: 2.1.20 Precedence: list List-Id: Porting software to FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 19 Nov 2015 12:20:15 -0000 --Sig_/vQkdaSBv9.x.Wr_HpayVyqn Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: quoted-printable Kubilay Kocak wrote: > On 18/11/2015 9:48 PM, Fabian Keil wrote: > > Roger Marquis wrote: > > =20 > >> I need to get license info from a batch of ports and packages. > >> > >> Problem is not all the specified ports/pkgs are installed or have lice= nse > >> info in their Makefile. Is there a reliable way to enumerate port or > >> package license strings, preferably without fetching a package tarfile= ? =20 > >=20 > > No. Also note that the "license information" in the Makefiles is often > > misleading[1] and thus not particular useful if you actually care about > > license compliance. =20 > If they're incorrect, please submit an issue to rectify them (either in > ports, or upstream), like Awesome George has here: >=20 > https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=3D204638 I tried this in the beginning, for example for sysutils/zsd which has been tainted with obviously[1] bogus license goo for more than a year now despite various complaints and a request to assign it to someone else: https://lists.freebsd.org/pipermail/svn-ports-all/2015-May/093367.html > > Unfortunately reporting incorrect license information seems to be > > a waste of time so things are unlikely to improve any time soon: > > https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=3D195807 =20 >=20 > It's not a waste of time, it's a collaborative effort. For a full and > complete response (that I urge you to read and consider completely), see > the following thread, including my last reply: >=20 > https://lists.freebsd.org/pipermail/freebsd-ports/2015-July/099906.html I'm aware of the thread. It's not the first one of its kind and probably will not be the last one either. It does not address the problem that various committers in favour of the license "framework" apparently have the time to force it upon maintainers against their expressed wishes but are unwilling to document it or even explain what their changes are supposed to mean and how they came to the conclusion that the added license information is or at least could be correct. While this is backed by portmgr@ it's unlikely to inspire goodwill in volunteers. > > [1] The lack of documentation doesn't help. =20 >=20 > In the meantime, we'll continue to attempt to annotate software metadata > in the ports tree as best we can. As opposed to taking a step back, addressing the concerns and documenting the process. Fabian [1] Obviously "obviously" is a stretch, but despite the lack of documentati= on I assume that the license "code" is expected to be relevant for at least pa= rts of the code in the distfile or the resulting package. --Sig_/vQkdaSBv9.x.Wr_HpayVyqn Content-Type: application/pgp-signature Content-Description: OpenPGP digital signature -----BEGIN PGP SIGNATURE----- Version: GnuPG v2 iEYEARECAAYFAlZNvjkACgkQBYqIVf93VJ3/BwCfZnTPr6x3IvjoVFp7YAml18Uo Gt4AoKH1r0LybcVjoCn4iRyMP7cdvBu/ =klUU -----END PGP SIGNATURE----- --Sig_/vQkdaSBv9.x.Wr_HpayVyqn--