If we mirror software, we do not know who will access it. It could be a commercial or noncommercial user. Sourcetrail does not grant the right to mirror or distribute the software.
the tar ball also distributes files with licenses not listed in LICENSE=
Specifically, in section 3: "LICENSEE and AUTHORIZED USER(s) will not, and will have no right to: [...] sell, rent, lease, distribute, or otherwise transfer rights to the SOFTWARE without prior written consent from LICENSOR". That means that we simply cannot distribute it, neither commercial nor noncommercial. So the ebuild will need RESTRICT="mirror bindist". (Basically, every license in @EULA requires that, because we cannot ask mirror admins to accept anything.) I also wonder about the LICENSE variable, looks like the ebuild installs some bundled Qt libs, but I don't see any documentation that would require FDL-1.3. That's a minor issue, though.
Thanks for the bug report! When I initially made the PR for this ebuild we had the same discussion :D So, what is the way forward? Should I set RESTRICT="mirror bindist" and add all the licenses from the bundled packages, also for the ones that the ebuild removes upon installation?
(In reply to David Hallas from comment #3) > So, what is the way forward? Should I set RESTRICT="mirror bindist" Yes, please. > and add all the licenses from the bundled packages, also for the ones > that the ebuild removes upon installation? Only for those files that are being installed (which is only Qt, except for its documentation?).
(In reply to Ulrich Müller from comment #4) > (In reply to David Hallas from comment #3) > > So, what is the way forward? Should I set RESTRICT="mirror bindist" > > Yes, please. > > > and add all the licenses from the bundled packages, also for the ones > > that the ebuild removes upon installation? > > Only for those files that are being installed (which is only Qt, except for > its documentation?). Hi Ulrich, I just checked the ebuilds again and we do actually list the license of the two packages that is being installed (besides Sourcetrail itself). We install Qt and icu and the license of those packages are listed in the ebuild, so shouldn't we be ok there? Here is the license line from the build: LICENSE="Sourcetrail || ( GPL-2 GPL-3 LGPL-3 ) FDL-1.3 BSD" I have created a PR with the addition of the RESTRICT keyword, let me know if there are other issues I need to fix. And thanks for helping sorting this out :D
(In reply to David Hallas from comment #5) > I just checked the ebuilds again and we do actually list the license of the > two packages that is being installed (besides Sourcetrail itself). We > install Qt and icu and the license of those packages are listed in the > ebuild, so shouldn't we be ok there? Here is the license line from the build: > > LICENSE="Sourcetrail || ( GPL-2 GPL-3 LGPL-3 ) FDL-1.3 BSD" The ebuild doesn't install whole packages, but only some libraries from them. Especially it doesn't install any files that are licensed FDL-1.3, so that one should be omitted: LICENSE="Sourcetrail || ( GPL-2 GPL-3 LGPL-3 ) BSD"
(In reply to Ulrich Müller from comment #6) > (In reply to David Hallas from comment #5) > > I just checked the ebuilds again and we do actually list the license of the > > two packages that is being installed (besides Sourcetrail itself). We > > install Qt and icu and the license of those packages are listed in the > > ebuild, so shouldn't we be ok there? Here is the license line from the build: > > > > LICENSE="Sourcetrail || ( GPL-2 GPL-3 LGPL-3 ) FDL-1.3 BSD" > > The ebuild doesn't install whole packages, but only some libraries from > them. Especially it doesn't install any files that are licensed FDL-1.3, so > that one should be omitted: > > LICENSE="Sourcetrail || ( GPL-2 GPL-3 LGPL-3 ) BSD" Make sense - I have just updated the PR with this change as well. Thanks for the quick reply!
The bug has been closed via the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=ab9454d813250a5be90de81260c776c536debfcf commit ab9454d813250a5be90de81260c776c536debfcf Author: David Hallas <david@davidhallas.dk> AuthorDate: 2019-06-01 06:30:24 +0000 Commit: Michał Górny <mgorny@gentoo.org> CommitDate: 2019-06-01 08:15:51 +0000 dev-cpp/sourcetrail Add RESTRICT to prohibit mirroring Add RESTRICT keyword so that we do not mirror the tarballs because of license issues. Also remove FDL license since the ebuild doesn't install any files with that license. Closes: https://bugs.gentoo.org/687018 Signed-off-by: David Hallas <david@davidhallas.dk> Closes: https://github.com/gentoo/gentoo/pull/12145 Signed-off-by: Michał Górny <mgorny@gentoo.org> dev-cpp/sourcetrail/sourcetrail-2018.3.55-r1.ebuild | 3 ++- dev-cpp/sourcetrail/sourcetrail-2019.1.11.ebuild | 3 ++- 2 files changed, 4 insertions(+), 2 deletions(-)
