Re: [Pkg-haskell-commits] darcs: haskell-yaml: Disable patch to use system libyaml.

To: debian-haskell@lists.debian.org
Cc: Michael Snoyman <michael@snoyman.com>
Subject: Re: [Pkg-haskell-commits] darcs: haskell-yaml: Disable patch to use system libyaml.
From: Joachim Breitner <nomeata@debian.org>
Date: Wed, 14 Sep 2011 10:35:30 +0200
Message-id: <[🔎] 1315989330.2453.12.camel@kirk>
In-reply-to: <E1R3dju-0005z7-7z@vasks.debian.org>
References: <E1R3dju-0005z7-7z@vasks.debian.org>

@Michael: See further below for the part relevant to you.

Hi Clint,

I just saw this patch:

Am Mittwoch, den 14.09.2011, 00:54 +0000 schrieb clint@debian.org:
> Wed Sep 14 00:54:00 UTC 2011  clint@debian.org
>   * Disable patch to use system libyaml.
>   Ignore-this: e082ab323e1444441552aaff99e4e9d7
> 
>     M ./changelog +6
>     M ./patches/series -1 +1
> 
> Wed Sep 14 00:54:00 UTC 2011  clint@debian.org
>   * Disable patch to use system libyaml.
>   Ignore-this: e082ab323e1444441552aaff99e4e9d7
> diff -rN -u old-haskell-yaml//changelog new-haskell-yaml//changelog
> --- old-haskell-yaml//changelog	2011-09-14 00:54:10.082332489 +0000
> +++ new-haskell-yaml//changelog	2011-09-14 00:54:10.086335051 +0000
> @@ -1,3 +1,9 @@
> +haskell-yaml (0.4.1-2) unstable; urgency=low
> +
> +  * Disable patch to use system libyaml.
> +
> + -- Clint Adams <clint@debian.org>  Tue, 13 Sep 2011 20:42:31 -0400
> +
>  haskell-yaml (0.4.1-1) unstable; urgency=low
>  
>    * Initial release.
> diff -rN -u old-haskell-yaml//patches/series new-haskell-yaml//patches/series
> --- old-haskell-yaml//patches/series	2011-09-14 00:54:10.074333604 +0000
> +++ new-haskell-yaml//patches/series	2011-09-14 00:54:10.090334506 +0000
> @@ -1 +1 @@
> -use-shared-libyaml.diff
> +#use-shared-libyaml.diff

I’m curious: Why did you have to remove that patch? In Debian, we avoid
convenience copies when possible, e.g. for security reasons: Judging
from http://pyyaml.org/log/ version 0.1.4 removed a pointer arithmetic
overflow, this fix seems to be not included in the included copy. (I did
not check if it is exploitable or not.)

Additionally, debian/copyright does not mention the copyright and
license of the embedded libyaml copy. The yaml haskell package does not
include it. This seems to be actually a copyright violation – hence the
CC to Michael Snoyman.

Both are BSD-like licensed, so there is no conflict, but the actual
licenses differ slightly, but in any case the libyaml license and 
copyright needs to be added to debian/copyright.

And finally, if you have to use the embedded copy, you can  remove the
build-dependency on libyaml-dev.

Greetings,
Joachim

PS, to be not only complaining: Thanks for your work on packaging yesod.
I’m looking forward to the results, as I am considering yesod for a
project that I’m about to start.

-- 
Joachim "nomeata" Breitner
Debian Developer
  nomeata@debian.org | ICQ# 74513189 | GPG-Keyid: 4743206C
  JID: nomeata@joachim-breitner.de | http://people.debian.org/~nomeata

Attachment: signature.asc
Description: This is a digitally signed message part

Reply to:

Follow-Ups:
- Re: [Pkg-haskell-commits] darcs: haskell-yaml: Disable patch to use system libyaml.
  - From: Michael Snoyman <michael@snoyman.com>
- Re: [Pkg-haskell-commits] darcs: haskell-yaml: Disable patch to use system libyaml.
  - From: Clint Adams <clint@debian.org>

Prev by Date: Re: clientsession 0.7.2
Next by Date: Re: [Pkg-haskell-commits] darcs: haskell-yaml: Disable patch to use system libyaml.
Previous by thread: Re: clientsession 0.7.2
Next by thread: Re: [Pkg-haskell-commits] darcs: haskell-yaml: Disable patch to use system libyaml.
Index(es):
- Date
- Thread