Re: including complete corresponding licence information should stay a requirement (was Re: Debian Policy 4.3.0.0 released)
On Sunday, December 23, 2018 08:56:02 PM Thorsten Glaser wrote:
> Sean Whitton dixit:
> >2.3 & 4.5
> >
> > In cases where a package's distribution license explicitly permits
> > its copyright information to be excluded from distributions of
> > binaries built from the source, a verbatim copy of the package's
> > copyright information should normally still be included in the
> > copyright file, but it need not be if creating and maintaining a
> > copy of that information involves significant time and effort.
>
> I quite disagree. Downstreams will require the licence information,
> and if it’s included in the source package, it’s easy enough to add
> it to the binary package, and if not, the above does not apply either.
>
> I recently did the work to audit swagger-ui-dist, which is built
> using “modern web 2.0” tools from over 80 NPM packages, and it took
> me some hours, but we now have a licence file for the binary, and
> upstream was actually thankful about these efforts.
>
> I would expect that, even if it’s hard, this to be mandatory part
> of packaging anything for Debian. I will be very unamused about
> packages without correct corresponding licence information EVEN
> IF the upstream licence allows such, because ONLY the presence of
> such correct licence information in the Debian package shows that
> an actual audit of the legal situation has been done (and only
> after that, this decision to not include the information could be
> done, and by then, the information will already be there, so it
> must (in my opinion) still be included).
>
> I hereby ask that this change be reverted.
I believe you are misreading the change.
The change is not at all about license information. It's about documenting
the list of copyright holders if not required by the license.
Scott K
Reply to: