Hi, This package has the following exceptions to GPL-3+ (https://github.com/JPaulMora/Pyrit/blob/master/modules/cpyrit_cuda/_cpyrit_cuda.c#L31): """ # Additional permission under GNU GPL version 3 section 7 # # If you modify this Program, or any covered work, by linking or # combining it with the OpenSSL project's "OpenSSL" library (or a # modified version of that library), containing parts covered by # the terms of OpenSSL/SSLeay license, the licensors of this # Program grant you additional permission to convey the resulting # work. Corresponding Source for a non-source form of such a # combination shall include the source code for the parts of the # OpenSSL library used as well as that of the covered work. # # If you modify this Program, or any covered work, by linking or # combining it with NVIDIA Corporation's CUDA libraries from the # NVIDIA CUDA Toolkit (or a modified version of those libraries), # containing parts covered by the terms of NVIDIA CUDA Toolkit # EULA, the licensors of this Program grant you additional # permission to convey the resulting work. """ I've had a brief discussion with robbat on IRC and I would like to get the license team's opinion on how we should proceed? Should we add another exception file under licenses/ or is there a better way to do it? Thanks,
> I've had a brief discussion with robbat on IRC and I would like to get the > license team's opinion on how we should proceed? Should we add another > exception file under licenses/ or is there a better way to do it? The text is somewhat different from what we have as GPL-3-with-openssl-exception, and there is the NVIDIA-CUDA part as well. So yes, this needs to be added as a new license file. Unless we want to add a template like GPL-3-with-additional-permissions that would cover all exceptions under clauses 7a to 7f of the GPL-3. It would have to say something like "check the package's license statement for specifics".
By the way, can we handle licenses like in Yocto? I think it's better way to handle license exceptions. *LIC_FILES_CHKSUM = "file://FILENAME;beginline=M;endline=N;md5=MD5"
Yes, that indeed looks like a new exception – at least the CUDA part. SPDX has a way to handle exceptions separately from licenses. e.g. you could have “GPL-2.0” with “openvpn-openssl-exception”, which is more modular than what Gentoo uses right now. Also AFAIK Yocto uses SPDX and is (aiming to be?) compliant with the SPDX specification.
commit 2259cb2e6d2b509d50ef7bd886e4776b0b605444 Author: Göktürk Yüksek <gokturk@gentoo.org> AuthorDate: Wed Nov 30 18:57:54 2016 -0500 Commit: Göktürk Yüksek <gokturk@gentoo.org> CommitDate: Wed Nov 30 19:06:34 2016 -0500 net-wireless/cpyrit-cuda: fix the license #600954 Add missing licenses GPL-3+-with-cuda-exception and GPL-3+-with-cuda-openssl-exception Package-Manager: portage-2.3.0