[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: DEP-5: binary package affected by license $foo


On Wed, Nov 04, 2009 at 11:47:52PM +0100, Frank Lin PIAT wrote:
> As I was updating the copyright file in a package, I wondered if it
> would be useful to add an optional header (named "Binary-Package" or
> whatever), to state which binary package is using that file and license.

> The rational is that sooner or later, we will want to use the
> machine-interpretable copyright file to validate packages freeness,
> license compatibilities and so on.

> Some sample scenario:

> Exemple 1:
> > File: doc/info/*
> > License: GFDL-NON-FREE
> > Binary-Package: none
> The package contains a file covered by a not-so-free license, but
> that file isn't used to build the binary file. And the file isn't
> shipped in the binary files.

I agree that it would be desirable to be able to record the copyright on a
per-binary-package basis.  Ideally, though, wouldn't we extract this
information automatically?  Realistically, any information of this sort
that gets recorded in debian/copyright is going to become outdated because
maintainers are going to forget to update this field when files are
moved between binary packages; and unlike sourceful copyright/license
information, there's no easy way to generate third-party reports about
possible mismatches for binary package copyright info.

Perhaps what would be best here is to apply the same format to binary
packages, but support "Files" fields referring to the contents of the binary
packages rather than the source packages; and then construct tools to
calculate the binary licenses based on, e.g., makefile dependencies?

Steve Langasek                   Give me a lever long enough and a Free OS
Debian Developer                   to set it on, and I can move the world.
Ubuntu Developer                                    http://www.debian.org/
slangasek@ubuntu.com                                     vorlon@debian.org

Attachment: signature.asc
Description: Digital signature

Reply to: