On 23.06.23 01:04, Petter Reinholdtsen wrote:
[Thorsten Alteholz]in case you don't know their origin, I am afraid they are also not suitable for non-free as well.Why not? The files are simply part of the source provided by OpenAI over at <URL: https://github.com/openai/whisper/ >, created and licensed by OpenAI with a MIT license. I would expect the fact that I do not know how Whisper or OpenAI work internally should not really matter when the license permits distribution. I do not really _know_ how any people involved created the source in any of the packages I maintain, except the code I created myself, but take the code license at face value unless I have reason to doubt it. Why should this be any different?
I don't think it is that easy. From my experience most upstreams just care about the license of their own code (if at all). For example when they copy others source code they don't check whether licenses are compatible. When it comes to data files, the situation is worse and upstreams are astonished that there are even licenses for data files that need to be considered.
So, as you wrote that you don't know (and may not work out) where these data files are derived from, I keep on the safe side and assume that distribution of them is not allowed.
Not sure how to reach them, the git repo on github do not accept issues nor patches.
Normally only one email is required to clarify this, but if upstream is not reachable at all, I wonder whether the package should be part of Debian. When it comes to security issues one wants to have a responsive upstream ...
Thorsten