Review:Chromium-REV-ID-1

From Free Software Directory
Revision as of 09:29, 10 March 2019 by Adfeno (talk | contribs)
Jump to: navigation, search


Thank you for helping to improve the Free Software Directory!

This page has not completed review yet.

This submission will now wait until an administrator reviews it and chooses whether to add it to the directory. If you would like to become an admin, then visit the directory mailing list and introduce yourself.

Admins, either this page has been processed already, or someone made a request to update an existing page. See what's different. (Admins may also edit that page.)

Admins, when you are done incorporating any needed changes from this page into a main entry, please edit this page and change the following text from: |Finished review=No to: |Finished review=yes. This helps keep submissions organized. (Note that doing this isn't what adds the entry to the directory.)

Name Chromium
Short description
Full description
Homepage URL https://www.chromium.org/Home
Is GNU No
GNU package name
User level
Component programs
VCS checkout command
Computer languages
Documentation note
Paid support
Microblog
IRC help
IRC general
IRC development
Related projects
Keywords
Version identifier
Version date
Version status
Version download
Version comment
Finished review no



licensecheck report

This is a continuation of [1].

To generate the report, do:

git clone "https://chromium.googlesource.com/chromium/src.git" "chromium"
cd "chromium"
git checkout "df850bbd0966147f0857369252da8a6fc6c18253"
licensecheck -c '.*' -r * > "../licensecheck_chromium.txt"

This report is based on commit df850bbd0966147f0857369252da8a6fc6c18253 and was generated with licensecheck from devscripts package version 2.14.1ubuntu0.1, available in the official Trisquel repositories, and as the version string implies, provided directly by Trisquel's upstream --- because no Trisquel-specific patches where made).

Also see my message in [2] to question whether these shorter-than-they-should license notices are really applicable.

One must note that the report is too heavy to be put anywhere in an online storage, so I prefer to distribute it through torrent, with DHT (no trackers), the magnet link is [3]. --Adfeno (talk) 11:54, 25 November 2017 (EST)

The following paths are under BSD-3-Clause modified by W3C (the license text is the same, just adding the name of W3C):

third_party/WebKit/Tools/Scripts/webkitpy/thirdparty/wpt/wpt/LICENSE.md
third_party/WebKit/Tools/Scripts/webkitpy/thirdparty/wpt/wpt/tools/wptserve/LICENSE
third_party/WebKit/LayoutTests/external/wpt/resources/LICENSE
third_party/WebKit/LayoutTests/external/wpt/LICENSE.md
third_party/WebKit/LayoutTests/external/wpt/2dcontext/tools/LICENSE.txt

The following paths are under BSD-4-Clause (the original one, which has the advertisement clause):

native_client_sdk/src/libraries/third_party/newlib-extras/netinet/tcp.h

As for the rest, licensecheck claims them to be all free/libre software licenses. However, this evaluation isn't over yet. Here are the things that I think need be done (of course we can remove or add items if there is proof, but as a non-experienced evaluator, this is the list I have right now):

  • See what are the licenses of the paths whose lines end with "UNKNOWN", and what files are the source of the paths whose lines end with "GENERATED FILE".
  • Do license check with a different version of licensecheck (different than the one Adfeno described) or with a different tool. This is important because the first licensecheck output displayed some incorrect results. However, due to the amount of bundling and the quantity of source files, Adfeno only re-checked the paths described in this message.
  • Investigate [4].
    • Morever, test if the build result follows the licenses and provides complete corresponding source of the bundles.
  • Since they choose to bundle stuff, see if the LGPL, MPL, and Ms-PL parts are modified compared to their originals. These checks will probably require downloading a full clone of the repository (this means also removing --depth 1) and a download of the originals. Be very specific to version/release numbers and revisions, remember to get the specific revision of Chromium that is being evaluated, and to try to find information about the exact version/release and commits of the LGPL, MPL and Ms-PL parts. If the modifications are local to Chromium, then it might require the resulting work to be copylefted.
  • See if the GPL parts are indeed important for building or running the software.
  • Investigate if the type of linking (static, dynamic, shared, etc.) that Chromium does (if it does such link) to the parts under GPL, LGPL, MPL, Ms-PL requires a license change.
  • Attempt to download the source files using the method described in Chromium's website, and do the check based on that.--Adfeno (talk) 16:39, 26 January 2018 (EST)
As far as I can see, there's no need to download the source files using the method described in Chromium's website, it does exactly what we just did. --Adfeno (talk) 19:28, 7 March 2018 (EST)

On licensecheck

If you don't use Trisquel, I've put the devscripts sources from the 2.16.2ubuntu package here, and licensecheck itself here, for convenience. --Jadedctrl (talk) 20:47, 15 January 2018 (EST)

FSD Script Aid report

Source repository and specific commit tree can be downloaded using:

git clone "https://chromium.googlesource.com/chromium/src.git" "chromium"
cd "chromium"
git checkout "df850bbd0966147f0857369252da8a6fc6c18253"

Then run the script aid based on the working directory.

From now on, if you finish reviewing some part of the report, please mark the last line/row with the "Continue." phrase in the "Notes" column so that other people can continue the work. Don't forget to remove the previous mark.

This report is still mostly in raw form.

I simply used grep and an awk script to find which files are under the license in the nearest "LICENSE file" (the notices in some files make it easy to use grep to find each file that has these notices) and remove the files which have these notices and which don't have the JS-related flags set to 1. Morever, as far as I know, some files even though they have the JS-related flag set to 1, they aren't actually executed by a browser or read by a web server, this is the case for .c, .cc, .cpp, .gn, .gni, .h, .hpp, .java, .md and .mojom files.

I also removed binary files that are actually multimedia except text (known image, video and audio formats).

The magnet link for the report is [5].



Permission is granted to copy, distribute and/or modify this document under the terms of the GNU Free Documentation License, Version 1.3 or any later version published by the Free Software Foundation; with no Invariant Sections, no Front-Cover Texts, and no Back-Cover Texts. A copy of the license is included in the page “GNU Free Documentation License”.

The copyright and license notices on this page only apply to the text on this page. Any software or copyright-licenses or other similar notices described in this text has its own copyright notice and license, which can usually be found in the distribution or license text itself.