#1206 Allowed licenses in Copr
Closed None Opened 6 years ago by msuchy.

We had recently discussion on fedora-legal about allowed content in Copr:

https://lists.fedoraproject.org/pipermail/legal/2013-November/002279.html

We mostly come to some conclusion, but one item.

One choice is to allow only licenses specified in:

https://fedoraproject.org/wiki/Licensing:Main?rd=Licensing#Good_Licenses

Other option is to create new list "Good Licenses for Copr", which would be "Good Licenses" + some licenses from "Bad Licenses". For example licenses, which forbid modification, but other-ways are open (e.g. Zimbra Public License 1.3)

This is neither technical decision, nor legal decision. Because both options are completely valid.

The first option will target people, who want to package their SW for Fedora, but does not met Packaging Guidelines yet. But Licensing. And are potentially planning to become part of Fedora itself. It will discourage people who does not want to be part of Fedora and such people will either not use build systems at all or will choose different distribution.

The second option will provide very low barrier to entry. And will encourage people to use rpm packaging and build their application on top of Fedora. Without forcing them to become part of Fedora itself.

I personally prefer second option. But we are not united on fedora-legal mailing list.
So, it is now up to you in which direction we want to steer the wheel.


CC'ing spot (in his role as Fedora Legal).

I actually saw three proposals in my perusal of the legal@l.fp.o thread:

  • Use the Good Licenses list. This was the preferred route of Fedora Legal.
  • Allow Coprs to also pick from a list of additional licenses which allow distribution but not modification. This was preferred by msuchy.
  • In addition to the above, allow people who have a right to distribute a piece of software to distribute it via coprs even if that right does not extend to others. This was [https://lists.fedoraproject.org/pipermail/legal/2013-November/002288.html mentioned by churchyard] but I don't know if he/anyone prefers it.

Tangential note - this is related to but not dependent on the other fesco ticket that Fedora Legal is currently cc'd on: https://fedorahosted.org/fesco/ticket/1201 -- Enabling Third Party Repos.

The third option seems to me to be an extension of the second. I doubt we're going to allow closed-source to distribute on COPRs in any way (wouldn't make sense anyway, as they'd have to create a binary source RPM to get it there).

I think the second option probably makes the most sense, provided that the accepted licenses include the requirement for the copyright holder to grant distribution rights for COPRs/The Fedora Project if the chosen license does not clearly permit it.

I didn't phrase that well, but in general my thoughts are "Incompletely FOSS licenses are okay on COPRs, provided that the code is licensed for redistribution either normally or through a signed statement from the copyright holder granting Fedora permission to do so".

Replying to [comment:1 toshio]:

I do not prefer it, it was only a question. However I generally like the idea of allowing any redistributable software. Maybe there could be a warning on coprs that doesn't have Fedora OK license?

Some notes: Had a conversation with Spot and the third option should be ruled out altogether. Really, RedHat/Fedora is the distributor rather than the person who submitted the build job to copr. So we would not be free to distribute the software in that case.

The reasons that Fedora Legal does not favor the second option is the increase in work that would be required:

  • One time cost to re-evaluate all of the currently listed Bad Licenses to see if they would fit the COPR licensing requirements.
  • Ongoing cost to re-evaluate one-off proprietary licenses for people that want to build and distribute via copr. The vast majority of FOSS packages use one of the known FOSS licenses. The same is not true of non-FOSS licenses where pretty much every one of them is unique and would need to be evaluated separately.

Note: As envisioned by Seth and I (not sure if this applies to jkeating's even earlier work), copr was only supposed to be for things that didn't pass the Fedora Packaging Guidelines. Licensing was explicitly supposed to follow the Licensing Guidelines.

We are discussing
What the Fedora Infrastructure resources will be used for
Whether the Fedora trademark will be associated with distributing some kinds of software
* (And perhaps, how much work will be asked of Fedora Legal)

Aren't these all questions for the Board, not FESCo?

Replying to [comment:7 mitr]:

We are discussing
What the Fedora Infrastructure resources will be used for
Whether the Fedora trademark will be associated with distributing some kinds of software
* (And perhaps, how much work will be asked of Fedora Legal)

Aren't these all questions for the Board, not FESCo?

I don't understand. Coprs has been in development for a long time. It was demoed at FUDCon Lawrence. Now it's deployed in production and is available for use. None of this is unexpected, so asking the Board at this point seems really backwards.

So the infrastructure question seems to already be answered. It's deployed. I would expect Fedora Infrastructure to be asked this first anyway.

The trademark question needs clarification if it's to go to the Board. How do you foresee the Fedora trademark being used here? Just on the Coprs website? Somehow magically in packages? Please explain.

The Board doesn't control Legal. Just ask Legal (either spot directly or on the legal@ list). Comment #1 seems to already be doing this.

COPR is deployed in Fedora Infrastructure, but Mirek's taking care of COPR in the infrastructure.

I believe we should allow as many licenses as possible if we want to attract users to start playing with COPR and/or Fedora.

I'm not sure if COPR needs more than "running on Fedora". It can be used by various rpm downstreams, so why should it use Fedora trademark?

Let me be more specific.
Replying to [comment:8 jwboyer]:

Replying to [comment:7 mitr]:

We are discussing
What the Fedora Infrastructure resources will be used for
Whether the Fedora trademark will be associated with distributing some kinds of software
* (And perhaps, how much work will be asked of Fedora Legal)

Aren't these all questions for the Board, not FESCo?

So the infrastructure question seems to already be answered. It's deployed. I would expect Fedora Infrastructure to be asked this first anyway.

"Should the Fedora infrastructure be used to build and distribute proprietary/non-redistributable/differently-licensed software?"

The trademark question needs clarification if it's to go to the Board. How do you foresee the Fedora trademark being used here? Just on the Coprs website? Somehow magically in packages? Please explain.
"Should the fedoraproject.org domain be used to distribute proprietary/non-redistributable/differently-licensed software, and therefore associate the Fedora trademark with distributing such software?"

AFAICT these are not "engineering" questions and out of FESCo's scope.

Replying to [comment:10 mitr]:
...

"Should the Fedora infrastructure be used to build and distribute proprietary/non-redistributable/differently-licensed software?"

(with my fedora Infrastructure hat on):

The first two of those are a big NO from me. It's just a no go for us to distribute things we can't distribute. That makes no sense.

The differently licensed ones is the question of this ticket I think. The problem is that we would be signing up Tom (fedora-legal) for a bunch more work to evaluate, manage and track them.

My vote for that case is that at least at the current time, we only allow licenses that are acceptable to Fedora. If there's a press of people wanting to use it for things that doesn't cover, we could try and revisit.

  • AGREED: COPR projects must use approved Fedora licenses for now (+6, 0, -1) (sgallagh, 19:46:38)

Reopening.

The decision seems sound, but it should be documented somewhere clearly on the Coprs site and in supporting documentation. Please leave this open until that task is done.

It is stated here:
https://fedorahosted.org/copr/wiki/UserDocs#WhatIcanbuildinCopr

I will add link to this entry to "Submit new build" page in Copr.

Done in upstream commit ab7a0da.

It will appear on Copr web on next rebase (probably sometime next week).

Login to comment on this ticket.

Metadata