On 2017-12-19 15:17:56 +0100 (+0100), Thomas Goirand wrote: [...] > I wish you good luck with that. I attempted *twice* to have the > copyright holder information attached to each upstream project on > upstream OpenStack, and twice this was a failure. Maybe I'm not good > with communication, but I don' think it's the bigger factor. I just > think upstream doesn't care, they (wrongly) think that licensing is > enough, when clearly, it's not for Debian (we also care the copyright > holding part). If you can please attempt (again) to clarify what you're looking to have included in upstream releases with regard to copyright holder information, I'll see what I can whip up. It's up to individual contributors (authors and reviewers) as to whether a given patch makes a significant enough change to a particular file to warrant adding a copyright holder or year in it. I can certainly at least work on helping standardize them such that they can be scraped efficiently and aggregated through automation. Also worth noting, the OpenStack community has been operating under comments from legal counsel indicating that the Apache Software License version 2 doesn't explicitly require a manifest of copyright holders. If people choose to note copyright over at least some of a file then it's generally honored, but the list of copyright holders you could obtain from the comments in those files is by no means a list of everyone who holds copyright on them. Some further notes the OpenStack community has assembled regarding copyright headers in files: https://wiki.openstack.org/wiki/LegalIssuesFAQ#Copyright_Headers If nothing else, hopefully this serves as another real-world data point for copyright tracking expectations upstream and downstream in these sorts of situations, and what sort of tracking information is actually reasonable to expect a package maintainer or an upstream project to be able to obtain. -- Jeremy Stanley
Attachment:
signature.asc
Description: Digital signature