[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: License auditing
From: |
Leo Famulari |
Subject: |
Re: License auditing |
Date: |
Wed, 3 Aug 2016 14:03:42 -0400 |
User-agent: |
Mutt/1.6.0 (2016-04-01) |
On Wed, Aug 03, 2016 at 06:28:38PM +0200, David Craven wrote:
> Hi!
>
> How can I tell the difference between a lgpl2.1 and lgpl2.1+ license?
The license headers in the source files will say if they are licensed
under version 2.1 or later. Something like this:
"...either version 2.1 of the License, or (at your option) any later
version."
I've heard that if the only license information is a copy of the full
license (for example, in LICENSE or COPYING) and the files have no
license headers, then the "or later" part is implied, but I'm not sure.
> Is this a job that an automated tool could do? Detecting licenses
> included in a tarball?
A tool might be able to suggest something, but I think that it will
always require human inspection. And we only have to do this inspection
once per package version, on behalf of everybody else that uses the
distribution.