Bug#1117167: lintian: detect PNG Apple color profile non-free copyright claims

[Louis-Philippe Véronneau <pollo@debian.org>]

On 10/21/25 6:52 AM, Nilesh Patra wrote:
> > Hi!  Charles Plessy made me aware that PNG files may embed copyright
> > claims on the color profile:
> >
> > https://salsa.debian.org/newgateway-team/reviews/-/issues/25
> >
> > I didn't analyze if the copyright claim refer to any valid copyrightable
> > portion of the file, but assuming they do (and this appears
> > likely/reasonable), I think lintian should detect this and issue a
> > warning about this situation, just like some other license-related
> > warnings in lintian.
> >
> > What do you think?
>
> Would you be able to confirm if the copyright claim refers to valid copyrightable
> portion of this file? Would it also be possible to estimate how many packages
> will show up with the warning once it is added?
>
> If this is not an actual copyright problem on a large number of accounts, I think
> it will annoy a lot of package maintainers once the check is added.

I also have some reserves, especially in terms of compute power needed 
for those checks. Lintian needs to stay a tool that's relatively "cheap" 
to run and I would be afraid checking all the images in a package could 
dramatically affect runtime.

Not only that, but libraries used for parsing images are often large and 
tend to come with a lot of security updates (since they tend to have a 
lot of vulnerabilities...). Not sure we really want Lintian to depend on 
that :(

--
  ⢀⣴⠾⠻⢶⣦⠀
  ⣾⠁⢠⠒⠀⣿⡁  Louis-Philippe Véronneau
  ⢿⡄⠘⠷⠚⠋   pollo@debian.org / veronneau.org
  ⠈⠳⣄