Re: debian/copyright and Files-Within-Files

To: debian-policy@lists.debian.org
Subject: Re: debian/copyright and Files-Within-Files
From: Jonathan Yu <jonathan.i.yu@gmail.com>
Date: Tue, 30 Jun 2009 10:02:45 -0400
Message-id: <d1b732a70906300702m7a2330e0k5d4e207133200766@mail.gmail.com>
In-reply-to: <20090630083752.GE8269@dario.dodds.net>
References: <d1b732a70906290855u7081fb69s66cc9de4dfcecd88@mail.gmail.com> <20090630083752.GE8269@dario.dodds.net>

Steve:

On Tue, Jun 30, 2009 at 4:37 AM, Steve Langasek<vorlon@debian.org> wrote:
> On Mon, Jun 29, 2009 at 11:55:29AM -0400, Jonathan Yu wrote:
>> For example, if an upstream module contains a Stuff.tar.gz, and that
>> file itself contains stuff that is all under the same license, but has
>> different copyright information.
>
>> Assume Stuff.tar.gz contains files:
>>  foo.c
>>  bar.txt
>>  baz.c
>
>> And foo.c is: Copyright 2005 Some Company A
>> bar.txt is Copyright 2002 Some Person B
>> baz.c is Copyright 2002-2007 Other Fictional Entity
>
>> How would we represent such a case? Would we need to unpack that
>> tarball and then reference the files appropriately?
>
> Unpacking the tarballs would mean modifying the pristine upstream tar,
> wouldn't it?  I don't think we want to do that.
That's what we've had to do, because some of the tarballs don't even
have copyright at all. The module has recently been orphaned by the
author though, so someone (maybe me) could pick it up and fix the
issues upstream.
>
> Is it not sufficient to just list
>
>  Files: Stuff.tar.gz
>  Copyright: 2005 Some Company A
>             2002 Some Person B
>             2002-2007 Other Fictional Entity
>  License: Tar Public License
Unfortunately, no. Not that I think anyway. The problem is that it's
like saying:

Files: stuff.txt
 License: Apache

Files: other.pl
 License: GPL

Is the same as
Files: *
 License: Apache | GPL

But that loses information there. And I don't think that's the way
we're supposed to do things (in the pkg-perl packages we track each
license separately).

I'm not sure if tarballs like this should be given an exception, to
say, just note all of the copyrights in total, and if people are
curious which file is copyrighted as which, then just open up the
tarball and check inside.
>
> ?
>
> I think the logical unit to describe here (to the extent that we even want
> more detail than "the work as a whole") is the file in the source package,
> even if that file is a tarball, so I would suggest using the above.
>
>> I have come across this case in Module::CPANTS::Analyse, which is a
>> Perl module that looks inside .tar.gz files without extracting them
>> out. It includes several such tarballs as a way to test the module
>> functionality.
>
> And these tarballs contain files with differing copyright holders?  Congrats
> on finding a strange corner case. :)

I think it'd be even more concerning if there are a couple levels of
recursion... A tarball within a tarball, containing images. All with
different licenses. Fantastic.

Reply to:

Follow-Ups:
- Re: debian/copyright and Files-Within-Files
  - From: gregor herrmann <gregoa@debian.org>

References:
- debian/copyright and Files-Within-Files
  - From: Jonathan Yu <jonathan.i.yu@gmail.com>
- Re: debian/copyright and Files-Within-Files
  - From: Steve Langasek <vorlon@debian.org>

Prev by Date: Re: debian/copyright and Files-Within-Files
Next by Date: Re: debian/copyright and Files-Within-Files
Previous by thread: Re: debian/copyright and Files-Within-Files
Next by thread: Re: debian/copyright and Files-Within-Files
Index(es):
- Date
- Thread