Re: New General resolution proposed

To: Bill Allombert <ballombe@debian.org>, debian-devel@lists.debian.org
Subject: Re: New General resolution proposed
From: Joe Buck <Joe.Buck@synopsys.COM>
Date: Mon, 12 Feb 2007 11:24:07 -0800
Message-id: <[🔎] 20070212192407.GF26176@synopsys.com>
In-reply-to: <[🔎] 20070212191036.GA27001@master.debian.org>
References: <87abzl3mmm.fsf@glaurung.internal.golden-gryphon.com> <[🔎] 20070212180525.GC26176@synopsys.com> <[🔎] 20070212191036.GA27001@master.debian.org>

On Mon, Feb 12, 2007 at 07:10:36PM +0000, Bill Allombert wrote:
> On Mon, Feb 12, 2007 at 10:05:26AM -0800, Joe Buck wrote:
> > On Sat, Feb 10, 2007 at 12:15:13PM -0600, Debian Project Secretary wrote:
> > >         This is a notification of a general resolution proposed on the
> > >  debian-vote mailing list. On the 8th of February, in a message  with
> > >   Message-ID: <20070208170015.GB9499@yellowpig>
> > >  Bill Allombert <ballombe@debian.org> proposed:
> > > -------------------------------------------------------
> > > 
> > > The Debian project resolves that Debian developers allowed to perform
> > > combined source and binary packages uploads should be allowed to perform
> > > binary-only packages uploads for the same set of architectures.
> > 
> > How does the project assure that the GPL is correctly followed when a
> > binary-only upload occurs for a package containing GPL code, given that it
> > is not permissible to serve a binary from a server without the exact
> > corresponding source?  Same goes for LGPL.
> 
> This is handled automatically by the Debian Archive Kit. Uploaded
> packages do not appear in the archive until they are checked for
> matching source code (either in the same upload or already in the 
> archive). In practice most packages upload are binary only: usually a
> sourceful upload include only binary packages for a single architecture.
> All the other architectures are built and uploaded separately

The check, though, only compares the names of the source packages to the
the names of the binary packages, so the system trusts those who upload
only binaries to upload the right binaries (binaries that truly correspond
to the source).  Right now, those who run auto-builders are trusted, but
the GR proposes to trust all developers.  Right?

> The GR only addresses the non-technical issue of whether Debian
> developers should be allowed to perform the upload, not whether the
> packages will be accepted in the archive, as long as the motive for
> rejection is not the identity of the submitters.

Is the idea to get around bottlenecks caused by too few authorized people
for a given arch?

Reply to:

Follow-Ups:
- Re: New General resolution proposed
  - From: Don Armstrong <don@debian.org>
- Re: New General resolution proposed
  - From: Bill Allombert <Bill.Allombert@math.u-bordeaux1.fr>

References:
- Re: New General resolution proposed
  - From: Joe Buck <Joe.Buck@synopsys.COM>
- Re: New General resolution proposed
  - From: Bill Allombert <ballombe@master.debian.org>

Prev by Date: Re: Upgrade Experiences (27 Sarges -> Etch, and counting)
Next by Date: Re: Upgrade Experiences (27 Sarges -> Etch, and counting)
Previous by thread: Re: New General resolution proposed
Next by thread: Re: New General resolution proposed
Index(es):
- Date
- Thread