SDL updates

[tpimh]

This is just a draft for now, I will add more info below.

List of SDL 1.2 packages:

• sdl
  • our version is 1.2.15, latest released tarball 1.2.15, version in git is 1.2.16
  • building from pspdev fork source code
  • license is LGPL-2.1 (incorrectly indicated as GPL2.1)
• sdl_gfx
  • our version is 2.0.26, latest released tarball and version in svn is 2.0.27
  • building from pspdev fork source code
  • license is ZLIB
• sdl_image
  • our version is 1.2.13, latest released tarball is 1.2.12, version in git is 1.2.13
  • building from upstream source code
  • license is ZLIB (indicated as MIT)
• sdl_mixer
  • our version is 1.2.14 (why?), latest released tarball is 1.2.12, version in git is 1.2.13
  • building from upstream source code
  • license is ZLIB (indicated as custom)
  • wget in prepare step
• sdl_net (added by this PR)
  • our version is 1.2.9, latest released tarball is 1.2.8, version in git is 1.2.9
  • building from upstream source code
  • license is ZLIB
• sdl_ttf
  • our version and the latest released tarball is 2.0.11, version in git is 2.0.11.1
  • building from a release from an archived pspdev fork
  • license is ZLIB (indicated as custom)

List of SDL 2.0 packages:

• sdl2
  • our version is 2.30.2, latest release is 2.30.3
  • building from an upstream release tarball with patch
  • license is ZLIB
• sdl2_gfx
  • our version, latest released tarball and version in svn is 1.0.4
  • building from pspdev fork source code
  • license is ZLIB
• sdl2_image
  • our version is 2.6.3, latest release is 2.8.2
  • building from an upstream release tarball with patch
  • license is ZLIB
• sdl2_mixer
  • our version is 2.6.3, latest release is 2.8.0
  • building from an upstream release tarball
  • license is ZLIB (indicated as MIT)
• sdl2_net (added by this PR)
  • our version and latest release is 2.2.0
  • building from an upstream release tarball with patch
  • license is ZLIB
• sdl2_ttf
  • our version is 2.20.2, latest release is 2.22.0
  • building from an upstream release tarball with patch
  • license is ZLIB (indicated as MIT)

[sharkwouter]

With some of the license changes we have to be really careful here. If a library links to anything that has a different license, that can affect the licensing of the package. We should probably bundle the licenses of dependencies in the licenses directory of a package to be honest.

[tpimh]

I believe the licenses of these libraries were not changed, they were just indicated incorrectly. Anyway, Zlib is a very permissive license, and very similar to MIT, so this change shouldn't affect anything, and GPL2.1 doesn't exist, it's just a typo.

[sharkwouter]

I believe the licenses of these libraries were not changed, they were just indicated incorrectly. Anyway, Zlib is a very permissive license, and very similar to MIT, so this change shouldn't affect anything, and GPL2.1 doesn't exist, it's just a typo.

What I meant was that because we can only build static binaries for the PSP, I set the license of the SDL packages to the one of the least permissive dependency, because it communicates to the developer using the library what rules they have to apply to. That might also be why I removed the L from LGPL, because when you statically linking, you are bound by the GPL when using LGPL licensed libraries.

I do think it makes sense to change this to the actual license of the library, but I don't know what other way we could use to communicate what license limitations your program will have to abide by when using a library.

Edit with some extra context: If we would build SDL2_mixer with MP3 support by using libmad, then the license for SDL2_mixer would change to be GPL, because you cannot license something as non-GPL when it has GPL code in it.

[tpimh]

Yes, static linking is one of the pitfalls of GPL. But I believe there's a workaround for it: instead of linking statically, GPL modules can be built as PRXs and loaded dynamically (that requires some patching though). Also it makes sense to introduce flags (like in gentoo) to build packages with different optional dependencies.

[tpimh]

Also, the there's a problem with SDL 1.2 versions: they stopped adding new functions and creating new releases (version is frozen), but the code is still updated with fixes for new compilers and occasional backports from SDL2.

I can see several solutions there:

1. Use the last release version as pkgver, keep increasing pkgrel (problem with sdl_image and sdl_mixer as the version will go down)
2. Use the version indicated in changelog as pkgver, keep increasing pkgrel (problem only with sdl_mixer as the version will go down)
3. Use commit hash as pkgver, and start incrementing epoch every time it changes (version number doesn't make any sense anymore)

[tpimh]

I guess I should just skip checksum verification for all local files.

[sharkwouter]

I would just use the latest available version number for the package of SDL 1.2. That should be fine since they will not release new versions anyway.

[tpimh]

Makes sense, but then version numbers will decrement for two packages (possible problem for updates).

[sharkwouter]

Makes sense, but then version numbers will decrement for two packages (possible problem for updates).

I think that's acceptable to do once.

[sharkwouter]

@tpimh could you still increase the pkgrel of the packages where that hasn't been done yet? Then we can get this merged, since it otherwise looks great. I just did a fix in SDL2 upstream which fixes SDL2main and I'd like to add that after merging this PR. Thanks in advance, I do really appreciate your work on this.

[tpimh]

I was thinking of actually updating every SDL package to the latest version, but I guess just bumping pkgrel is fine.

[sharkwouter]

Thanks! I appreciate the quick response. Updating can still be done in another PR.