{"id":21431595,"url":"https://github.com/suve/vrms-rpm","last_synced_at":"2025-07-14T12:32:13.579Z","repository":{"id":18711362,"uuid":"85129907","full_name":"suve/vrms-rpm","owner":"suve","description":"Report non-free software installed on an RPM-based GNU/Linux system.","archived":false,"fork":false,"pushed_at":"2024-05-12T19:00:47.000Z","size":704,"stargazers_count":22,"open_issues_count":5,"forks_count":27,"subscribers_count":3,"default_branch":"trunk","last_synced_at":"2024-05-12T20:20:05.341Z","etag":null,"topics":["freesoftware","linux","rpm","rpm-packages"],"latest_commit_sha":null,"homepage":"","language":"C","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"gpl-3.0","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/suve.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":".github/FUNDING.yml","license":null,"code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null},"funding":{"github":"suve","liberapay":"suve"}},"created_at":"2017-03-15T23:09:00.000Z","updated_at":"2024-05-12T20:20:08.093Z","dependencies_parsed_at":"2024-01-11T20:33:20.269Z","dependency_job_id":null,"html_url":"https://github.com/suve/vrms-rpm","commit_stats":null,"previous_names":[],"tags_count":8,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/suve%2Fvrms-rpm","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/suve%2Fvrms-rpm/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/suve%2Fvrms-rpm/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/suve%2Fvrms-rpm/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/suve","download_url":"https://codeload.github.com/suve/vrms-rpm/tar.gz/refs/heads/trunk","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":225976215,"owners_count":17554197,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["freesoftware","linux","rpm","rpm-packages"],"created_at":"2024-11-22T23:09:09.034Z","updated_at":"2024-11-22T23:09:09.633Z","avatar_url":"https://github.com/suve.png","language":"C","funding_links":["https://github.com/sponsors/suve","https://liberapay.com/suve","https://github.com/sponsors/suve/"],"categories":[],"sub_categories":[],"readme":"**vrms-rpm**\n----------\nA clone of *vrms* (\"*virtual Richard M. Stallman*\") for\nRPM-based GNU/Linux distributions.\n\nThis program analyses the list of currently installed RPM packages and reports\nfound non-free packages to stdout. \n\n\n**Why a clone instead of a fork?**\n----------\nBecause my only experience with Perl (which the original *vrms* is written in)\nhas been one semester of Operating Systems class, and that was a long time ago.\n\nAlso, seeing how much the resulting program differs from the original, it's\nquite possible that making a fork instead of starting fresh would only\ncomplicate matters. After all, removing code is hard.\n\n\n**How does it work?**\n----------\n*vrms-rpm* works by processing the list of installed packages (as reported by *rpm*)\nand analysing their licence strings. The program breaks down compound expressions\nusing AND / OR operators and parentheses, and then checks individual licences against\na list of acceptable licences.\n\nTo make a simple example, the licence string `(AGPL-3.0-or-later OR SSPL) AND CC-BY-3.0`\nwill be broken down in the following way:\n```\nAGPL-3.0-or-later      SSPL      CC-BY-3.0\n     [Free]         [Non-free]     [Free]\n        |               |            |\n        \\----- OR ------/            |\n             [Free]                  |\n                |                    |\n                \\-------- AND -------/\n                         [Free]\n```\n\n\n**Installing from a repository**\n----------\n[![Packaging status](https://repology.org/badge/vertical-allrepos/vrms-rpm.svg?exclude_unsupported=true\u0026minversion=2.3)](https://repology.org/project/vrms-rpm/)    \nFedora users can install *vrms-rpm* from the official distro repository.\nRHEL/CentOS users can get the package from the Fedora EPEL repositories.\n```\n$ dnf install vrms-rpm\n```\n\n\n**Building it on your own: dependencies**\n----------\n- `bash`, as there are some shell scripts used during the build process\n\n- `sed` - used in the aforementioned shell scripts\n\n- `make`, for simplifying the build \u0026 install process\n\n- `gcc`, although clang should work too\n\n- `gettext` (`libintl`), for handling multiple languages\n\n- `librpm` (**optional**), for accessing RPM's functions for comparing package versions\n\n- `cmocka` (**optional**), for running the test suite\n\n\n**Picking the licence list**\n----------\nAs mentioned earlier, *vrms-rpm* works by checking package licences against a list of known good licences.\nSince distributions can have differing opinions on what constitutes as free software,\nand what the licence tags should be written as (e.g. \"GPLv2\" vs \"GPL-2.0\"),\n*vrms-rpm* comes packaged with several different licence lists.\n\nThese are:\n\n- `fedora` - a list created in accordance to the [Fedora Allowed License list](https://docs.fedoraproject.org/en-US/legal/allowed-licenses/).\n\n- `spdx-fsf-and-osi` - a list created in accordance to the [SPDX licence list](https://spdx.org/licenses/). Includes only licences marked as both \"FSF free/libre\" and \"OSI approved\".\n\n- `spdx-fsf-or-osi` - a list created in accordance to the [SPDX licence list](https://spdx.org/licenses/). Includes licences marked as either \"FSF free/libre\" or \"OSI approved\".