| Summary: | Discover shows inaccurate warning about proprietary software for open-source Snap applications | ||
|---|---|---|---|
| Product: | [Applications] Discover | Reporter: | kskot <288pat0tem> |
| Component: | Snap Backend | Assignee: | Aleix Pol <aleixpol> |
| Status: | RESOLVED FIXED | ||
| Severity: | normal | CC: | aleixpol, bugseforuns, kde, ManuelBoe, nate |
| Priority: | VHI | Keywords: | regression |
| Version: | 5.24.90 | ||
| Target Milestone: | --- | ||
| Platform: | Neon | ||
| OS: | Linux | ||
| Latest Commit: | https://invent.kde.org/plasma/discover/commit/8c6160822d83e0825fc49fcc4ac5af160d2fe9ec | Version Fixed In: | 5.25.5 |
| Sentry Crash Report: | |||
| Attachments: | warning text shown for kdenlive | ||
|
Description
kskot
2022-05-27 11:09:46 UTC
All snap apps, or just a specific one? Can you attach a screenshot of one? Created attachment 149262 [details]
warning text shown for kdenlive
The warning showed up for every snap application I checked on Discover. See the attachment for an example.
That is strange. It even shows "GPL-2.0+" but colors it orange. This is probably a code error in the Snap backend, where it mis-identifies that license as proprietary. The issue seems to occur when the licence does not match the pattern expected by Discover. For example, if applications use only GPL as the licence description instead of gpl-2.0. The following licence descriptions are frequently used and wrongly marked as non-free: GPL GPL3 BSD (In reply to Nate Graham from comment #3) > That is strange. It even shows "GPL-2.0+" but colors it orange. This is > probably a code error in the Snap backend, where it mis-identifies that > license as proprietary. There are also applications from the Manjaro repositories that are wrongly marked as nonfree. For example: Latte - GPL Onboard - GPL Leafpad - GPL Accerciser - BSD QVKbd - GPL3 Deepin Terminal - GPL3 The code checks against a whitelist of open source licenses. Anything not a valid SPDX identifier (i.e "GPL") will fail the check. A possibly relevant merge request was started @ https://invent.kde.org/plasma/discover/-/merge_requests/332 Git commit 2787a5292608115140e618bf904dd1eadfa70a52 by Aleix Pol Gonzalez, on behalf of Aleix Pol. Committed on 25/07/2022 at 23:19. Pushed by apol into branch 'master'. pk: Try harder to convert non-appstream packages licences It will try to use as_license_to_spdx_id which does its best guess, hopefully it will be enough on most cases, will submit some others that I've seen upstream to catch some other cases. M +1 -1 discover/qml/ApplicationPage.qml M +23 -18 libdiscover/appstream/AppStreamUtils.cpp M +2 -0 libdiscover/appstream/AppStreamUtils.h M +36 -1 libdiscover/backends/PackageKitBackend/PackageKitResource.cpp https://invent.kde.org/plasma/discover/commit/2787a5292608115140e618bf904dd1eadfa70a52 Git commit 8c6160822d83e0825fc49fcc4ac5af160d2fe9ec by Aleix Pol Gonzalez, on behalf of Aleix Pol. Committed on 25/07/2022 at 23:27. Pushed by apol into branch 'Plasma/5.25'. pk: Try harder to convert non-appstream packages licences It will try to use as_license_to_spdx_id which does its best guess, hopefully it will be enough on most cases, will submit some others that I've seen upstream to catch some other cases. (cherry picked from commit 2787a5292608115140e618bf904dd1eadfa70a52) M +1 -1 discover/qml/ApplicationPage.qml M +23 -18 libdiscover/appstream/AppStreamUtils.cpp M +2 -0 libdiscover/appstream/AppStreamUtils.h M +36 -1 libdiscover/backends/PackageKitBackend/PackageKitResource.cpp https://invent.kde.org/plasma/discover/commit/8c6160822d83e0825fc49fcc4ac5af160d2fe9ec This bug persists on Arch Linux after update to Plasma 5.25.4. Can reproduce with snap versions of SupertuxKart game and Clementine music player, for example. Git commit 834c7566bda5ee7cd79592186c463b8838b67a1a by Aleix Pol i Gonzalez. Committed on 23/08/2022 at 10:59. Pushed by apol into branch 'master'. snap: Properly communicate a snap's licence Treat it as an SPDX expression and parse it using AppStream. http://people.ubuntu.com/~robert-ancell/snapd-glib/reference/SnapdSnap.html#snapd-snap-get-license M +6 -1 libdiscover/appstream/AppStreamUtils.cpp M +2 -0 libdiscover/appstream/AppStreamUtils.h M +2 -1 libdiscover/backends/SnapBackend/SnapResource.cpp https://invent.kde.org/plasma/discover/commit/834c7566bda5ee7cd79592186c463b8838b67a1a Git commit 32778200077cafd360f46d0f1ea21a1cdfefef5b by Aleix Pol Gonzalez, on behalf of Aleix Pol i Gonzalez. Committed on 23/08/2022 at 11:00. Pushed by apol into branch 'Plasma/5.25'. snap: Properly communicate a snap's licence Treat it as an SPDX expression and parse it using AppStream. http://people.ubuntu.com/~robert-ancell/snapd-glib/reference/SnapdSnap.html#snapd-snap-get-license (cherry picked from commit 834c7566bda5ee7cd79592186c463b8838b67a1a) M +6 -1 libdiscover/appstream/AppStreamUtils.cpp M +2 -0 libdiscover/appstream/AppStreamUtils.h M +2 -1 libdiscover/backends/SnapBackend/SnapResource.cpp https://invent.kde.org/plasma/discover/commit/32778200077cafd360f46d0f1ea21a1cdfefef5b |