please clarify license

[jonassmedegaard]

This project includes file COPYING which contains GPLv2.

No other files refer to that COPYING file, however, so that file is effectively meaningless.

Please add licensing statement for the files not already including such in its header. Either in README or - preferred - in the header of each file.

NB! Beware of the likely need for including in such licensing an excemtion for OpenSSL, as that is incompatible with plain GPLv2. I suspect that you will also need to seek permission for adding such excemption from the copyright holders of others - e.g. for ladspa.h file.

[swh]

I'm not sure this code is still widely used enough to justify the effort. I uploaded it to github just for the sake of posterity. If there's a specific reason to fix the licensing then I'm happy to, but not just for the sake of tidiness.

[jonassmedegaard]

Quoting Steve Harris (2016-02-17 16:43:02)

I'm not sure this code is still widely used enough to justify the
effort. I uploaded it to github just for the sake of posterity. If
there's a specific reason to fix the licensing then I'm happy to, but
not just for the sake of tidiness.

This is not just nitpicking, but truly needed clarification: It is
currently uncertain what license governs the code.

Not sure what you mean with "just for the sake of posterity": In Debian,
liblrdf is a dependency of Ardour, Composite, Guitarix, Rosegarden,
Sonic Visualizer and terminatorX - all of which will need to be removed
from Debian if it turns out that liblrdf lack proper licensing according
to the Debian Free Software Guidelines.

If your concern is the hassle of issuing a new formal release of the
code, then that is not needed (for Debian, at least): Simply respond
here clarifying which is the license intended for liblrdf, and we can
deal with referencing that statement for our redistribution of the code.

Hope that helps,

• Jonas

• Jonas Smedegaard - idealist & Internet-arkitekt

• Tlf.: +45 40843136 Website: http://dr.jones.dk/

  [x] quote me freely [ ] ask before reusing [ ] keep private

[swh]

OK, thanks, I didn't realise it was still in use by those tools.

My main concern is lack of time, but, for the sake of clarity: all files that do not indicate otherwise were intended to be covered by the COPYING statement, it was just an oversight that they didn't include the licence in the top of the source code.

[swh]

I necessary I could probably round up the contributors to agree to move to GPL v3, but would prefer not to.

[jonassmedegaard]

Quoting Steve Harris (2016-02-17 18:18:37)

OK, thanks, I didn't realise it was still in use by those tools.

My main concern is lack of time, but, for the sake of clarity: all
files that do not indicate otherwise were intended to be covered by
the COPYING statement, it was just an oversight that they didn't
include the licence in the top of the source code.

Thanks. This is adequate - for the current use in Debian, where we have
not moved from the older 0.4.0 to 0.5.0.

To help others who redistristribute 0.5.0 (and to allow Debian to
eventually do so as well), ideal would be if you added to README a
statement based on the GPLv2 template at
https://www.gnu.org/licenses/gpl-faq.en.html#GPLIncompatibleLibs should

• Jonas

• Jonas Smedegaard - idealist & Internet-arkitekt

• Tlf.: +45 40843136 Website: http://dr.jones.dk/

  [x] quote me freely [ ] ask before reusing [ ] keep private

[jonassmedegaard]

Quoting Steve Harris (2016-02-17 18:20:21)

I necessary I could probably round up the contributors to agree to
move to GPL v3, but would prefer not to.

There should be no need to relicense to GPLv3 - but adding an exception
would also require rounding up all contributors, so I can understand why
you would want to avoid that.

Also work, but perhaps easier might be to support linking against
Libgcrypt instead of OpenSSL. Easiest is (obviously) to do nothing and
those (like Debian) considering OpenSSL in violation with GPL just stick
to 0.4.0.

• Jonas

• Jonas Smedegaard - idealist & Internet-arkitekt

• Tlf.: +45 40843136 Website: http://dr.jones.dk/

  [x] quote me freely [ ] ask before reusing [ ] keep private

[jonassmedegaard]

Ohh - I see now that work was done already to eliminate the need for OpenSSL: Please consider simply release current code, as that should be fine with current GPLv2 license :-)

[swh]

There's no real release mechanism, I can add a README stating that except where otherwise noted all the files are under the GPL v2, and bump the version number, I guess, but that's seems a little pointless.

[jonassmedegaard]

Quoting Steve Harris (2016-02-18 12:24:19)

There's no real release mechanism, I can add a README stating that except where otherwise noted all the files are under the GPL v2, and bump the version number, I guess, but that's seems a little pointless.

There is Github release tags.

The (main) point of making a release is not to improve licensing of your
code (although that could be done while at it anyway), but to avoid
resulting license of binary code to still be redistributable - which
is arguably not the case for 0.5.0 which requires linking with OpenSSL.

Regards,

• Jonas

• Jonas Smedegaard - idealist & Internet-arkitekt

• Tlf.: +45 40843136 Website: http://dr.jones.dk/

  [x] quote me freely [ ] ask before reusing [ ] keep private