[yocto] Automated license incompatibility checks
Clemens Lang
clemens.lang at bmw-carit.de
Wed Jan 28 05:39:36 PST 2015
Hi Paul,
On Wed, Jan 28, 2015 at 10:25:29AM +0000, Paul Eggleton wrote:
> This sounds like something we should be handling in our
> INCOMPATIBLE_LICENSE check code, although it's not clear that we
> currently handle where alternatives to an incompatible license are
> available for a recipe/package, so that looks like it would be new
> functionality. You haven't mentioned INCOMPATIBLE_LICENSE - does your
> solution build on that, or replace it?
Some of this duplicates what INCOMPATIBLE_LICENSE does, so it should
probably replace or use it. However, INCOMPATIBLE_LICENSE is a
blacklist, and I'm using a whitelist approach, because in our use case
we really only want to distribute under licenses we have explicitly
reviewed.
I'd like to solve the problem of shipping an image that contains, for
example, GPL-2 code that links against BSD-4-Clause code, which are
incompatible licenses[1]. Despite its name, the INCOMPATIBLE_LICENSE
code does not check for this situation. It is merely a blacklist for
licenses that should not be packaged at all, regardless of their
dependency context.
Our use case includes configuring the license whitelist separately for
each image we build, because we have different requirements for
development and production images (but that has been possible with
INCOMPATIBLE_LICENSE before).
Does that shed some light on what I'm trying to achieve?
Cheers,
Clemens
[1] https://www.gnu.org/licenses/license-list.html#OriginalBSD
--
Clemens Lang • Development Specialist
BMW Car IT GmbH • Lise-Meitner-Str. 14 • 89081 Ulm • http://bmw-carit.com
-------------------------------------------------------------------------
BMW Car IT GmbH
Geschäftsführer: Michael Würtenberger und Reinhard Stolle
Sitz und Registergericht: München HRB 134810
-------------------------------------------------------------------------
More information about the yocto
mailing list