[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Bug#308364: Questions about waste licence and code.



	Hi all!

I'm on the way of making a debian package for Waste, and I would have the 
folowing two questions about your software:

Does the licence really reflect GPL?
This arise because of this:
http://cvs.sourceforge.net/viewcvs.py/waste/waste/license.cpp?rev=1.1&view=auto
"WASTE - license.cpp
Copyright (C) 2003 Nullsoft, Inc.
Copyright (C) 2004 WASTE Development Team"
-> What does Nullsoft have to do with Waste?

And also this:
"//ADDED Md5Chap - THIS PART IS GPL LICENSE!!! TOUCH AND DIE!"
Followed by a full binary array.

If you will to produce your code upon the GPL licence, according to claim 
number 3 - http://www.gnu.org/copyleft/gpl.html -,
"3 - You may copy and distribute the Program (or a work based on it, under 
Section 2) in object code or executable form under the terms of Sections 1 
and 2 above provided that you also do one of the following:  
	a) Accompany it with the complete corresponding machine-readable source code, 
which must be distributed under the terms of Sections 1 and 2 above on a 
medium customarily used for software interchange; or, 
	b) Accompany it with a written offer, valid for at least three years, to give 
any third party, for a charge no more than your cost of physically performing 
source distribution, a complete machine-readable copy of the corresponding 
source code, to be distributed under the terms of Sections 1 and 2 above on a 
medium customarily used for software interchange; or,  
	c) Accompany it with the information you received as to the offer to 
distribute corresponding source code. (This alternative is allowed only for 
noncommercial distribution and only if you received the program in object 
code or executable form with such an offer, in accord with Subsection b 
above.)"

So, this is clear that you have to publish the full source in order to follow 
the GPL claims.

Furthermore, there comes the second question:
Is the soft safe?

Because those binary arrays are not human readable, I cannot assure that it is 
not a backdoor or else.
Given that, I cannot intent to include it into the debian distribution.


I'm looking forward for your answers,

Romain Beauxis


-- 
If you are the big tree,
We are the small axe,
Ready to cut you down,
Sharpen to cut you down....

Attachment: pgpY84SbNSbHS.pgp
Description: PGP signature


Reply to: