Bug#723839: Fwd: RFS: mpfrc++/0~20130902-1 [ITP #723839]

[Jerome BENOIT <calculus@rezozer.net>]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Hello,

thanks for the review.

On 05/10/13 21:15, Bill Allombert wrote:
>> Dear mentors,
>>
>> I am looking for a sponsor for my package "mpfrc++"
>>
>> * Package name    : mpfrc++
>>   Version         : 0~20130902-1
>>   Upstream Author : Pavel Holoborodko <pavel@holoborodko.com>
>> * URL             : http://www.holoborodko.com/pavel/mpfr
>> * License         : GPL2+ or BSD-3-clause
> 
> Are you sure this is the right license ?

License are not my cup of tea.

> 
> The website says:
>   MPFR C++ is free for usage in free projects. If you intend to use it in
> commercial application please contact author for permission.


To be frank, I also noticed the issue, so I asked to the upstream maintainer
to clarify the license of his software library.

He answered that he will but as he seemed overwhelmed I step forward.
After my deposit, he confirmed his wish and will to revisit his policy and
the packaging, but first he has to deal with a project dead line.

> 
> The file mpreal.h says:
>     This library is free software; you can redistribute it and/or
>     modify it under the terms of the GNU Lesser General Public
>     License as published by the Free Software Foundation; either
>     version 2.1 of the License, or (at your option) any later version.
> ...
>     ****************************************************************************
>     Redistribution and use in source and binary forms, with or without
>     modification, are permitted provided that the following conditions
>     are met:
> 
>     1. Redistributions of source code must retain the above copyright
>     notice, this list of conditions and the following disclaimer.
> 
>     2. Redistributions in binary form must reproduce the above copyright
>     notice, this list of conditions and the following disclaimer in the
>     documentation and/or other materials provided with the distribution.
> 
>     3. The name of the author may not be used to endorse or promote products
>     derived from this software without specific prior written permission.
> 
> So I would says LGPL 2.1+ AND BSD-3-clause (and maybe non-commercial).
> 

Ok, I will forward your remarks to the upstream maintainer.

> Other than that, I wonder at the benefit of packaging a single header file
> as a Debian package.

Let say that his software holds in a long C++ header: from a C++ point of view
it makes sense, I guess. 

> 
> Also, everytime you update it, you will need to rebuild the packages that
> Build-Depends on it to keep them up-to-date.

I am aware: I also asked to the upstream maintainer to provide a source tarball
compatible with Debian watch. We are working on it: some appropriate tweaks at
bitbucket.org, where is maintained its mercurial repository, may bring appropriate
material.

As soon as both the License issues are fixed by the upstream maintainer and an
appropriate source tarball is provided, I will revisit accordingly the Debian
package.

Thanks.

Best wishes,
Jerome

> 
> Cheers,
> Bill.
> 
> 
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.12 (GNU/Linux)

iQEcBAEBAgAGBQJSUHB0AAoJEIC/w4IMSybjDLkH/RVsPNadlIC2ZlatLDMMKnGT
71o8UTifAB2cC6eX8rX8YKU5jEr2cxyWn6+JneORa5xFvDrAdOykv3uAnKAmzMxl
P1duLCidkiOtHzb/M5uYcLMYaVF+Hr2295s3yJz+M+WSv1VCfROC2QKA+xdJBt9Q
Og91r6h3cg6+BzJGveWS7AfWOBJI8u7KzjRlUGfA9o1E7VCiDSk8bN6ut7Kfv7os
Hjf+xN7k+C1VmQ7hxjI/qlZT3Os+4tI+RK1Eqt9Tg5KUu6A7lfSXY59bnOeZ4ncv
Xth6lJIle4jeBIERTc4fiNI25BioOQoxEV7eY3IL1HPPDjXdqHGq9TpheZxuAdU=
=WeM9
-----END PGP SIGNATURE-----