Date: Thu, 19 Nov 2015 09:35:03 -0600 From: Mark Felder <feld@FreeBSD.org> To: freebsd-ports@freebsd.org, Roger Marquis <marquis@roble.com> Subject: Re: License info Q Message-ID: <1447947303.654619.444405505.416C0DA0@webmail.messagingengine.com> In-Reply-To: <20151118114839.431a3adf@fabiankeil.de> References: <20151118114839.431a3adf@fabiankeil.de>
next in thread | previous in thread | raw e-mail | index | archive | help
On Wed, Nov 18, 2015, at 04:48, Fabian Keil wrote: > Roger Marquis <marquis@roble.com> wrote: > > > I need to get license info from a batch of ports and packages. > > > > Problem is not all the specified ports/pkgs are installed or have license > > info in their Makefile. Is there a reliable way to enumerate port or > > package license strings, preferably without fetching a package tarfile? > > No. Also note that the "license information" in the Makefiles is often > misleading[1] and thus not particular useful if you actually care about > license compliance. > > Unfortunately reporting incorrect license information seems to be > a waste of time so things are unlikely to improve any time soon: > https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=195807 > > Fabian I spent a *lot* of time trying to correct the BSD licenses to be BSD2 BSD3 or BSD4CLAUSE. I did an /ok/ job. It was a super pain. My conclusion is that we need to be very careful getting the licenses defined correctly, but even then we cannot make any promises they are correct. You can only license files, not "projects", so a license on a port should be considered "best effort guidance" and not a promise of accuracy. If you are doing something that actually requires you to get licensing information correct the only approach is to roll up your sleeves and look at each software manually. Consider trying to play with Apache RAT as well which -- rumor has it -- can do a decent job of programmatically detecting licenses. http://blog.feld.me/posts/2014/12/bsd-license-audit/ -- Mark Felder ports-secteam member feld@FreeBSD.org
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?1447947303.654619.444405505.416C0DA0>