[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: [DEP5] Clarification of the minimum required structure

Hi guys,

On Mon, Dec 12, 2011 at 12:51:59AM -0800, Russ Allbery wrote:
> Steve Langasek <vorlon@debian.org> writes:

> > This implies, but does not state explicitly, that there must be at least
> > one Files paragraph in the file to be compliant.  I would like to see
> > this corrected by making it explicit in the section on File syntax what
> > the minimum required structure is; but it's possible others have a
> > different understanding of this text.

> > Is the attached patch ok to commit?

> During the discussion of allowing Copyright and License fields in the
> header paragraph, one of the things that was raised is the possibility of
> using the DEP-5 format with *just* a header paragraph as a structured way
> of representing the level of detail found in a lot of old-school
> debian/copyright files.  It would let people convert the copyright files
> that just say "here's the copyright and license for upstream" to DEP-5
> without implying that they've actually reviewed each file and confirmed
> they are all covered under that license (and not, say, some compatible
> one).

I see two options that we could choose for a minimal file:

 - single header paragraph with License and Copyright fields (both would
   have to be required in the case that there are no other paragraphs).  In
   this case, it is assumed that the License/Copyright fields in the header
   paragraph include all required notices, but no conclusions can be drawn
   about whether there's a compilation copyright here.

 - single header paragraph plus a single Files: * paragraph.  In this case,
   any License/Copyright fields in the header paragraph are used only to
   document compilation copyright and whole-package license terms (e.g., the
   effective license of a package whose individual files are dual-licensed
   but only one of these licenses is compatible with the rest of the work;
   or when a maintainer is choosing to sublicense or redistribute a package
   under different terms than the obvious ones).  This implies that the
   maintainer must make the additional effort of working out what a correct
   copyright notice is that covers "Files: *".

I have no preference between these two, but I do think it's important to
pick one so that the semantics are consistent.

Given the current language and the feedback in this thread, I think there is
a general preference for the second option.  Russ, does this meet your
needs?  And if not, do you think this is important to address in 1.0?

> Now, this is a really nit-picky and strange edge case, and I don't really
> mind if we decide that it's not important and rule it out.  There isn't
> that much difference between what I describe above and just using a Files:
> * stanza, and the distinction is probably too particular to be worth
> explaining.

Well, both of these options still allow for License/Copyright in the header
paragraph; it's just a matter of whether Files: * is required with it.

On Mon, Dec 12, 2011 at 10:05:15AM +0100, Stefano Zacchiroli wrote:
> Agreed.  It is an exception to the general rule that "each file in a
> source package has a matching File: section of debian/copyright", with
> very little benefits. Allowing such an exception calls for unneeded,
> "if..then..else" clauses both in DEP-5 implementations and in the head
> of humans when reading/writing debian/copyright files.

> It is true, as you imply, that forcing to write "Files: *" might be felt
> a stronger statement than just stating a global Copyright / License. But
> I do see such a feeling as a good thing: it'd be an incentive to do such
> a review, and to do so in a more principled way.

The counterargument is that if this requires maintainers to do more work in
order to create a dep5 copyright file which is both valid and accurate, it
may slow adoption of the format for some cases.  From previous discussions,
I gather that for some of Russ's upstreams, this could be a prohibitive
amount of work.

But personally I don't think that's a blocker for 1.0.

Steve Langasek                   Give me a lever long enough and a Free OS
Debian Developer                   to set it on, and I can move the world.
Ubuntu Developer                                    http://www.debian.org/
slangasek@ubuntu.com                                     vorlon@debian.org

Attachment: signature.asc
Description: Digital signature

Reply to: