[Fedora-legal-list] Fwd: SPDX Statistics - 108 packages remaining

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

-------- Přeposlaná zpráva --------
Předmět: SPDX Statistics - 108 packages remaining
Datum: Wed, 4 Jun 2025 12:01:54 +0200
Od: Miroslav Suchý <msuchy@xxxxxxxxxx>
Společnost: Red Hat Czech, s.r.o.
Komu: Development discussions related to Fedora <devel@xxxxxxxxxxxxxxxxxxxxxxx>


Hot news:

- in fedora-license-data - Richard and I are working together on old and painful issues. The number of open issues is now less than 50. This has been done while new requests are still coming.

- several maintainers overwrote already migrated license tag or used incorrect license ID. I can detect this easily and I communicate with each of them individually to find the solution.

- while the numbers seems to be the same like month ago (108 packages remaining) it was about +20 and -20.

- Packages with invalid licenses are either resolved or are close to be resolved.


Five weeks ago we had:

* 24479 spec files in Fedora

* 31088 license tags in all spec files

* 108 tags are not SPDX compliant (number from line bellow minus packages with LicenseRef-Callaway-*)

* 2143 tags have not been converted to SPDX yet

* 11 tags can be trivially converted using `license-fedora2spdx`

* Progress: 99.63% ░░░░░ 100%

ELN subset:

58 out of 2322 packages are not converted yet (progress 97.65%)


Today we have:

* 24552 spec files in Fedora

* 31159 license tags in all spec files

* 108 tags are not SPDX compliant (number from line bellow minus packages with LicenseRef-Callaway-*)

* 2093 tags have not been converted to SPDX yet

* 8 tags can be trivially converted using `license-fedora2spdx`

* Progress: 99.65% ░░░░░ 100%

ELN subset:

55 out of 2291 packages are not converted yet (progress 97.65%)

Graph of these data with the burndown chart:

   https://docs.google.com/spreadsheets/d/1QVMEzXWML-6_Mrlln02axFAaRKCQ8zE807rpCjus-8s/edit?usp=sharing

The list of packages needed to be converted is here:

    https://pagure.io/copr/license-validate/blob/main/f/packages-without-spdx-final.txt

List by package maintainers is here

   https://pagure.io/copr/license-validate/blob/main/f/packages-without-spdx-final-maintainers.txt

Packages that are neither in SPDX nor in Callaway format (highest priority for now) - 30 packages:

https://pagure.io/copr/license-validate/blob/main/f/neither-nor-remaining-packagers.txt

Most of such packages has open issue in fedora-license-data. A lot of them are waiting for SPDX to approved the license and assign ID.


I released new version of fedora-license-data with 10 new license and several public domain or ultra permissive findings.

8 licenses are waiting to be reviewed by SPDX.org (and then to be added to fedora-license-data) https://gitlab.com/fedora/legal/fedora-license-data/-/issues/?label_name%5B%5D=SPDX%3A%3Ablocked


If your package does not have neither git-log entry nor spec-changelog entry mentioning SPDX and you know your license tag matches SPDX formula, you can put your package on ignore list

  https://pagure.io/copr/license-validate/blob/main/f/ignore-packages.txt

Either pull-request or direct email to me is fine.

Miroslav



-- 
_______________________________________________
legal mailing list -- legal@xxxxxxxxxxxxxxxxxxxxxxx
To unsubscribe send an email to legal-leave@xxxxxxxxxxxxxxxxxxxxxxx
Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: https://lists.fedoraproject.org/archives/list/legal@xxxxxxxxxxxxxxxxxxxxxxx
Do not reply to spam, report it: https://pagure.io/fedora-infrastructure/new_issue
[Index of Archives]     [Fedora Users]     [Fedora Desktop]     [Fedora SELinux]     [Big List of Linux Books]     [Yosemite News]     [Gnome Users]     [KDE Users]

  Powered by Linux