Re: Peer review of copyright files.
Le Fri, Dec 12, 2008 at 03:21:50PM +0100, Daniel Leidert a écrit :
> Well, licensecheck(1) exists. Maybe many packagers don't know it?
I would rather think that one reason for defective debian/copyright files are
the false negatives of licensecheck ;) `grep -ri copyright .' is more messy but
an indispensable complement, in my opinion, and in the case nothing is found it
is usually safer to try a few other keywords and to inspect some files by hand.
> > PS: and of course, consider using the machine-readable format if you have not
> > tried yet: http://wiki.debian.org/Proposals/CopyrightFormat
> Would be nice to have a licensecheck mode to compare debian/copyright to
> the checked source.
I was considering filing a lintian wishlist :) I have caught once in the past
an upstream update that was adding a non-free MD5 implementation, but an
automatic safeguard wouldn't hurt. Also, I think that my proposal can be useful
as well in the case of a big update where the diff is really large. The
maintainer could file a RFH and use the current procedure, giving a look to
other's packges in exchange for the help with his.
Have a nice day,
Debian Med packaging team,
Tsurumi, Kanagawa, Japan