Spec URL: http://sparks.fedorapeople.org/Packages/zikula-module-scribite/zikula-module-scribite.spec SRPM URL: http://sparks.fedorapeople.org/Packages/zikula-module-scribite/zikula-module-scribite-3.1-1.fc11.src.rpm Description: scribite! is a module for easy integration of WYSIWYG scripts Xinha, TinyMCE, FCKeditor, openWYSIWYG, NicEdit or YUI Rich Text Editor into textarea fields in order to make text editing a little bit nicer and more comfortable for users.
A couple easy ones that I found before the licensing audit: * Summary does not need to repeat the module name. Maybe something like:: Integration of several JavaScript text editors with Zikula * Includes JavaScript libraries. Until JavaScript Guidelines are approved, this is okay. Once they are we'll have to package the JavaScript libraries separately and then have this package link to them (perhaps with a literal symlink). Here's the big one: * Licensing violations :-( Most of the files are a mix of GPLv2+, LGPLv2+ (Might have some v2 only but I haven't checked yet), and BSD. This places the module as a whole under the GPLv2+ (or v2 if there's any v2 only code). So far this is fine. But we do have some GPL incompatible licensed code as well that we have to deal with, either by getting rid of it (some things aren't necessary) or rewriting or relicensing: (Note scribite/modules/scribite/pndocs/fckeditor_license.txt is licensed under MPLv1.1+ or GPLv2+ or LGPLv2+. This is fine) Creative Commons Licenses: No CC licenses are GPL compatible: This one could be a problem: * scribite/modules/scribite/pnjavascript/window.js: Some of the file is MIT-like. But about three-quarters of the way through the file we have: Licensed under the Creative Commons Attribution 2.5 License - http://creativecommons.org/licenses/by/2.5/ * scribite/javascript/scribite_editors/xinha/skins/inditreuse/README:This work is licensed under the Creative Commons Attribution-ShareAlike License. * scribite/javascript/scribite_editors/xinha/skins/titan/README:This work is licensed under the Creative Commons Attribution-ShareAlike License. * scribite/javascript/scribite_editors/xinha/plugins/CharacterMap/character-map.js: license : "Creative Commons Attribution-ShareAlike License" * scribite/javascript/scribite_editors/xinha/plugins/HtmlEntities/html-entities.js: license : "Creative Commons Attribution-ShareAlike License" * scribite/javascript/scribite_editors/xinha/plugins/ListType/list-type.js: license : "Creative Commons Attribution-ShareAlike License" PHP License: PHP License v3 is definitely GPL incompatible. I do not know if PHP License v2.02 is also. * scribite/javascript/scribite_editors/xinha/plugins/ImageManager/Classes/GD.php: This is licensed under the php-2.02 license. * scribite/javascript/scribite_editors/xinha/plugins/ImageManager/Classes/NetPBM.php: This is licensed under the php-2.02 license. * scribite/javascript/scribite_editors/xinha/plugins/ImageManager/Classes/IM.php: This is licensed under the php-2.02 license. scribite/javascript/scribite_editors/xinha/plugins/ImageManager/Classes/Transform.php MPL: Unless the MPL lists other licenses that the work can be released under (ie,dual licensed with GPL) this is incompatible with the GPL scribite/javascript/scribite_editors/tiny_mce/filemanager/connectors/php/Commands/helpers/header.cgi: MPLv1.1 scribite/javascript/scribite_editors/tiny_mce/filemanager/connectors/php/Commands/helpers/progress.cgi: MPLv1.1 scribite/javascript/scribite_editors/tiny_mce/filemanager/connectors/php/Commands/helpers/upload.cgi: MPLv1.1 itbegins thinks that with the exception of scribite/modules/scribite/pnjavascript/window.js, all of these files are optional and we could remove them when we package. window.js might be optional as well, but he's not sure.
I contacted upstream about these issues: http://groups.google.com/group/zikula-discussions/browse_thread/thread/7035a2a62e86e8d4#
Upstream reports they believe they have fixed the licensing issues and have a new download here: http://code.zikula.org/scribite/downloads/23
SRPM URL: http://sparks.fedorapeople.org/Packages/zikula-module-scribite/zikula-module-scribite-3.2-1.src.rpm SPEC URL: http://sparks.fedorapeople.org/Packages/zikula-module-scribite/zikula-module-scribite.spec I checked the locations where the non-GPL licenses were discovered last time and did not find those files in the current release. Other issues were addressed and rpmlint was used to verify no errors in the SPEC and SRPM files.
xinha still has CC licenses. just one example: ./javascript/scribite_editors/xinha/images/tango/COPYING:
Looks like the fedora-review flag should be set here.
(In reply to comment #3) @David Have you heard anything else about these licensing issues?
I have not
GOOD: * Named according to naming guidelines * specfile named appropriately * spec file is legible and in English * Package builds on i86 * Package build in koji * Not a dnamic library * Not relocatable * Package owns all directories it creates * Permissions set appropriately * Proper %clean section * macros used consistently NEEDSWORK: * Licensing -- see previous comments - The tango images are the only place I found CC licenses. Perhaps we can remove the tango skin? * License tag: We can't straighten this out until we figure out what to do about the incompatible licenses but we will want to list the different licenses that things fall under. So it might look something like this (Please verify/update/add once we figure out how we're going to resolve all the licensing problems): License: GPLv2+ and LGPLv2+ and BSD and (GPLv2+ or MPLv1.1+ or LGPL2+) and MIT - And a comment that explains what licenses relate to what files. + Yes, this is painful to audit and record :-( * Source comment needs to be updated in the spec file to reflect the current location. - http://code.zikula.org/scribite/downloads/19 references an older release - http://code.zikula.org/scribite/downloads/23 does not exist * rpmlint: zikula-module-scribite.noarch: W: wrong-file-end-of-line-encoding /usr/share/doc/zikula-module-scribite-3.2/Snoopy_gpl_license.txt zikula-module-scribite.noarch: W: wrong-file-end-of-line-encoding /usr/share/doc/zikula-module-scribite-3.2/changelog.txt zikula-module-scribite.noarch: W: wrong-file-end-of-line-encoding /usr/share/doc/zikula-module-scribite-3.2/tinymce_lgpl_license.txt zikula-module-scribite.noarch: W: wrong-file-end-of-line-encoding /usr/share/doc/zikula-module-scribite-3.2/openwysiwyg_license.txt zikula-module-scribite.noarch: W: wrong-file-end-of-line-encoding /usr/share/doc/zikula-module-scribite-3.2/fckeditor_license.txt 2 packages and 0 specfiles checked; 0 errors, 5 warnings. These can be fixed with dos2unix or sed: %{__sed} -i 's/\r//' pndocs/changelog.txt pndocs/Snoopy_gpl_license.txt pndocs/tinymce_lgpl_license.txt pndocs/openwysiwyg_license.txt pndocs/fckeditor_license.txt TO RESOLVE IN THE FUTURE: * There are language files in this package but they aren't standard gettext po files. They are javascript. We probably want to mark these as belonging to the relevant language but we don't have any tools to help with this at the moment
Spec URL: http://sparks.fedorapeople.org/Packages/zikula-module-scribite/zikula-module-scribite.spec SRPM URL: http://sparks.fedorapeople.org/Packages/zikula-module-scribite/zikula-module-scribite-3.1-1.fc11.src.rpm
(In reply to comment #9) > NEEDSWORK: > * Licensing -- see previous comments > - The tango images are the only place I found CC licenses. Perhaps we can > remove the tango skin? > * License tag: We can't straighten this out until we figure out what to do > about the incompatible licenses but we will want to list the different > licenses that things fall under. So it might look something like this > (Please verify/update/add once we figure out how we're going to resolve all > the licensing problems): > License: GPLv2+ and LGPLv2+ and BSD and (GPLv2+ or MPLv1.1+ or LGPL2+) and > MIT I see GPLv2+ and LGPLv2+ listed. I've annotated GPL+ in the SPEC. The one instance I can find of MIT says that the particular code can be licensed under GPL, something else, or MIT so it isn't specifically licensed under MIT. > - And a comment that explains what licenses relate to what files. > + Yes, this is painful to audit and record :-( It would appear that the different license documents explain what they are covering by their title. > * Source comment needs to be updated in the spec file to reflect the current > location. > - http://code.zikula.org/scribite/downloads/19 