[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Declaring license for autogenerated file (W3C)

On Fri, 18 Jun 2021 12:53:37 +0200
"Diego M. Rodriguez" <diego@moreda.io> wrote:

> [...]
> Actually, while the upstream tarball (from PyPI) does not include the
> unicode.xml file, upon closer inspection upstream does include it in
> their GitHub releases. If using the release for packaging is technically
> viable (looks like it will be), would it be preferable from the legal side?
> 
> > Suggestion --> [...]  

In that case, you can just use the correct path for unicode.xml, drop the
comment from the second paragraph, and simplify the paragraph in the first.

Both still appear to have a unique copyright/license from each other, as well as
the rest of the project, so they should still both be represented separately.

> :: would it be preferable from the legal side?

I'm a bit confused by this. It's always preferable to follow upstream releases
when generating packages. Building packages from projects that don't create
releases (see golang...) is a bit of a headache and helps result in some truly
horrific version numbers. [1] If the upstream project provides releases, then
definitely use them.

What matters from a legal perspective is that you follow what is spelled out in
the license. (That's also the primary concern behind packages passing through
the NEW queue.)


[1] 1:0.0~git20170407.0.55a552f+REALLY.0.0~git20161012.0.5f31782-1+deb8u1
-- 
Michael Lustfield
Reply to: