coapp-developers team mailing list archive

[Philip Allison <mangobrain@xxxxxxxxxxxxxx>]

On 8 May 2010 06:37, William A. Rowe Jr. <wmrowe@xxxxxxxxx> wrote:
> I look towards CoApp as a place offering builds of open source packages
> from open source, and mitigating the headaches for users.  Which does
> point to one important point; when users leverage GPL code they will
> end up with a GPL application.
>
> What can CoApp do to help users distinguish when they have created some
> copyleft source dependency (not a big deal, if they rely on CoApp to then
> deploy it) or a viral copyleft dependency that impacts the code that they
> create, relying upon it?

I assume by "users" you mean "developers" - people who are just
installing the stuff shouldn't have to care to the same extent, at
least in the sense that if something isn't free (as in beer), it
probably isn't going to be packaged for all to download via CoApp free
of charge.

It's common practice in Linux and BSD package managers to list a
program/library's licence as part of its metadata.  It should
therefore be easy enough to at least list the licenses of something's
dependencies, but I wouldn't like to try and automate the job of
differentiating between *types* of dependency (i.e. "program A
dynamically links to library B" vs. "program C talks to daemon D via a
named pipe"), or figure out what the available licence choices are for
a given package based on the licences in its dependency tree.

In other words, I would imagine that the information will be there for
humans to determine this, but the computer probably won't do it for
you.

Regards,
Phil