Mailinglist Archive: opensuse-packaging (68 mails)

< Previous Next >
Re: [opensuse-packaging] How to proceed when upstream bundles prohibited sofware
  • From: Ludwig Nussel <ludwig.nussel@xxxxxxx>
  • Date: Wed, 12 Jun 2013 13:13:13 +0200
  • Message-id: <51B857C9.5060808@suse.de>
toganm@xxxxxxxxxxxx wrote:
As the subject says how do we proceed when there is problematic bundled
library code in the upstream. darktable package has bundled squish
library in the sources, and after discussing with the legal team it is
best we follow the same route as fedora.

https://bugzilla.redhat.com/show_bug.cgi?id=972604

In fedora guidelines the solution outlined can be found in the
following link:

https://fedoraproject.org/wiki/Packaging:SourceURL#When_Upstream_uses_Prohibited_Code

Since there is no suggestion in our guidelines, how do I proceed in this
case, as implementing the removal of offending code is not the issue but
AFAIK our buildservice has some checks for the source code from the Source URL

It might be sufficient to put an rm -r in the spec file and clearly
document there that with this you are removing the offending code so
there is absolutely no way for it to end up in the binary package. As
additional safeguard you could also add some additional grepping on the
binaries after make install and fail the build if the offending code
somehow sneaked in nevertheless. With those measurements it might be
acceptable for legal while still adhering to the pristine source
principle.

cu
Ludwig

--
(o_ Ludwig Nussel
//\
V_/_ http://www.suse.de/
SUSE LINUX Products GmbH, GF: Jeff Hawn, Jennifer Guild, Felix Imendörffer, HRB
16746 (AG Nürnberg)
--
To unsubscribe, e-mail: opensuse-packaging+unsubscribe@xxxxxxxxxxxx
To contact the owner, e-mail: opensuse-packaging+owner@xxxxxxxxxxxx

< Previous Next >
Follow Ups
References