On Thu, Mar 19, 2009 at 11:02:48PM -0700, Daniel Moerner wrote:
On Thu, Mar 19, 2009 at 10:19 PM, Mike O'Connor <stew@debian.org> wrote:
To me, it seems like since one has to go through all of the source files
anyway, creating a list of copyright holders while you are doing it is a
trivial task. I don't see why making this list takes any time at all
really. Unless you are not actually looking at the code you upload,
which would worry me for other reasons as well.
I agree. The thing that I like about creating packages with the
wiki.d.o specification is that it forces you to actually examine the
copyrights of all the parts of a new package, instead of just use a
lazy link to /usr/share/common-licenses/foo. This is especially
important for packages that have many different hidden scripts or
architecture-independent libraries that might have different licenses.
With the kind of copyright file generated by dh_make, it seems like
new maintainers often ignore the risk of a package with a tainted,
unredistributable license problem.
In shorter words: I think something should be done about the copyright
file to encourage developers to actually perform an audit of the
license status of files in their packages before they upload. The
current copyright template doesn't really encourage this; I like the
machine-parseable system because it makes it easy to organize such an
audit.
Try doing that on iceweasel or xulrunner. Hint: there are about 30000
files and a real lot of copyright holders.
It's already a PITA with webkit, which is about 3000 files and quite a
lot of copyright holders (the copyright file, which I'm pretty sure is
not accurate is 809 lines and growing at each new release).
On top of listing copyright holders, I must say listing the individual
files for each license in the copyright file is also a major PITA.