Am 12. Oktober 2016 14:56:23 MESZ, schrieb Bastien ROUCARIES <roucaries.bastien@gmail.com>:
Fixed in lintian.
Lintian will tag these files
Thanks
On Mon, Oct 10, 2016 at 10:50 PM, Tobias Frost <tobi@debian.org> wrote:
Am Montag, den 10.10.2016, 21:48 +0200 schrieb Bastien ROUCARIES:
On Mon, Oct 10, 2016 at 8:30 PM, Tobias Frost <tobi@debian.org>
wrote:
Dear Developers,
while packaging an updated version of one of my packages which
included
now rapidjson I became aware that this library includes the test
suite
date of http://json.org/JSON_checker/. While there
is no license on
the
testsuite.zip, json_checker is licensed by json.org with the
infamous
clause "The Software shall be used for Good, not Evil."
and I believe the testdata is covered under the same license "best
case", (worst case not licensed at all.
For rapidjson [1] I filed #840333, but afterwards I checked also
codesearch.debian.net for one of the testcases [2] and found many
packages including it verbatim.
I'm not sure if my assessment is right and we have a DFSG problem
here,
but if so, I guess this should be handled by extending the existing
lintian error.
With my lintian maint hat, they are here two approach:
- autoreject based on md5sum and sha1
- autoreject based on regexp
Do you have better signature than this file ?
The testsuite
data are in total 36 (mostly) small files, so I guess
the hashes would work, maybe with an additional indicator if more than
one file in the set is found.
The zip is here:
http://json.org/JSON_checker/test.zip
a git repo for convenient browsing them here:
https://github.com/miloyip/rapidjson/tree/master/bin/jsonchecker
Thoughts?
[1] (where upstream is aware of it and later versions recommend to
remove the testsuite)
[1] https://codesearch.debian.net/search?q=%22Extra+comma%22%3A+tru
e%2C
+path%3Afail9.json&perpkg=1
--
tobi
--
tobi