[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: RFS: pcapy/0.11.3-1 [ITA]



Hi Emmanuel,

Sorry, you still have to fix a few things before the package is ready
for upload.  We're almost there; don't give up!

On Tuesday, August 21 2018, eamanu wrote:

> No problem.  However, the "License:" still doesn't reflect the license
>> of the software.  According to LICENSE:
>>
>>   We provide this software under a slightly modified version of the
>>   Apache Software License. The only changes to the document were the
>>   replacement of "Apache" with "Pcapy" and "Apache Software Foundation"
>>   with "CORE Security Technologies". Feel free to compare the resulting
>>   document to the official Apache license.
>>
>>   The `Apache Software License' is an Open Source Initiative Approved
>>   License.
>>
>> Therefore, I think a better value for the field would be:
>>
>>   License: Apache with Pcapy modifications
>>
>
> Ready!

Thanks.  The "License:" must be the same in both places, though.  Here:

  Files: *
  Copyright (C) 2014 CORE Security Technologies <oss@coresecurity.com>. 
  License: Apache Software License with Pcapy modifications

and here:

  License: Apache with Pcapy modifications
   We provide this software under a slightly modified version of the
   ...

It's OK to use "Apache with Pcapy modifications" in both places.

>> I see that the contributions under the debian/ directory are released
>> under GPL-3+.  That's absolutely fine (I am a GPL advocate as well).
>> However, I must warn you that the Debian patches will also be released
>> under this license, which may be problematic if/when you decide to
>> upstream them.  But I understand this is the current situation anyway.
>> You may want to try to contact Arnaud Fontaine and ask him if he's OK
>> with changing the license to Apache in the future.
>>
>
> Ok. I will contact Arnaud Fontaine to ask about it. I think it's ok for
> now. In the next release of package I can update this field.

Great.  It's OK for now, indeed.

> Thanks, but what you did is incomplete.  In order to create a new
>> package, you have to create an entry for it on d/control.  What you did
>> (add ${python3:Depends} to python-pcapy's Depends) is wrong because
>> you're basically pulling Python 3 dependencies for a Python 2 package.
>> Please have a look at other packages under them DPMT and check their
>> d/control; you will find many examples of how to create Python 3
>> packages.
>>
>
> Ready!

Thanks, that's better, but there are still a few things that need
fixing.

1) It's a good practice to explicitly say if the package is a Python 2
or Python 3 module.  We do that by suffixing the short description with
"(Python X)" (where X is 2 or 2), and by appending "This package
installs the library for Python X." to the long description.  Like this:

  Package: python-pcapy
  Architecture: any
  Depends: ${python:Depends}, ${shlibs:Depends}, ${misc:Depends}
  Recommends: python-impacket
  Description: Python interface to the libpcap packet capture library (Python 2)
   Pcapy is a  Python extension module that interfaces  with the libpcap
   packet capture library.
   .
   Pcapy enables Python scripts to capture packets on the network. Pcapy
   is highly  effective when used in conjunction  with a packet-handling
   package such as Impacket, which is a collection of Python classes for
   constructing and dissecting network packets.
   .
   This package installs the library for Python 2.

2) You don't need to specify "Provides:".  Please remove them from both
packages.


As a last note, it seems that you forgot to push the "upstream" and
"pristine-tar" branches, so I can't really build the package locally
here.  Please do that.

Thanks,

-- 
Sergio
GPG key ID: 237A 54B1 0287 28BF 00EF  31F4 D0EB 7628 65FC 5E36
Please send encrypted e-mail if possible
http://sergiodj.net/

Attachment: signature.asc
Description: PGP signature


Reply to: