Onkar Shinde wrote:
You want to completely avoid shipping upstream's bundled jars, since quite often the upstream has a lot more lenient policy towards what they consider 'open source' then what debian considers to be acceptable for redistribution.On Thu, Jul 17, 2008 at 7:41 AM, Florian Grandel <jerico.dev@gmail.com> wrote:Hi Philipp,I now ask myself, when and were should I replace those libraries: 1. Only in the final debian/jspwiki/ tree (but build with the original .jar files) 2. Each time during the debian/rules run 3. Once in the .orig.tar.gz (the download is only availabe as .zip)I think Debian policy doesn't allow you to depend on pre-built jars even during build phase. IMHO you should strip the jars from the original tar directly after download so that they do not end up in the source package. This is the only way you can make sure that you'll never (even unknowingly) use non-free prebuilt binaries.What is wrong with cleaning up prebuilt jar files in clean target in debian/rules? If you use this approach you don't have to repack the upstream tarball every time there is a new version.
Example: Apache Foundation projects and BCL-licensed JARs prior to the drafting of the third party license policy a few years ago.
cheers, dalibor topic
Is there any policy against this approach? If yes, can you please point me to it? Onkar
-- ******************************************************************* Dalibor Topic Tel: (+49 40) 23 646 738 Java F/OSS Ambassador AIM: robiladonaim Sun Microsystems GmbH Mobile: (+49 177) 2664 192 Nagelsweg 55 http://openjdk.java.net D-20097 Hamburg mailto:Dalibor.Topic@sun.com Sitz der Gesellschaft: Sonnenallee 1, D-85551 Kirchheim-Heimstetten Amtsgericht München: HRB 161028 Geschäftsführer: Thomas Schröder, Wolfgang Engels, Dr. Roland Bömer Vorsitzender des Aufsichtsrates: Martin Häring