references an older release > - http://code.zikula.org/scribite/downloads/23 does not exist This has been fixed by utilizing http://fedoraproject.org/wiki/Packaging/SourceURL#Using_Revision_Control. > * rpmlint: > zikula-module-scribite.noarch: W: wrong-file-end-of-line-encoding > /usr/share/doc/zikula-module-scribite-3.2/Snoopy_gpl_license.txt > zikula-module-scribite.noarch: W: wrong-file-end-of-line-encoding > /usr/share/doc/zikula-module-scribite-3.2/changelog.txt > zikula-module-scribite.noarch: W: wrong-file-end-of-line-encoding > /usr/share/doc/zikula-module-scribite-3.2/tinymce_lgpl_license.txt > zikula-module-scribite.noarch: W: wrong-file-end-of-line-encoding > /usr/share/doc/zikula-module-scribite-3.2/openwysiwyg_license.txt > zikula-module-scribite.noarch: W: wrong-file-end-of-line-encoding > /usr/share/doc/zikula-module-scribite-3.2/fckeditor_license.txt > 2 packages and 0 specfiles checked; 0 errors, 5 warnings. > > These can be fixed with dos2unix or sed: > > %{__sed} -i 's/\r//' pndocs/changelog.txt pndocs/Snoopy_gpl_license.txt > pndocs/tinymce_lgpl_license.txt pndocs/openwysiwyg_license.txt > pndocs/fckeditor_license.txt Fixed. RPMLINT all clean, now.
Spec URL: http://sparks.fedorapeople.org/Packages/zikula-module-scribite/zikula-module-scribite.spec SRPM URL: http://sparks.fedorapeople.org/Packages/zikula-module-scribite/zikula-module-scribite-3.2-3.fc11.src.rpm
Okay, everything's good except for the licensing: * spec should have GPLv2+. Looks like everything can be used under GPLv2+ and two of the editors specify the version as 2 or later. * The three directories I found that have CC licensed code and need to be stripped are:: javascript/scribite_editors/xinha/skins/inditreuse javascript/scribite_editors/xinha/skins/titan javascript/scribite_editors/xinha/iconsets/Tango Once we resolve those this can be approved.
Spec URL: http://sparks.fedorapeople.org/Packages/zikula-module-scribite/zikula-module-scribite.spec SRPM URL: http://sparks.fedorapeople.org/Packages/zikula-module-scribite/zikula-module-scribite-3.2-2.fc11.src.rpm Removed the CC licensed code in the SPEC file.
Licensing issues are taken care of in this new upstream zipfile. It looks like the license tag in the spec file should be GPLv2+ rather than GPLv2. You can fix that when you import. APPROVED
New Package CVS Request ======================= Package Name: zikula-module-scribite Short Description: Integration of several JavaScript text editors with Zikula Owners: sparks ke4qqq Branches: F-10 F-11 EL-5 InitialCC:
CVS done.
zikula-module-scribite-3.2-3.fc11 has been submitted as an update for Fedora 11. http://admin.fedoraproject.org/updates/zikula-module-scribite-3.2-3.fc11
zikula-module-scribite-3.2-3.fc10 has been submitted as an update for Fedora 10. http://admin.fedoraproject.org/updates/zikula-module-scribite-3.2-3.fc10
zikula-module-scribite-3.2-3.el5 has been submitted as an update for Fedora EPEL 5. http://admin.fedoraproject.org/updates/zikula-module-scribite-3.2-3.el5
zikula-module-scribite-3.2-3.el5 has been pushed to the Fedora EPEL 5 testing repository. If problems still persist, please make note of it in this bug report. If you want to test the update, you can install it with su -c 'yum --enablerepo=updates-testing update zikula-module-scribite'. You can provide feedback for this update here: http://admin.fedoraproject.org/updates/EL-5/FEDORA-EPEL-2009-0122
zikula-module-scribite-3.2-3.fc11 has been pushed to the Fedora 11 stable repository. If problems still persist, please make note of it in this bug report.
zikula-module-scribite-3.2-3.fc10 has been pushed to the Fedora 10 stable repository. If problems still persist, please make note of it in this bug report.
zikula-module-scribite-3.2-3.el5 has been pushed to the Fedora EPEL 5 stable repository. If problems still persist, please make note of it in this bug report.