copyright file and non-secure URL's
The Debian Policy Manual on
https://www.debian.org/doc/debian-policy/ch-docs.html#s-copyrightfile
says:
12.5 Copyright information
[...]
In addition, the copyright file must say where the upstream sources
(if any) were obtained, and should name the original authors.
But I wonder whether it is a good idea to promote only non-secure URL's
to the source (at least if there are no associated signtures), as some
packages do. One may also wonder whether the package maintainer has
used such a URL to download upstream's source. For instance, for libc6,
/usr/share/doc/libc6/copyright contains:
--------
It was put together by the GNU Libc Maintainers <debian-glibc@lists.debian.org>
from <svn://svn.eglibc.org>
--------
--
Vincent Lefèvre <vincent@vinc17.net> - Web: <https://www.vinc17.net/>
100% accessible validated (X)HTML - Blog: <https://www.vinc17.net/blog/>
Work: CR INRIA - computer arithmetic / AriC project (LIP, ENS-Lyon)
Reply to: