On Saturday, March 8, 2025 8:21:32 AM MST Peter B wrote:
> On 08/03/2025 11:59, Soren Stoutner wrote:
> > On Friday, March 7, 2025 11:26:49 PM MST Phil Wyett wrote:
> > > > > Test 7 (licenserecon): Information
> > > > >
> > > > >
> > > > >
> > > > > d/copyright | licensecheck
> > > > >
> > > > >
> > > > >
> > > > > BSD-2-clause | FSFULLR config.rpath
> > > >
> > > > I think this is covered by policy 2.3:
> > > >
> > > >
> > > >
> > > > Thus, the copyright information for files in the source package
> >
> > which
> >
> > > > are only part of its build process, such as autotools files,
> >
> > need not
> >
> > > > be included in /usr/share/doc/PACKAGE/copyright, because those files
> > > >
> > > > do not get installed into the binary package.
> > >
> > > Indeed, I have filed the issue below to see if we can have
> >
> > 'licenserecon'
> >
> > > exclude these from checking.
> > >
> > >
> > >
> > > https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1099786
> >
> > Actually, licenserecon’s behavior is correct, although I do understand
> > that the policy is written in a way that is easy to misinterpret.
> >
> >
> > Basically, *all* license information must be included in
> > debian/copyright. Full stop.
> >
> >
> > Some *copyright* information may be omitted from debian/copyright.
> >
> >
> > Relevant sections of the policy:
> >
> >
> > 2.3
> >
> >
> > "Every package must be accompanied by a verbatim copy of its
> > distribution *license(s)* in the file /usr/share/doc/PACKAGE/copyright.”
> >
> >
> > This is the part that is talking about licenses (emphasis mine in the
> > quote). It is communicating that all license information must be
> > reflected in debian/copyright, but it isn’t as forceful or as clear as
> > it could be. However, it will be clarified later in the policy.
> >
> >
> > "The *copyright* information for files in a package must be copied
> > verbatim into /usr/share/doc/PACKAGE/copyright, when all of the
> > following hold:
> >
> >
> > "1. the distribution license for those files requires that copyright
> > information be included in all copies and/or binary distributions;
> >
> >
> > “2. the files are shipped in the binary package, either in source or
> > compiled form; and
> >
> >
> > "3. the form in which the files are present in the binary package does
> > not include a plain text version of their copyright notices.
> >
> >
> > "Thus, the *copyright information* for files in the source package
> > which are only part of its build process, such as autotools files,
> > need not be included in /usr/share/doc/PACKAGE/copyright, because
> > those files do not get installed into the binary package. Similarly,
> > plain text files which include their own copyright information and are
> > installed into the binary package unmodified need not have that
> > copyright information copied into /usr/share/doc/PACKAGE/copyright”
> >
> >
> > This section explains when copyright information (emphasis mine in
> > quote) may be omitted, including in scenarios such as autotools files.
> >
> >
> > 22.8
> >
> >
> > "The copyright information for files in a package must be copied
> > verbatim into /usr/share/doc/PACKAGE/ copyright when all of the
> > following hold:
> >
> >
> > "1. the distribution license for those files requires that copyright
> > information be included in all copies and/or
> >
> > binary distributions;
> >
> >
> > "2. the files are shipped in the binary package, either in source or
> > compiled form; and
> >
> >
> > "3. the form in which the files are present in the binary package does
> > not include a plain text version of their copyright notices.
> >
> >
> > "Note that there is no change to the requirement to copy *all
> > licensing information* into /usr/share/doc/PACKAGE/copyright.”
> >
> >
> > This part clarifies that all licensing information must be included in
> > debian/copyright (emphasis mine in the quote).
> >
> >
> > So, if your autotools files have the same license as the main project,
> > then you do not need to include their copyright information in
> > debian/copyright, even if it is different than the other copyright
> > information already listed. However, if your autotools files have
> > different licensing information than the main project, you do need to
> > include them in debian/copyright.
> >
> >
> > The licenserecon check indicates that this file does have a different
> > license (FSFULLR). It may be a false positive, which licenserecon
> > sometimes produces, but if it isn’t then you need to address it. And
> > if it is a false positive, you can add an override in
> > debian/lrc.config with a comment explaining why.
> >
> >
> > As an example, here is a debian/copyright file I recently created for
> > a project with a lot of different licenses in its autotools files. It
> > included a couple of entries that are not required by current policy
> > (but are not prohibited either). But everything that contains a
> > separate license is required to be included.
> >
> >
> > https://salsa.debian.org/debian/courier/-/blob/master/debian/copyright?ref_t
> > ype=heads
> >
> >
> >
> > Soren Stoutner
> >
> > soren@debian.org
>
> @Soren,
>
> I'm not at all sure about this.
> It seems to me that the Policy wording is ambiguous,
> as I would interpret "copyright information" to imply both the copyright
> notice/statement and the license itself.
Policy 22.8 is not ambiguous, which is the release that added the option to not include all copyright information in debian/copyright (previously all copyright information was required). When this change was made, they specifically said:
“Note that there is no change to the requirement to copy *all licensing information* into /usr/share/doc/PACKAGE/copyright.”
--
Soren Stoutner
soren@debian.org
Attachment:
signature.asc
Description: This is a digitally signed message part.