[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [gNewSense-users] Freedom verification (checking packages)

From: Daniel Taylor
Subject: Re: [gNewSense-users] Freedom verification (checking packages)
Date: Mon, 27 Nov 2006 19:47:52 +0000
User-agent: Thunderbird (X11/20061115)

Paul O'Malley wrote:

Perhaps you should take a break from it - and dissect the data you now
have. Then look at designing a method for tackling the packages.
Most of this is down to pattern matching, with some output.
If you write the rules "very exactly" about how you want to find things
maybe someone might feel like scripting it. But it would help you work
out what is in stuff.

Note that BSD has more than one licence, and as I understand it the
later one is considered a free licence, and not conflicting with the
GPL. (As usual I am open to correction.)

It might be of use to team up in the channel and then form a sub channel
 with our blessing to discuss this to firm up a proposal that might work
as an algorithm.

(Just another idea.)



I think this is a good idea, when I was doing the 20 or so that I've done I used a mixture of searching on, which tells you what licence a package is using and then looking at the copyright file[1] which generally tells you the true story, unfortunately no one seems to have some up with a standard way to display this data in the copyright file, so it could be tricky.

This issue becomes more complicated when you look at the apt copyright file[2] which talk about a licence it *used* to be licensed under ("Qt Free Edition License"), so simply searching for keywords in these files might provide false positives/negatives.

I certainly think the process needs to be more automated, most of the work I had to do was finding the package, since it seems the change logs site[1] is well laid out we could probably do something like dropping all the packages names into a SQL table and have a script print out a form on demand saying "Check package 'apt' version '' ... click here for copyright file .... click here for page..." and allow who ever wants to get involved to 'tag' a package with a licence.

Sound good?

- Daniel

[1] which can be found at for every pacakge.

reply via email to

[Prev in Thread] Current Thread [Next in Thread]