Bug 2222107 - gcc: Update spec License entry to use SPDX identifiers
Summary: gcc: Update spec License entry to use SPDX identifiers
Keywords:
Status: NEW
Alias: None
Product: Fedora
Classification: Fedora
Component: gcc
Version: 39
Hardware: Unspecified
OS: Linux
unspecified
medium
Target Milestone: ---
Assignee: Jakub Jelinek
QA Contact: Fedora Extras Quality Assurance
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2023-07-11 20:32 UTC by Marek Polacek
Modified: 2023-08-16 08:12 UTC (History)
10 users (show)

Fixed In Version:
Doc Type: If docs needed, set a value
Doc Text:
Clone Of:
Environment:
Last Closed:
Type: ---
Embargoed:


Attachments (Terms of Use)

Description Marek Polacek 2023-07-11 20:32:14 UTC
Update spec License entry to use SPDX identifiers.

Reproducible: Always

Comment 1 Marek Polacek 2023-07-11 20:35:22 UTC
Patch (using the example in https://fedoraproject.org/wiki/Changes/SPDX_Licenses_Phase_1):

--- a/gcc.spec
+++ b/gcc.spec
@@ -136,10 +136,10 @@
 Summary: Various compilers (C, C++, Objective-C, ...)
 Name: gcc
 Version: %{gcc_version}
-Release: %{gcc_release}%{?dist}
+Release: %{gcc_release}.1%{?dist}
 # libgcc, libgfortran, libgomp, libstdc++ and crtstuff have
 # GCC Runtime Exception.
-License: GPLv3+ and GPLv3+ with exceptions and GPLv2+ with exceptions and LGPLv2+ and BSD
+License: GPL-3.0-or-later AND (GPL-3.0-or-later WITH Classpath-exception-2.0) AND (GPL-2.0-or-later WITH Classpath-exception-2.0) AND LGPL-2.1-or-later AND BSD-3-Clause AND BSD-2-Clause
 # The source for this package was pulled from upstream's vcs.
 # %%{gitrev} is some commit from the
 # https://gcc.gnu.org/git/?p=gcc.git;h=refs/vendors/redhat/heads/gcc-%%{gcc_major}-branch
@@ -3453,6 +3453,9 @@ end
 %endif
 
 %changelog
+* Tue Jul 11 2023 Marek Polacek <polacek> 13.1.1-4.1
+- update License for SPDX migration
+
 * Wed Jun 14 2023 Jakub Jelinek <jakub> 13.1.1-4
 - update from releases/gcc-13 branch
   - PRs bootstrap/110085, c++/109871, fortran/100607, libgcc/109670,

Comment 2 Jonathan Wakely 2023-07-11 20:39:13 UTC
The example is completely wrong though. I pointed that out to Miroslav and got no reply.

The Classpath exception is not used in any current GCC releases. The libstdc++ sources are covered by (GPL-3.0-or-later WITH GCC-exception-2.0) which isn't mentioned in that example.

Libstdc++ also has code from LLVM which is covered by (Apache-3.0 WITH LLVM-exception)

I would ignore the example completely and just start from scratch.

Comment 3 Jonathan Wakely 2023-07-11 20:39:58 UTC
(In reply to Jonathan Wakely from comment #2)
> Libstdc++ also has code from LLVM which is covered by (Apache-3.0 WITH

Sorry, fat fingered that: Apache-2.0 WITH ...

> LLVM-exception)

Comment 4 Jonathan Wakely 2023-07-11 20:41:32 UTC
(In reply to Jonathan Wakely from comment #2)
> libstdc++ sources are covered by (GPL-3.0-or-later WITH GCC-exception-2.0)

Oh and that should be WITH GCC-exception-3.1 not -2.0

Comment 9 Jonathan Wakely 2023-07-14 10:46:50 UTC
ChangeLog files use https://spdx.org/licenses/FSFAP.html but I don't think we package them.

configure scripts use https://spdx.org/licenses/FSFUL.html
libstdc++-v3/aclocal.m4 uses https://spdx.org/licenses/FSFULLR.html
But those are only used during the build, not packaged.

libstdc++-v3/src/libbacktrace uses https://spdx.org/licenses/BSD-3-Clause.html

shared_ptr uses https://spdx.org/licenses/BSL-1.0.html

Various parts of libstdc++ use (Apache-2.0 WITH LLVM-exception)

libstdc++-v3/src/c++17/fast_float uses https://spdx.org/licenses/MIT.html
libstdc++-v3/src/c++17/ryu uses (Apache-2.0 OR BSL-1.0)

I think that's all the licenses used by libstdc++.

