|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
As we currently have 757 repositories, we can't review all
the code of all repositories. And unlike GNU/Linux
distributions, we don't have package definitions with
licenses.
And switching to a package manager would not only require
extensive work, but we would also need to be really sure
that that work would also need to be maintained over time.
Because of all theses constraints, and to have at least
some weak assurances that we don't bring in nonfree code
from the Android open source project, I wrote this script
to try to semi-automatically list the repositories licenses.
While it doesn't look yet into the repositories themselves,
we at least found one repository (external/dng) with a
potentially problematic license that we need to review
in more detail. For instance it has a clause that prevents
the modification of the documentation, but there is no
documentation.
There is also still 425 repositories with an unknown license
fo far:
$ ./manifest/scripts/check-licenses.py manifest/default.xml
| external/dng_sdk/LICENSE | [...]
Remaining: 331 done: 426 total: 757
Also note that this script doesn't expend the includes and
so it won't automatically check the repositories in
replicant/repositories.xml when used with default.xml.
However the repositories added or forked by Replicant are
less a concern as developers forking repositories will
probably have more probability of finding licensing issues
in a given repository than if it was handled by this script.
Signed-off-by: Denis 'GNUtoo' Carikli <GNUtoo@cyberdimension.org>
|