search

ros / meta-ros

OpenEmbedded Layers for ROS 1 and ROS 2
MIT License
382 stars 251 forks source link

Fix QA Issue for license warnings for meta-ros2-foxy #1078

Closed aurelien-enchanted-tools closed 8 months ago

aurelien-enchanted-tools commented 10 months ago

Hello World, Could you Fix QA Issue for license warnings for meta-ros2-foxy and other as for meta-ros-common, humble, rolling, etc. ? Thank you.

robwoolley commented 10 months ago

Hi @aurelien-enchanted-tools,

Thanks for reporting the issue. Can you provide details on which Yocto release you are using and which recipes are reporting the warnings?

Regards, Rob

aurelien-enchanted-tools commented 9 months ago

mickledore

[license-file-missing] QA Issue: The license listed BSD was not in the licenses collected for

and certainly other meta-ros recipes

bartoszptak commented 9 months ago

Hi @robwoolley, the same issue here.

We use ros2-humble with yocto nanbield. The issue occurs in cv-bridge, tf2-msgs and image-transport packages.

robwoolley commented 9 months ago

Quick Summary

Since the warnings are valid I don't consider them a "bug" in meta-ros. If you wish to hide them you must add the following in your local.conf

WARN_QA:remove = "license-exists"

Details

The QA warnings are tricky because we are using the license information that comes directly from the ROS developers to generate the bitbake recipes. As a temporary measure, I had been creating bbappend files to set LICENSE to a valid SPDX identifier. However, there are nearly 500 packages in ROS that have a non-SPDX identifier of "BSD" as their license. Maintaining 500 bbappend files across "X" Yocto Releases and "Y" ROS distros doesn't scale.

The Yocto Project and OpenEmbedded have adopted SPDX identifiers but ROS had not, so it was necessary to find a compromise. Recently the ROS TSC has started encouraging developers to update the license metadata and added spdx as value for the new "type" attribute. Using this in ROS package.xml files is encouraged but not enforced: https://discourse.ros.org/t/changes-in-the-package-xml-about-licensing/32118

I believe that the proper solution is to politely submit a license change to the package.xml files to the ROS package maintainers. (eg. For https://github.com/ros/xacro/blob/noetic-devel/package.xml)

--- package.xml.orig    2023-12-19 07:16:09.453467048 -0800
+++ package.xml 2023-12-19 07:16:22.945442102 -0800
@@ -9,7 +9,7 @@
   <maintainer email="rhaschke@techfak.uni-bielefeld.de">Robert Haschke</maintainer>
   <maintainer email="morgan@osrfoundation.org">Morgan Quigley</maintainer>

-  <license>BSD</license>
+  <license type="spdx">BSD-3-Clause</license>

   <url type="website">http://ros.org/wiki/xacro</url>
   <url type="repository">https://github.com/ros/xacro</url>

However, we should coordinate our efforts with the maintainers of https://github.com/boschresearch/ros_license_toolkit so that we can validate that what we are submitting is correct and passes the tool.

Check out the ROS OpenEmbedded Working Group minutes for details.