Bug 2175241 - False-positive warning about SPDX license
Summary: False-positive warning about SPDX license
Keywords:
Status: CLOSED ERRATA
Alias: None
Product: Fedora
Classification: Fedora
Component: rpmlint
Version: rawhide
Hardware: Unspecified
OS: Unspecified
unspecified
unspecified
Target Milestone: ---
Assignee: Todd Zullinger
QA Contact: Fedora Extras Quality Assurance
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2023-03-03 16:20 UTC by Jan Grulich
Modified: 2023-05-25 22:46 UTC (History)
5 users (show)

Fixed In Version: rpmlint-2.4.0-8.fc39
Doc Type: If docs needed, set a value
Doc Text:
Clone Of:
Environment:
Last Closed: 2023-05-25 22:46:25 UTC
Type: Bug
Embargoed:


Attachments (Terms of Use)

Description Jan Grulich 2023-03-03 16:20:05 UTC
I use following license in a package:
> (GPL-2.0-only OR LGPL-3.0-only OR GPL-3.0-only WITH Qt-GPL-exception-1.0) AND BSD-3-Clause

This is correct according to documentation and also correct according to license-validate, but rpmlint reports following warning:
> W: invalid-license-exception Qt-GPL-exception-1.0)

Version-Release number of selected component (if applicable):
rpmlint-2.4.0-4.fc38.noarch

Comment 1 Todd Zullinger 2023-03-03 18:13:29 UTC
Thanks for the report.  I filed https://github.com/rpm-software-management/rpmlint/pull/1014 to fix this.  Once that's reviewed, we can decide whether to apply to Fedora or wait for the next upstream release.

Comment 2 Mattias Ellert 2023-03-19 19:19:52 UTC
The upstream PR only fixes the case when the exception is last.
If the exception is first, as in e.g.:

License: (Apache-2.0 WITH LLVM-exception OR NCSA) AND BSD-3-Clause

will still reult in

W: invalid-license (Apache-2.0

Comment 3 Todd Zullinger 2023-03-20 01:55:04 UTC
Thanks for reporting that.  I don't know why I thought the beginning of the license_exception_regex didn't need changed as well.  It needs the same sort of adjustement.  On top of the patch I sent, it should need:

-license_exception_regex = re.compile(r'(\S+)\s(?:WITH|with)\s([^)]+)')
+license_exception_regex = re.compile(r'([^(]+)\s(?:WITH|with)\s([^)]+)')

I just need to work out some issues with the test suite and I'll submit this upstream.

Comment 4 Todd Zullinger 2023-03-20 03:46:08 UTC
FWIW, I filed https://github.com/rpm-software-management/rpmlint/pull/1028 for this.  Hopefully I haven't overlooked too much this time.  I'm reasonably sure that the start and end are the only places a parenthesis can come into play, at least. ;)

Comment 5 Todd Zullinger 2023-03-20 21:06:07 UTC
I have scratch builds for rawhide and f38, if anyone can test and confirm that they fix the various cases:

https://koji.fedoraproject.org/koji/taskinfo?taskID=98933942 (rawhide)
https://koji.fedoraproject.org/koji/taskinfo?taskID=98946327 (f38)

Thanks!

Comment 6 Fedora Update System 2023-05-25 22:45:28 UTC
FEDORA-2023-d32d1441dc has been submitted as an update to Fedora 39. https://bodhi.fedoraproject.org/updates/FEDORA-2023-d32d1441dc

Comment 7 Fedora Update System 2023-05-25 22:46:25 UTC
FEDORA-2023-d32d1441dc has been pushed to the Fedora 39 stable repository.
If problem still persists, please make note of it in this bug report.


Note You need to log in before you can comment on or make changes to this bug.