Bug 2222107 - gcc: Update spec License entry to use SPDX identifiers
Summary: gcc: Update spec License entry to use SPDX identifiers
Keywords:
Status: CLOSED RAWHIDE
Alias: None
Product: Fedora
Classification: Fedora
Component: gcc
Version: 39
Hardware: Unspecified
OS: Linux
unspecified
medium
Target Milestone: ---
Assignee: Jakub Jelinek
QA Contact: Fedora Extras Quality Assurance
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2023-07-11 20:32 UTC by Marek Polacek
Modified: 2024-03-08 12:15 UTC (History)
10 users (show)

Fixed In Version:
Clone Of:
Environment:
Last Closed: 2024-03-08 12:15:38 UTC
Type: ---
Embargoed:

Attachments (Terms of Use)

Description Marek Polacek 2023-07-11 20:32:14 UTC 
Update spec License entry to use SPDX identifiers.

Reproducible: Always
Comment 1 Marek Polacek 2023-07-11 20:35:22 UTC 
Patch (using the example in https://fedoraproject.org/wiki/Changes/SPDX_Licenses_Phase_1):

--- a/gcc.spec
+++ b/gcc.spec
@@ -136,10 +136,10 @@
 Summary: Various compilers (C, C++, Objective-C, ...)
 Name: gcc
 Version: %{gcc_version}
-Release: %{gcc_release}%{?dist}
+Release: %{gcc_release}.1%{?dist}
 # libgcc, libgfortran, libgomp, libstdc++ and crtstuff have
 # GCC Runtime Exception.
-License: GPLv3+ and GPLv3+ with exceptions and GPLv2+ with exceptions and LGPLv2+ and BSD
+License: GPL-3.0-or-later AND (GPL-3.0-or-later WITH Classpath-exception-2.0) AND (GPL-2.0-or-later WITH Classpath-exception-2.0) AND LGPL-2.1-or-later AND BSD-3-Clause AND BSD-2-Clause
 # The source for this package was pulled from upstream's vcs.
 # %%{gitrev} is some commit from the
 # https://gcc.gnu.org/git/?p=gcc.git;h=refs/vendors/redhat/heads/gcc-%%{gcc_major}-branch
@@ -3453,6 +3453,9 @@ end
 %endif
 
 %changelog
+* Tue Jul 11 2023 Marek Polacek <polacek> 13.1.1-4.1
+- update License for SPDX migration
+
 * Wed Jun 14 2023 Jakub Jelinek <jakub> 13.1.1-4
 - update from releases/gcc-13 branch
   - PRs bootstrap/110085, c++/109871, fortran/100607, libgcc/109670,
Comment 2 Jonathan Wakely 2023-07-11 20:39:13 UTC 
The example is completely wrong though. I pointed that out to Miroslav and got no reply.

The Classpath exception is not used in any current GCC releases. The libstdc++ sources are covered by (GPL-3.0-or-later WITH GCC-exception-2.0) which isn't mentioned in that example.

Libstdc++ also has code from LLVM which is covered by (Apache-3.0 WITH LLVM-exception)

I would ignore the example completely and just start from scratch.
Comment 3 Jonathan Wakely 2023-07-11 20:39:58 UTC 
(In reply to Jonathan Wakely from comment #2)
> Libstdc++ also has code from LLVM which is covered by (Apache-3.0 WITH

Sorry, fat fingered that: Apache-2.0 WITH ...

> LLVM-exception)
Comment 4 Jonathan Wakely 2023-07-11 20:41:32 UTC 
(In reply to Jonathan Wakely from comment #2)
> libstdc++ sources are covered by (GPL-3.0-or-later WITH GCC-exception-2.0)

Oh and that should be WITH GCC-exception-3.1 not -2.0
Comment 9 Jonathan Wakely 2023-07-14 10:46:50 UTC 
ChangeLog files use https://spdx.org/licenses/FSFAP.html but I don't think we package them.

configure scripts use https://spdx.org/licenses/FSFUL.html
libstdc++-v3/aclocal.m4 uses https://spdx.org/licenses/FSFULLR.html
But those are only used during the build, not packaged.

libstdc++-v3/src/libbacktrace uses https://spdx.org/licenses/BSD-3-Clause.html

shared_ptr uses https://spdx.org/licenses/BSL-1.0.html

Various parts of libstdc++ use (Apache-2.0 WITH LLVM-exception)

libstdc++-v3/src/c++17/fast_float uses https://spdx.org/licenses/MIT.html
libstdc++-v3/src/c++17/ryu uses (Apache-2.0 OR BSL-1.0)

I think that's all the licenses used by libstdc++.