So just for libstdc++ it's:

(GPL-3.0-or-later WITH GCC-exception-3.1) AND BSD-3-Clause AND BSL-1.0 AND (Apache-2.0 WITH LLVM-exception) AND MIT AND (Apache-2.0 OR BSL-1.0)

Comment 10 Jakub Jelinek 2023-07-14 10:59:09 UTC
(In reply to Jonathan Wakely from comment #9)
> ChangeLog files use https://spdx.org/licenses/FSFAP.html but I don't think
> we package them.

We actually do (xz compressed in /usr/share/doc/), at least for some of them.

> configure scripts use https://spdx.org/licenses/FSFUL.html
> libstdc++-v3/aclocal.m4 uses https://spdx.org/licenses/FSFULLR.html
> But those are only used during the build, not packaged.

So these don't count?

> libstdc++-v3/src/libbacktrace uses
> https://spdx.org/licenses/BSD-3-Clause.html
> 
> shared_ptr uses https://spdx.org/licenses/BSL-1.0.html
> 
> Various parts of libstdc++ use (Apache-2.0 WITH LLVM-exception)
> 
> libstdc++-v3/src/c++17/fast_float uses https://spdx.org/licenses/MIT.html
> libstdc++-v3/src/c++17/ryu uses (Apache-2.0 OR BSL-1.0)
> 
> I think that's all the licenses used by libstdc++.
> 
> So just for libstdc++ it's:
> 
> (GPL-3.0-or-later WITH GCC-exception-3.1) AND BSD-3-Clause AND BSL-1.0 AND
> (Apache-2.0 WITH LLVM-exception) AND MIT AND (Apache-2.0 OR BSL-1.0)

Thanks.
Shall the license be per binary subpackage or per the whole source package?
And, if one library (or binary) uses SPDX license expression ... and another one a different one,
shall in that case that be ... AND ... or ... OR ...?

Comment 11 Jonathan Wakely 2023-07-17 16:47:52 UTC
(In reply to Jakub Jelinek from comment #10)
> (In reply to Jonathan Wakely from comment #9)
> > ChangeLog files use https://spdx.org/licenses/FSFAP.html but I don't think
> > we package them.
> 
> We actually do (xz compressed in /usr/share/doc/), at least for some of them.
> 
> > configure scripts use https://spdx.org/licenses/FSFUL.html
> > libstdc++-v3/aclocal.m4 uses https://spdx.org/licenses/FSFULLR.html
> > But those are only used during the build, not packaged.
> 
> So these don't count?

Right.

> 
> > libstdc++-v3/src/libbacktrace uses
> > https://spdx.org/licenses/BSD-3-Clause.html
> > 
> > shared_ptr uses https://spdx.org/licenses/BSL-1.0.html
> > 
> > Various parts of libstdc++ use (Apache-2.0 WITH LLVM-exception)
> > 
> > libstdc++-v3/src/c++17/fast_float uses https://spdx.org/licenses/MIT.html
> > libstdc++-v3/src/c++17/ryu uses (Apache-2.0 OR BSL-1.0)
> > 
> > I think that's all the licenses used by libstdc++.
> > 
> > So just for libstdc++ it's:
> > 
> > (GPL-3.0-or-later WITH GCC-exception-3.1) AND BSD-3-Clause AND BSL-1.0 AND
> > (Apache-2.0 WITH LLVM-exception) AND MIT AND (Apache-2.0 OR BSL-1.0)
> 
> Thanks.
> Shall the license be per binary subpackage or per the whole source package?

I'm not sure.

> And, if one library (or binary) uses SPDX license expression ... and another
> one a different one,
> shall in that case that be ... AND ... or ... OR ...?

AND, I think.

btw there's also GFDL for the libstdc++ docs, but I'm not sure which version. spine.xml says GFDL 1.2 or later:

    <para>
      Permission is granted to copy, distribute and/or modify this
      document under the terms of the GNU Free Documentation
      License, Version 1.2 or any later version published by the
      Free Software Foundation; with no Invariant Sections, with no
      Front-Cover Texts, and with no Back-Cover Texts.
    </para>

but intro.xml says GFDL 1.3:

    <para>
      The documentation shipped with the library and made available over
      the web, excluding the pages generated from source comments, are
      copyrighted by the Free Software Foundation, and placed under the
      <link linkend="appendix.gfdl-1.3"> GNU Free Documentation
      License version 1.3</link>.  There are no Front-Cover Texts, no
      Back-Cover Texts, and no Invariant Sections.
    </para>

Comment 12 Fedora Release Engineering 2023-08-16 08:12:31 UTC
This bug appears to have been reported against 'rawhide' during the Fedora Linux 39 development cycle.
Changing version to 39.


Note You need to log in before you can comment on or make changes to this bug.