|author||Michał Górny <firstname.lastname@example.org>||2020-02-11 11:05:58 +0100|
|committer||Michał Górny <email@example.com>||2020-02-21 12:07:33 +0100|
|parent||Use pypi for installing the tyrian-sphinx-theme (diff)|
Closes: https://bugs.gentoo.org/709020 Closes: https://github.com/gentoo/policy-guide/pull/12 Signed-off-by: Michał Górny <firstname.lastname@example.org>
1 files changed, 49 insertions, 0 deletions
diff --git a/other-metadata.rst b/other-metadata.rst
index f05014b..14651cf 100644
@@ -94,4 +94,53 @@ this circumstance, and they will not fail for users.
common, and there is little harm in overspecifying it.
+.. index:: license
+The ``LICENSE`` variable must explicitly list licenses for all files
+installed by the package. If some of the applicable licenses are
+conditional to USE flags, appropriate USE conditionals need to
+be expressed in the variable.
+If a package bundles any dependencies that are either installed,
+statically linked or in any other way combined with installed files,
+the licenses of these dependencies need to be listed as well. This
+is not presently required when statically linking to dependencies
+installed by separate packages in the repository.
+The licenses for files that are not installed but that are used at build
+time are not listed explicitly.
+*Rationale*: the primary purpose of the license support in the package
+manager is to provide the users with ability to decide on acceptable
+licenses for their installed systems (and binary packages). In order
+for this to work effectively, the packages must provide a correct
+and complete license list.
+Static linking combines code from multiple packages, potentially covered
+by different licenses. Listing all licenses is the simplest way
+of ensuring that nothing is missed, as well as protecting against wrong
+derivative work licenses stated upstream (i.e. when a less restrictively
+licensed package links to a more restrictively licensed dependency).
+Listing of licenses is enforced for bundled dependencies but not for
+static linking to other packages, as in the latter case it is
+non-trivial to implement and the package manager already verifies
+the license while building dependencies (but not when installing binary
+The ebuild format does not provide a separate variable to list licenses
+needed only at build time. So far it has not been considered important
+enough to have one, as the relevant files exist only temporarily
+on the user's system and do not affect the runtime use of packages.
+ Please remember to include the licenses of support files provided
+ by the ebuild, e.g. init.d scripts (usually GPL-2).
.. _metadata invariance: https://projects.gentoo.org/pms/7/pms.html#x1-600007.1