See https://gitlab.com/fedora/legal/fedora-license-data/-/issues/78. I opened PRs fixing this issue:
But the files already present in lookaside cache still contain the zip entry. Looks like the first version which started using glyphicons.zip is: https://src.fedoraproject.org/lookaside/pkgs/log4j/apache-log4j-2.13.0-src.tar.gz/sha512/
The zip archive is not required for the package functioning.
Metadata Update from @phsmoura: - Issue tagged with: medium-gain, medium-trouble, ops
Thank you for that @mkoncek. is the request here is to ensure that glyphicons.zip is removed from the lookaside cache source tarballs for log4j from when the project started including them up until it stopped? Will that cause any issues with the previous built packages, etc?
glyphicons.zip
Hi, you are correct, it should be done for all the package version from 2.13.0 up until 2.17.2, release 5. As I said, the zip file is not needed for the package to work.
Thank you @mkoncek. @jnsamyak, @patrikp, @amedvede, let's get this on one of the upcoming releng meetings to double check the gain/effort and for someone to pick up and move it forward.
Log in to comment on this ticket.