Adrian Bunk <bunk@debian.org> writes: > A better workflow would be something like: > - a dh_copyright creates and updates debian/copyright > - the build aborts on non-trivial changes[1] > - the maintainer reviews the changes when the build aborted > (including after the initial packaging) Yes! What do you think about designing it similar to how we handle debian/*.symbols file? That is, dh_copyright would generate a debian/copyright based on upstream source code and compare that with debian/copyright and barf on diffs? With some suitable override or hint mechanism for known mis-interpretations. I have had good success using 'licenserecon' for verifying license compliance in many packages, but I have yet to find a good enough mechanism to curate the debian/copyright file from upstream sources. I think the output of this tool doesn't have to be perfect, if the hint/override mechanism is human-friendly and easy to use so that maintainers can somehow force the debian/copyright output to what they want. Having automated copyright generation with human assistance seems better than human maintained copyright files. I think it would lead to better quality debian/copyright content, fewer errors, and reduce maintainer cycles. > It would also be good to discuss with a lawyer what actual legal > requirements are. ... > It is not clear to me whether debian/copyright is required for legal > reasons at all,[2] Reproducing whatever upstream say about copyright and licensing is probably sufficient and the right thing to do regardless. /Simon
Attachment:
signature.asc
Description: PGP signature