Cargo bundles a lot of packages by design. However, I haven't seen a *single* package in Gentoo that would set LICENSE appropriately. This makes me believe that the eclass needs to include a BIG FAT WARNING telling developers that they need to include LICENSEs for all bundled crates.
most rust packages are created using cargo ebuild, it collects and writes down all crates and creates a template ebuild, but it's outdated and not maintained https://github.com/cardoe/cargo-ebuild cardoe has his packages reassigned recently. I have a fork that works with new openssl support. https://github.com/gyakovlev/cargo-ebuild?organization=gyakovlev&organization=gyakovlev The original and the fork are not in the tree, but I can import my fork to ::gentoo and make it create ebuild template with warning. Maybe I can extract licenses from all the crates and put them in the template. What I can do is add a warning in a eclass, but not sure where exactly and how to check if licenses contain only single entry (check for spaces maybe?). Also repoman could check it, but I don't know it's internals yet.
Here's a cheap hack that can help: $ find -name 'Cargo.toml' -exec grep -h license {} + | sort -u Note that sometimes people are using different spelling for the same things but I think you can cover most of it using a short list. Note that some of the packages use '/' and 'OR, and some have 'AND', so don't be too lax. There are also a few instances of license-file that require manual check.
mgorny: wrt those rust crate licenses, I think only direct dependency licenses should be listed. so if foo requires a,b,c and a requires x,y,z should I really add x,y,z licenses to ebuild?
(In reply to Georgy Yakovlev from comment #3) > mgorny: wrt those rust crate licenses, I think only direct dependency > licenses should be listed. so if foo requires a,b,c and a requires x,y,z > should I really add x,y,z licenses to ebuild? Since all crates are bundled as part of the ebuild, you should list all.
(In reply to Georgy Yakovlev from comment #1) > most rust packages are created using cargo ebuild, it collects and writes > down all crates and creates a template ebuild, but it's outdated and not > maintained > > https://github.com/cardoe/cargo-ebuild > > cardoe has his packages reassigned recently. > > I have a fork that works with new openssl support. > https://github.com/gyakovlev/cargo- > ebuild?organization=gyakovlev&organization=gyakovlev I definitely still maintain the project. It's passively maintained as there's not much to do. Never seen an issue reported by you or received an email about you so I couldn't have possibly fixed any issues you've had. Your fork is 1 commit head and 10 behind my version. I'm glad to take any improvements you've got.
(In reply to Michał Górny from comment #2) > Here's a cheap hack that can help: > > $ find -name 'Cargo.toml' -exec grep -h license {} + | sort -u > > Note that sometimes people are using different spelling for the same things > but I think you can cover most of it using a short list. Note that some of > the packages use '/' and 'OR, and some have 'AND', so don't be too lax. > > There are also a few instances of license-file that require manual check. At ebuild generation time the entire sources to all dependent crates is not available locally.