\n\n- `spdx-only-fsf` - a list created in accordance to the [SPDX licence list](https://spdx.org/licenses/). Includes only licences marked as \"FSF free/libre\".\n\n- `spdx-only-osi` - a list created in accordance to the [SPDX licence list](https://spdx.org/licenses/). Includes only licences marked as \"OSI approved\".\n\n- `suse` - a list created in accordance to [openSUSE packaging guidelines](https://en.opensuse.org/openSUSE:Packaging_guidelines#Licensing).\n\n- `tweaked` - a list that combines all of the above and also includes many non-standard licence tags spotted in the wild.\nThis list has the smallest chance of generating false-positives (free packages being marked as non-free)\n\nWhen building the program, one of those lists has to be selected as default.\nThis can be done by providing the `DEFAULT_LICENCE_LIST` variable to *make*.\n\n\n**Picking the grammar rules**\n----------\nLicensing can be a complicated subject, with many pieces of software utilising various\nmultiple-licensing schemes. These can be written down in various ways - using combining words\nsuch as \"and\" / \"or\", but also listing individual licences separated by commas or semicolons.\nThis results in a myriad of possible ways to describe the licensing situation.\n\nIn recent years, the SPDX standard - offering a formalized way of building\nlicence expressions - has gained a lot of traction, with more and more distributions\nadopting SPDX as the preferred way of specifying package licences.\n\nTo reflect this, *vrms-rpm* comes with multiple licence-string parsers.\nCurrently, the supported options are:\n\n- `spdx-strict` - a parser implementing the [SPDX license expressions](https://spdx.github.io/spdx-spec/v2.3/SPDX-license-expressions/)\n  specification.\n\n- `spdx-lenient` - a variant of the SPDX parser, which relaxes some rules regarding case-sensitivity\n  and whitespace.\n\n- `loose` - an ad-hoc, informal parser that tries its best to make sense of licence strings\n  that do not follow any formal grammar. This is the original parser used in *vrms-rpm* v2.2 and older.\n\nWhen building the program, one of the parsers has to be selected as default.\nThis can be done by providing the `DEFAULT_GRAMMAR` variable to *make*.\n\n\n**Building**\n----------\nTo build, use `make` with the `build` target. The `PREFIX` variable can be\nused for controlling program data paths (e.g. where to look for the good licence list).\nThe default is `/usr/local`.\n\nBy default, *vrms-rpm* links against `librpm` and `librpmio`, to make use of RPM's version comparison functions.\nTo disable this feature, you can set the `WITH_LIBRPM` variable to `0`. In this case, *vrms-rpm* will use a fallback,\nsimplified algorithm when comparing package versions.\n```\n$ make build [PREFIX=/usr/local] [DEFAULT_GRAMMAR=loose] [DEFAULT_LICENCE_LIST=tweaked] [WITH_LIBRPM=1]\n```\n\n\n**Testing**\n----------\nTo test the program, use `make` with the `test` target. This will build the test suite and immediately execute it.\nIf you want to just build the test suite, use the `build/test-suite` target.\n```\n# Shorthand for: make build/test-suite \u0026\u0026 ./build/test-suite\n$ make test\n```\nThe test suite uses [*cmocka*](https://cmocka.org/), so make sure you have it installed.\nIf you build against `librpm`, you may notice that some tests are skipped;\nthese check *vrms-rpms's* fallback behaviour, so it makes no sense to run them when that's disabled.\n\n\n**Installing**\n----------\nTo install, perform your usual `make install`.\nYou can use the `DESTDIR` variable if you need to install the files\nsomewhere else than `PREFIX` dictates (e.g. for packaging).\n```\n$ [sudo] make install [PREFIX=/usr/local] [DESTDIR=]\n```\nRemember that to install stuff inside `/usr` you will need root capabilities.\n\n\n**Getting rid of it**\n----------\nShould you decide to remove the program, the Makefile has got you covered.\n```\n$ [sudo] make remove [PREFIX=/usr/local] [DESTDIR=]\n```\nOnce again, remember that messing inside `/usr` requires extra privileges.\n\n\n**Licensing**\n----------\nThis program is made available under the terms of the GNU\nGeneral Public License, version 3, as published by the\nFree Software Foundation.\n\nThis program uses photos courtesy of other people;\nsee `IMAGE-CREDITS.txt` for details.\n\n\n**Contributing**\n----------\nWhether you'd like to report an issue with the program or submit a patch,\nyou can do so on [GitHub](https://github.com/suve/vrms-rpm/) or via e-mail.\n\nWhen sending patches, please keep in mind the following:\n\n 1. When modifying program options, remember to update the `--help`\n    section and the man page(s).\n \n 2. Use British spelling, when appropriate.\n \n 3. By contributing, you agree for your work to be included under\n    the terms of the program licence.\n\n\n**Donating**\n----------\nIf you'd like to support the development of this program financially,\nyou can use the following methods:\n\n- [GitHub Sponsors](https://github.com/sponsors/suve/)\n\n- [Liberapay](https://liberapay.com/suve)\n\nMuch appreciated!\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fsuve%2Fvrms-rpm","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fsuve%2Fvrms-rpm","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fsuve%2Fvrms-rpm/lists"}