Bug 1281479
Summary: | cloc bundles non-free code | ||
---|---|---|---|
Product: | [Fedora] Fedora | Reporter: | Petr Šabata <psabata> |
Component: | cloc | Assignee: | Rick Elrod <relrod> |
Status: | CLOSED ERRATA | QA Contact: | Fedora Extras Quality Assurance <extras-qa> |
Severity: | urgent | Docs Contact: | |
Priority: | unspecified | ||
Version: | 24 | CC: | bughunt, relrod |
Target Milestone: | --- | ||
Target Release: | --- | ||
Hardware: | Unspecified | ||
OS: | Unspecified | ||
Whiteboard: | |||
Fixed In Version: | cloc-1.66-1.fc22 cloc-1.66-1.fc23 cloc-1.66-1.el7 | Doc Type: | Bug Fix |
Doc Text: | Story Points: | --- | |
Clone Of: | Environment: | ||
Last Closed: | 2016-06-05 02:51:26 UTC | Type: | Bug |
Regression: | --- | Mount Type: | --- |
Documentation: | --- | CRM: | |
Verified Versions: | Category: | --- | |
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
Cloudforms Team: | --- | Target Upstream Version: | |
Embargoed: |
Description
Petr Šabata
2015-11-12 15:42:25 UTC
(Disclaimer: Not an IP lawyer or a license Guru, but I have the book on Open Source Licenses) Well, I needed the latest cloc 1.65 (now at https://github.com/AlDanial/cloc) for Fedora 22 (which has an old 1.62), so I took a look: cloc itself is "GNU GPL 2 or later" but states that it: # Includes code from: # - SLOCCount v2.26 # http://www.dwheeler.com/sloccount/ # by David Wheeler. # - Regexp::Common v2.120 # http://search.cpan.org/~abigail/Regexp-Common-2.120/lib/Regexp/Common.pm # by Damian Conway and Abigail. # - Win32::Autoglob # http://search.cpan.org/~sburke/Win32-Autoglob-1.01/Autoglob.pm # by Sean M. Burke. # - Algorithm::Diff # http://search.cpan.org/~tyemq/Algorithm-Diff-1.1902/lib/Algorithm/Diff.pm # by Tye McQueen. Regexp::Common (2013031301): "AL 2.0, MIT or BSD" http://search.cpan.org/~abigail/Regexp-Common-2013031301/lib/Regexp/Common.pm#LICENSE_and_COPYRIGHT That would solve the problem... Others: ------- SLOCCount: "released under the General Public License (GPL)" Regexp::Common v2.120 Win32::Autoglob: "http://search.cpan.org/~sburke/Win32-Autoglob-1.01/Autoglob.pm#COPYRIGHT_AND_DISCLAIMERS" "This library is free software; you can redistribute it and/or modify it under the same terms as Perl itself." Algorithm::Diff: "http://search.cpan.org/~tyemq/Algorithm-Diff-1.1902/lib/Algorithm/Diff.pm#LICENSE" "This program is free software; you can redistribute it and/or modify it under the same terms as Perl." Perl is distributed under AL or GPL (http://dev.perl.org/licenses/). The problem is the bundled code is from R::C 2.120, which was Artistic only (you can check that on BackPAN), as mentioned in the original comment, along with the rest. Later releases are more permissive but the one the code was taken from wasn't free. I don't know what the code does but all this bundling is really ugly. Why not just use the module's API? I think it just needs to be bumped to the latest version. +1 for calls instead of bundle, but the author will have to do that. The README is also uncertain about the license: https://github.com/AlDanial/cloc#___top Sorry for missing this report. I'll file an issue upstream and see if we can get them to bump Regexp::Common or stop bundling it. I just filed https://github.com/AlDanial/cloc/issues/36. Thanks Ricky. The author fixed this here: https://github.com/AlDanial/cloc/commit/157c37071b985623501a53175422bf663f3ee2ad I will bump the Fedora packages to that commit and submit to testing later today. Don't forget to update the License tag, too :) This bug appears to have been reported against 'rawhide' during the Fedora 24 development cycle. Changing version to '24'. More information and reason for this action is here: https://fedoraproject.org/wiki/Fedora_Program_Management/HouseKeeping/Fedora24#Rawhide_Rebase cloc-1.66-1.fc23 has been submitted as an update to Fedora 23. https://bodhi.fedoraproject.org/updates/FEDORA-2016-0526bc3356 cloc-1.66-1.fc22 has been submitted as an update to Fedora 22. https://bodhi.fedoraproject.org/updates/FEDORA-2016-eb9a871511 cloc-1.66-1.el7 has been submitted as an update to Fedora EPEL 7. https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2016-75ecd1ffab cloc-1.66-1.fc22 has been pushed to the Fedora 22 testing repository. If problems still persist, please make note of it in this bug report. See https://fedoraproject.org/wiki/QA:Updates_Testing for instructions on how to install test updates. You can provide feedback for this update here: https://bodhi.fedoraproject.org/updates/FEDORA-2016-eb9a871511 cloc-1.66-1.fc23 has been pushed to the Fedora 23 testing repository. If problems still persist, please make note of it in this bug report. See https://fedoraproject.org/wiki/QA:Updates_Testing for instructions on how to install test updates. You can provide feedback for this update here: https://bodhi.fedoraproject.org/updates/FEDORA-2016-0526bc3356 cloc-1.66-1.el7 has been pushed to the Fedora EPEL 7 testing repository. If problems still persist, please make note of it in this bug report. See https://fedoraproject.org/wiki/QA:Updates_Testing for instructions on how to install test updates. You can provide feedback for this update here: https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2016-75ecd1ffab cloc-1.66-1.fc22 has been pushed to the Fedora 22 stable repository. If problems still persist, please make note of it in this bug report. cloc-1.66-1.fc23 has been pushed to the Fedora 23 stable repository. If problems still persist, please make note of it in this bug report. cloc-1.66-1.el7 has been pushed to the Fedora EPEL 7 stable repository. If problems still persist, please make note of it in this bug report. |