Bug 879615 - maven-jflex-plugin: GPL code linked with GPL-incompatible libraries
maven-jflex-plugin: GPL code linked with GPL-incompatible libraries
Product: Fedora
Classification: Fedora
Component: maven-jflex-plugin (Show other bugs)
Unspecified Unspecified
unspecified Severity unspecified
: ---
: ---
Assigned To: Mikolaj Izdebski
Fedora Extras Quality Assurance
Depends On:
Blocks: 879620
  Show dependency treegraph
Reported: 2012-11-23 07:49 EST by Mikolaj Izdebski
Modified: 2013-01-09 16:37 EST (History)
4 users (show)

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
: 879620 (view as bug list)
Last Closed: 2013-01-09 16:37:33 EST
Type: Bug
Regression: ---
Mount Type: ---
Documentation: ---
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---

Attachments (Terms of Use)

  None (edit)
Description Mikolaj Izdebski 2012-11-23 07:49:28 EST
Description of problem:
maven-jflex-plugin is licensed under GPL (any version), but it links with GPL-incompatible code (at least classworlds, which is licensed under Plexus license [1], but it also likely that it is liked with CPL-licensed code of junit and some ASL 1.1 code somewhere).

Possible solutions:
1) rewrite the plugin from scratch (only ~400 lines of code)
2) remove the package from Fedora and port other packages not to depend on it
3) obtain GPL classpath exception from copyright holders (maven-jflex-plugin links to a GPL library - jflex, so the exception for this library would be needed too)

Version-Release number of selected component (if applicable):

[1] https://fedoraproject.org/wiki/Licensing/Plexus_Classworlds_License
Comment 1 Tom "spot" Callaway 2012-11-27 10:28:36 EST
I think this is something that needs to be raised with upstream.
Comment 2 Fedora Admin XMLRPC Client 2013-01-09 05:10:32 EST
This package has changed ownership in the Fedora Package Database.  Reassigning to the new owner of this component.
Comment 3 Mikolaj Izdebski 2013-01-09 16:37:33 EST
Package not needed any longer (dependency removed from qdox package).
Release engineering has been notified to block this package:

Note You need to log in before you can comment on or make changes to this bug.