[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: including complete corresponding licence information should stay a requirement (was Re: Debian Policy released)

On Sunday, December 23, 2018 08:56:02 PM Thorsten Glaser wrote:
> Sean Whitton dixit:
> >2.3 & 4.5
> >
> >    In cases where a package's distribution license explicitly permits
> >    its copyright information to be excluded from distributions of
> >    binaries built from the source, a verbatim copy of the package's
> >    copyright information should normally still be included in the
> >    copyright file, but it need not be if creating and maintaining a
> >    copy of that information involves significant time and effort.
> I quite disagree. Downstreams will require the licence information,
> and if it’s included in the source package, it’s easy enough to add
> it to the binary package, and if not, the above does not apply either.
> I recently did the work to audit swagger-ui-dist, which is built
> using “modern web 2.0” tools from over 80 NPM packages, and it took
> me some hours, but we now have a licence file for the binary, and
> upstream was actually thankful about these efforts.
> I would expect that, even if it’s hard, this to be mandatory part
> of packaging anything for Debian. I will be very unamused about
> packages without correct corresponding licence information EVEN
> IF the upstream licence allows such, because ONLY the presence of
> such correct licence information in the Debian package shows that
> an actual audit of the legal situation has been done (and only
> after that, this decision to not include the information could be
> done, and by then, the information will already be there, so it
> must (in my opinion) still be included).
> I hereby ask that this change be reverted.

I believe you are misreading the change.

The change is not at all about license information.  It's about documenting 
the list of copyright holders if not required by the license.

Scott K

Reply to: