[horde] openSUSE legal question on Horde_Role -- Bugzilla [Bug 696337] New: Confirm version of LGPL in php5-pear-Horde_Role%1.0.0

Michael M Slusarz slusarz at horde.org
Thu May 26 17:28:31 UTC 2011 

Quoting Ralf Lang <lang at b1-systems.de>:

> Hi folks, the openSUSE Legal team asked me to confirm the license status of
> Horde_Role because one file says LGPL (no version, implying LGPL v3) and the
> other file has a GPL header. PEAR says LGPL. I packaged that into rpm as as
> LGPL.
>
> I expect them to have a lot more questions along that line, especially
> regarding license versions.
>
> I always understood that you mean the license to be like the pear metadata
> states. If a license file is given, that version as packaged is meant to be.
>
> If no license file is given, a license version in the metadata is  
> the intended
> version
>
> If no license version is given but a link, the latest/linked version of that
> license applies.
>
> Can I have a confirmation from you on that package and on horde licensing in
> general? That would facilitate matters a lot.
>
> I committed new versions of the LGPLv2 license files to git recently, because
> their legal team would not like the outdated FSF address. I have no access to
> the horde3 cvs trees of the released apps though.
>
>
> https://bugzilla.novell.com/show_bug.cgi?id=696337
>
> https://bugzilla.novell.com/show_bug.cgi?id=696337#c0
>
>
>            Summary: Confirm version of LGPL in php5-pear-Horde_Role%1.0.0
>     Classification: SUSE Tools
>            Product: SUSE Linux Legal Issues
>            Version: unspecified
>           Platform: Other
>         OS/Version: Other
>             Status: NEW
>           Severity: Normal
>           Priority: P5 - None
>          Component: License Issues
>         AssignedTo: lang at b1-systems.de
>         ReportedBy: cfarrell at novell.com
>          QAContact: jw at novell.com
>              Group: Legal Security Team
>           Found By: ---
>            Blocker: ---
>
>
> The spec file simply states License: LGPL. The package has e.g. the following
> notice in Horde.php and in Role.php:
> /**
>  * PEAR_Installer_Role_Horde
>  *
>  * Copyright 2010-2011 The Horde Project (http://www.horde.org/)
>  *
>  * See the enclosed file COPYING for license information (LGPL). If you
>  * did not receive this file, see http://www.fsf.org/copyleft/lgpl.html.
>  *
>  * @author    Michael Slusarz <slusarz at horde.org>
>  * @category  Horde
>  * @copyright 2010-2011 The Horde Project (http://www.horde.org/)
>  * @license   http://www.fsf.org/copyleft/gpl.html GPL
>  * @package   Role
>  */
>
> /**
>  * @author    Michael Slusarz <slusarz at horde.org>
>  * @category  Horde
>  * @copyright 2010-2011 The Horde Project (http://www.horde.org/)
>  * @license   http://www.fsf.org/copyleft/gpl.html GPL
>  * @package   Role
>  */
>
> It is not clear to me what version is being referred to. The link points to a
> FSF webpage which would imply LGPL-3.0. The metadata states also  
> that it could
> be GPL (@license http://www.fsf.org/copyleft/gpl.html GPL).

All of this confusion was probably due to copy/paste errors from other  
files.  Like (most) other Horde packages, Horde_Role should be all LGPL.

I personally would like to see a bit of cleanup on our licensing  
quoting standards.  I think it would be most useful if we host the  
relevant licenses on http://horde.org/ and then add the phpdoc links  
to this local link rather than a FSF link.  Gives us more control over  
the license text, and could provide a more thorough listing of the  
licenses we are using in a single location.

michael

___________________________________
Michael Slusarz [slusarz at horde.org]

More information about the horde mailing list