Bug#838495: RFS: python-cartopy/0.14.2-1 [ITP]

To: Frederic Bonnard <frediz@linux.vnet.ibm.com>
Cc: 838495@bugs.debian.org
Subject: Bug#838495: RFS: python-cartopy/0.14.2-1 [ITP]
From: Ghislain Vaillant <ghisvail@gmail.com>
Date: Wed, 05 Oct 2016 19:28:53 +0100
Message-id: <[🔎] 1475692133.22170.2.camel@gmail.com>
Reply-to: Ghislain Vaillant <ghisvail@gmail.com>, 838495@bugs.debian.org
In-reply-to: <[🔎] 20161005172930.GV11135@kin.test.toulouse-stg.fr.ibm.com>
References: <e01e537b-4a5b-8ed7-644f-7007ba1d9686@gmail.com> <[🔎] 20161005172930.GV11135@kin.test.toulouse-stg.fr.ibm.com>

On Wed, 2016-10-05 at 17:29 +0200, Frederic Bonnard wrote:
> Hi Ghislain,
> 
> - d/copyright:
>  * based on the headers, I think it's LGPL-3+ rather than LGPL-3

You are correct.

>  * I see several binary files such images and dataset in the source :
>    a) lib/cartopy/data/netcdf/HadISST1_SST_update.nc : according to
>    lib/cartopy/data/netcdf/HadISST1_SST_update.README.txt, I found
> that
>    licensing info :
>    http://www.metoffice.gov.uk/hadobs/hadcruh/licence_ncgl.html which
> points to
>    : http://www.nationalarchives.gov.uk/doc/non-commercial-government
> -licence/non-commercial-government-licence.htm
>    which seems non free (Non Commercial)
>    b) lib/cartopy/data/raster/sample/Miriam.A2012270.2050.2km.jpg has
> this
>    readme :
> lib/cartopy/data/raster/sample/Miriam.A2012270.2050.2km.README.txt ;
> I
>    didn't find on http://lance-modis.eosdis.nasa.gov licensing infos.

Indeed. I have asked upstream for clarification.

https://github.com/SciTools/cartopy/issues/804

Meanwhile, these data could be safely excluded in a repack.

>    c) there's various png in lib/cartopy/tests/mpl/baseline_images
> and I was
>    wondering also about the origin in spite of the global licensing.

They come from matplotlib. I should update the copyright of these
files.
 
>    Are all those files mandatory? maybe stripping source would help?
> For c)
>    tests/mpl/ is skipped anyway for now, right ?  I don't know for a)
> and b)

These tests are not called indeed, but it is due to a bug in the
packaged version of matplotlib in Debian at the moment. This does not
constitute a valid reason for a repack, I believe.

> - d/rules:
>  * informational lintian hardening-no-bindnow : you should enable
> hardening
>    "all" (https://wiki.debian.org/Hardening/PIEByDefaultTransition
>    , https://wiki.debian.org/Hardening). I noted that pie makes
> compilation
>    fail, but adding :
>    export DEB_BUILD_MAINT_OPTIONS = hardening=+all,-pie
>    does the job.

Nice catch. I will apply your suggestion verbatim.

>  * pedantic image-file-in-usr-lib : the importance of this one has
> been lowered
>    since 3.9.6.0 . I don't know if it's much work to move arch
> independent
>    files in /usr/share.

It would be providing an additional binary package for little benefits
down the line. The static data aren't huge anyway. 

Many thanks for this very constructive review.

Ghis

Reply to:

Follow-Ups:
- Bug#838495: RFS: python-cartopy/0.14.2-1 [ITP]
  - From: Ghislain Vaillant <ghisvail@gmail.com>

References:
- Bug#838495: RFS: python-cartopy/0.14.2-1 [ITP]
  - From: Frederic Bonnard <frediz@linux.vnet.ibm.com>

Prev by Date: Bug#839856: RFS: arc-theme/20161005-1
Next by Date: Bug#839856: marked as done (RFS: arc-theme/20161005-1)
Previous by thread: Bug#838495: RFS: python-cartopy/0.14.2-1 [ITP]
Next by thread: Bug#838495: RFS: python-cartopy/0.14.2-1 [ITP]
Index(es):
- Date
- Thread