Re: scala-tools-sbinary_0.4.2+2.11.M5-1_amd64.changes REJECTED

To: Thorsten Alteholz <ftpmaster@ftp-master.debian.org>
Cc: debian-java@lists.debian.org, tille@debian.org
Subject: Re: scala-tools-sbinary_0.4.2+2.11.M5-1_amd64.changes REJECTED
From: Frederic Bonnard <frediz@linux.vnet.ibm.com>
Date: Tue, 5 Sep 2017 09:19:44 +0200
Message-id: <[🔎] 20170905091944.GB30465@kin.test.toulouse-stg.fr.ibm.com>
In-reply-to: <E1dlYp0-0001px-JF@fasolo.debian.org>
References: <E1dlYp0-0001px-JF@fasolo.debian.org>

Forwarding to the correct debian-java mailing list..

---

Hi Thorsten,

thanks for working on that and everybody that answered to help this
topic to progress. I've been off my computer last week.

> your package seems to consist mostly of jar files without the corresponding 
> sources. So I am afraid I have to reject it.

That's right, there are several jars that are part of the embedded sbt
binary distribution that is used to only build the current sbt.
All started here :
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=639910#118

There Mehdi Dogguy explained we can bootstrap sbt this way as long as we
do not ship those binary jars in the Debian binary package. It seems
this process has been followed for other softwares.

That looked ok for me since the spirit of Debian is there : the
different components to upload are DFSG compliant : the sources of sbt
are there (2) and licenses of all files are DFSG compliant (10) (other
DFSG points are ok too; no mention of specific distribution point or
restriction, classical licenses).

The only thing is that in main the set of components that I've pushed
may Depends on each other for runtime, but a simultaneous push in main
of those should in theory be ok (2.2.1 : None of the packages in the
main archive area require software outside of that area to function.)

If binary jars for compilation are a problem, what should be done when
for example you have a font file (with DFSG compatible license) that is
used for generating image files at build time and those generated images
will be included in the binary package. Should that source package be
refused because the project didn't include the source of the font file
(which can come from another project) ? (that could be a font file or
any image without the source but with a DFSG license still)

Sorry to play the devil's advocate and being irritating, I'm not that
kind :), just willing to understand.
So, am I missing some clear and strict policy point or is that a
question of interpretation.

F.

> 
>   Thorsten
> 
> 
> 
> ===
> 
> Please feel free to respond to this email if you don't understand why
> your files were rejected, or if you upload new files which address our
> concerns.
>

Attachment: pgpJUseeFp8a0.pgp
Description: PGP signature

Attachment: pgpN1cfiJ6yRm.pgp
Description: PGP signature

Reply to:

Prev by Date: Re: Security issue in groovy<2.5.0
Next by Date: Bug#874343: RM: classworlds -- ROM; No longer used, superseded by plexus-classworlds and plexus-classworlds2
Previous by thread: Re: Security issue in groovy<2.5.0
Next by thread: Bug#874343: RM: classworlds -- ROM; No longer used, superseded by plexus-classworlds and plexus-classworlds2
Index(es):
- Date
- Thread