Closed kyllingstad closed 6 months ago
While examining one of the build artifacts resulting from this branch (Windows Release with proxyfmu) I found something strange.
By all accounts it seems we are using openssl/1.1.1s
. OpenSSL's website describing licenses states that the the dual OpenSSL and SSLeay license applies for this release. The build artifact contains two license files for openssl (doc/licenses/openssl/LICENSE (GPL 1) and doc/licenses/openssl/LICENSE.txt (Apache 2.0)). These don't match the licenses described on the OpenSSL website. What gives?
It looks like conan.tools.files.copy()
is a bit more eager than I had anticipated. Two of the patterns I have included – licenses/*
and license*
– cause the entire licenses/
subdirectory of the dependency package directory to be copied recursively. And for OpenSSL, that directory contains licenses/external/perl/Text-Template-1.56/LICENSE
which is the GPL. But I'm pretty sure that doesn't apply to us.
I'll change the patterns to something a bit more restrictive.
I've implemented what I hope is a slightly more sophisticated method for importing licences now.
If a dependency has a licenses/
directory, which virtually all Conan-center packages do, then it is copied recursively into deps/doc/licenses/<package_name>
. In the case of OpenSSL that we discussed earlier, this will still include the GPL licence, but it will now be in deps/doc/licenses/openssl/external/perl/Text-Template-1.56/LICENSE
, making it a bit more clear that it does not apply to OpenSSL per se.
For packages that do not conform to the Conan-center layout (just our own, really) the function will copy anything that looks like it contains licence, author, and copyright info. There may be some false positives down the line, but I think that is better than missing some.
This is something from the old
conanfile.txt
that I forgot to include inconanfile.py
when I upgraded to Conan 2.x (#109). Basically, it copies everything that looks like a licence or otherwise copyright-related file to thedoc/licences/<dependency_name>
directories in the installation bundle.