https://bugzilla.redhat.com/show_bug.cgi?id=2418762
--- Comment #9 from Stuart D Gathman <[email protected]> --- Spec URL: https://gathman.org/linux/SPECS/smallstep.spec SRPM URL: https://gathman.org/linux/SRPMS/smallstep-0.29.0-3.fc44.src.rpm The vendored module askalono couldn't recognize was github.com/google/go-tpm-tools/LICENSE The LICENSE files concatenates submodule LICENSES, and the vendored archive does not include the simulator/ms-tpm-20-ref submodule - the submodule with the incompatible license. I edited License: in the spec to remove the LicenseRef-scancode-proprietary-license (after confirming the only the ms-tpm-20-ref license was flagged as that by askalono). I added a comment to explain why I changed the output of go_vendor_license. I'm not sure if that is the correct way to handle this situation. For one thing, I have to do it for every upgrade - but then licenses have to be re-examined anyway. -- You are receiving this mail because: You are always notified about changes to this product and component You are on the CC list for the bug. https://bugzilla.redhat.com/show_bug.cgi?id=2418762 Report this comment as SPAM: https://bugzilla.redhat.com/enter_bug.cgi?product=Bugzilla&format=report-spam&short_desc=Report%20of%20Bug%202418762%23c9 -- _______________________________________________ package-review mailing list -- [email protected] To unsubscribe send an email to [email protected] Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/[email protected] Do not reply to spam, report it: https://forge.fedoraproject.org/infra/tickets/issues/new