So just for libstdc++ it's:

(GPL-3.0-or-later WITH GCC-exception-3.1) AND BSD-3-Clause AND BSL-1.0 AND (Apache-2.0 WITH LLVM-exception) AND MIT AND (Apache-2.0 OR BSL-1.0)
Comment 10 Jakub Jelinek 2023-07-14 10:59:09 UTC 
(In reply to Jonathan Wakely from comment #9)
> ChangeLog files use https://spdx.org/licenses/FSFAP.html but I don't think
> we package them.

We actually do (xz compressed in /usr/share/doc/), at least for some of them.

> configure scripts use https://spdx.org/licenses/FSFUL.html
> libstdc++-v3/aclocal.m4 uses https://spdx.org/licenses/FSFULLR.html
> But those are only used during the build, not packaged.

So these don't count?

> libstdc++-v3/src/libbacktrace uses
> https://spdx.org/licenses/BSD-3-Clause.html
> 
> shared_ptr uses https://spdx.org/licenses/BSL-1.0.html
> 
> Various parts of libstdc++ use (Apache-2.0 WITH LLVM-exception)
> 
> libstdc++-v3/src/c++17/fast_float uses https://spdx.org/licenses/MIT.html
> libstdc++-v3/src/c++17/ryu uses (Apache-2.0 OR BSL-1.0)
> 
> I think that's all the licenses used by libstdc++.
> 
> So just for libstdc++ it's:
> 
> (GPL-3.0-or-later WITH GCC-exception-3.1) AND BSD-3-Clause AND BSL-1.0 AND
> (Apache-2.0 WITH LLVM-exception) AND MIT AND (Apache-2.0 OR BSL-1.0)

Thanks.
Shall the license be per binary subpackage or per the whole source package?
And, if one library (or binary) uses SPDX license expression ... and another one a different one,
shall in that case that be ... AND ... or ... OR ...?
Comment 11 Jonathan Wakely 2023-07-17 16:47:52 UTC 
(In reply to Jakub Jelinek from comment #10)
> (In reply to Jonathan Wakely from comment #9)
> > ChangeLog files use https://spdx.org/licenses/FSFAP.html but I don't think
> > we package them.
> 
> We actually do (xz compressed in /usr/share/doc/), at least for some of them.
> 
> > configure scripts use https://spdx.org/licenses/FSFUL.html
> > libstdc++-v3/aclocal.m4 uses https://spdx.org/licenses/FSFULLR.html
> > But those are only used during the build, not packaged.
> 
> So these don't count?

Right.

> 
> > libstdc++-v3/src/libbacktrace uses
> > https://spdx.org/licenses/BSD-3-Clause.html
> > 
> > shared_ptr uses https://spdx.org/licenses/BSL-1.0.html
> > 
> > Various parts of libstdc++ use (Apache-2.0 WITH LLVM-exception)
> > 
> > libstdc++-v3/src/c++17/fast_float uses https://spdx.org/licenses/MIT.html
> > libstdc++-v3/src/c++17/ryu uses (Apache-2.0 OR BSL-1.0)
> > 
> > I think that's all the licenses used by libstdc++.
> > 
> > So just for libstdc++ it's:
> > 
> > (GPL-3.0-or-later WITH GCC-exception-3.1) AND BSD-3-Clause AND BSL-1.0 AND
> > (Apache-2.0 WITH LLVM-exception) AND MIT AND (Apache-2.0 OR BSL-1.0)
> 
> Thanks.
> Shall the license be per binary subpackage or per the whole source package?

I'm not sure.

> And, if one library (or binary) uses SPDX license expression ... and another
> one a different one,
> shall in that case that be ... AND ... or ... OR ...?

AND, I think.

btw there's also GFDL for the libstdc++ docs, but I'm not sure which version. spine.xml says GFDL 1.2 or later:

    <para>
      Permission is granted to copy, distribute and/or modify this
      document under the terms of the GNU Free Documentation
      License, Version 1.2 or any later version published by the
      Free Software Foundation; with no Invariant Sections, with no
      Front-Cover Texts, and with no Back-Cover Texts.
    </para>

but intro.xml says GFDL 1.3:

    <para>
      The documentation shipped with the library and made available over
      the web, excluding the pages generated from source comments, are
      copyrighted by the Free Software Foundation, and placed under the
      <link linkend="appendix.gfdl-1.3"> GNU Free Documentation
      License version 1.3</link>.  There are no Front-Cover Texts, no
      Back-Cover Texts, and no Invariant Sections.
    </para>
Comment 12 Fedora Release Engineering 2023-08-16 08:12:31 UTC 
This bug appears to have been reported against 'rawhide' during the Fedora Linux 39 development cycle.
Changing version to 39.
Comment 13 Siddhesh Poyarekar 2024-03-08 12:15:38 UTC 
All existing SPDX identifiers have been added. The new SPDX identifiers (requested on fedora-license-data) are all newlib related and were not in the original license string anyway, so I'm not going to block this bug on it. I'll make a shallow clone to track them.
Note You need to log in before you can comment on or make changes to this bug.