So I've seen this idea floating around in the past couple of years
(and in some places even earlier), but I started doing it for
the couple of pieces of software that I am upstream for after reading
Daniel Stenberg's blog entry:
https://daniel.haxx.se/blog/2023/01/08/copyright-without-years/
And then, a couple of weeks ago, I quietly checked whether
the Debian FTP team would be okay with that by uploading two NEW
packages without any years mentioned in the debian/copyright file:
either upstream or for my Debian packaging. And, lo and behold,
they were both accepted (python-parse-stages and python-test-stages).
So how do people feel about this in general, would it be okay for
me to start doing it:
a) for other packages that I maintain personally, outside any team
b) for team-maintained packages (I guess this one might be a per-team
decision, discussed separately on the appropriate lists)
(obviously, I'm not asking for permission or anything; apparently
at least one member of the FTP team is okay with me doing it at
least for some packages. This is more of a "float the idea, see
what people think about doing this more widely, not just me")
As a redistributor I find it a good practice to include most possible copyright and licensing information provided by upstream authors,
exactly because we are doing a service for our users
and it is a slight disservice to omit information that upstream put effort into tracking
and publishing.
So I've seen this idea floating around in the past couple of yearsGood idea, I planned to do it myself too in the future.
(and in some places even earlier), but I started doing it for
the couple of pieces of software that I am upstream for after reading
Daniel Stenberg's blog entry:
https://daniel.haxx.se/blog/2023/01/08/copyright-without-years/
Quoting Peter Pentchev (2023-02-22 10:49:30)[snip useful information]
So I've seen this idea floating around in the past couple of years
(and in some places even earlier), but I started doing it for
the couple of pieces of software that I am upstream for after reading Daniel Stenberg's blog entry:
https://daniel.haxx.se/blog/2023/01/08/copyright-without-years/
And then, a couple of weeks ago, I quietly checked whether
the Debian FTP team would be okay with that by uploading two NEW
packages without any years mentioned in the debian/copyright file:
either upstream or for my Debian packaging. And, lo and behold,
they were both accepted (python-parse-stages and python-test-stages).
So how do people feel about this in general, would it be okay for
me to start doing it:
a) for other packages that I maintain personally, outside any team
b) for team-maintained packages (I guess this one might be a per-team
decision, discussed separately on the appropriate lists)
(obviously, I'm not asking for permission or anything; apparently
at least one member of the FTP team is okay with me doing it at
least for some packages. This is more of a "float the idea, see
what people think about doing this more widely, not just me")
As a redistributor I find it a good practice to include most possible copyright and licensing information provided by upstream authors,
exactly because we are doing a service for our users, and it is a slight disservice to omit information that upstream put effort into tracking
and publishing.
Wait, I may have been unclear. I did not mean that I want to omit
the upstream copyright years *when they are there*.
So I've seen this idea floating around in the past couple of years
(and in some places even earlier), but I started doing it for
the couple of pieces of software that I am upstream for after reading
Daniel Stenberg's blog entry:
https://daniel.haxx.se/blog/2023/01/08/copyright-without-years/
And then, a couple of weeks ago, I quietly checked whether
the Debian FTP team would be okay with that by uploading two NEW
packages without any years mentioned in the debian/copyright file:
either upstream or for my Debian packaging. And, lo and behold,
they were both accepted (python-parse-stages and python-test-stages).
So how do people feel about this in general, would it be okay for
me to start doing it:
a) for other packages that I maintain personally, outside any team
b) for team-maintained packages (I guess this one might be a per-team
decision, discussed separately on the appropriate lists)
(obviously, I'm not asking for permission or anything; apparently
at least one member of the FTP team is okay with me doing it at
least for some packages. This is more of a "float the idea, see
what people think about doing this more widely, not just me")
Thanks for reading this far, and keep up the great work!
On Wed, Feb 22, 2023 at 01:55:02PM +0100, Jonas Smedegaard wrote:
Quoting Peter Pentchev (2023-02-22 10:49:30)
So I've seen this idea floating around in the past couple of years
(and in some places even earlier), but I started doing it for
the couple of pieces of software that I am upstream for after reading Daniel Stenberg's blog entry:
https://daniel.haxx.se/blog/2023/01/08/copyright-without-years/
And then, a couple of weeks ago, I quietly checked whether
the Debian FTP team would be okay with that by uploading two NEW
packages without any years mentioned in the debian/copyright file:
either upstream or for my Debian packaging. And, lo and behold,
they were both accepted (python-parse-stages and python-test-stages).
So how do people feel about this in general, would it be okay for
me to start doing it:
a) for other packages that I maintain personally, outside any team
b) for team-maintained packages (I guess this one might be a per-team
decision, discussed separately on the appropriate lists)
[snip useful information](obviously, I'm not asking for permission or anything; apparently
at least one member of the FTP team is okay with me doing it at
least for some packages. This is more of a "float the idea, see
what people think about doing this more widely, not just me")
As a redistributor I find it a good practice to include most possible copyright and licensing information provided by upstream authors,
exactly because we are doing a service for our users, and it is a slight disservice to omit information that upstream put effort into tracking
and publishing.
Wait, I may have been unclear. I did not mean that I want to omit
the upstream copyright years *when they are there*. And, of course,
if upstream does not specify any copyright years, we cannot invent
any out of thin air. So I guess my question was mainly what people
think about dropping the years in the debian/* copyright notice
(packaging files, patches, etc).
"Peter" == Peter Pentchev <roam@ringlet.net> writes:
On 2/22/23 13:55, Jonas Smedegaard wrote:
As a redistributor I find it a good practice to include most possible copyright and licensing information provided by upstream authors,
exactly because we are doing a service for our users
while having copyright information centrally available per package in d/copyright is definitly a usefull service, is providing the *years*
really a service worth providing?
personally I don't think so: for packages with non-trivial d/copyright,
it's a significant effort to keep the years in sync with the upstream sources.
(and I doubt that all our source packages have accurate d/copyright,
even less so when it comes to the year-information.)
and it is a slight disservice to omit information that upstream put
effort into tracking and publishing.
If years would be omited in d/copyright, it's not that the information
is hidden/nowhere else.
Also if I would want to know the copyright information of a certain
file, I'd check d/copyright for a first glance, but then always check
the individual source file, even if it's just to be sure/double check.
I don't think that the "niche" use-case of wanting to know the year-information (everything else should be in d/copyright anyway) is
worth the (continued) maintenance costs in d/copyright.
On Wed, Feb 22, 2023 at 01:55:02PM +0100, Jonas Smedegaard wrote:
Quoting Peter Pentchev (2023-02-22 10:49:30)[snip useful information]
So I've seen this idea floating around in the past couple of years
(and in some places even earlier), but I started doing it for
the couple of pieces of software that I am upstream for after reading
Daniel Stenberg's blog entry:
https://daniel.haxx.se/blog/2023/01/08/copyright-without-years/
And then, a couple of weeks ago, I quietly checked whether
the Debian FTP team would be okay with that by uploading two NEW
packages without any years mentioned in the debian/copyright file:
either upstream or for my Debian packaging. And, lo and behold,
they were both accepted (python-parse-stages and python-test-stages).
So how do people feel about this in general, would it be okay for
me to start doing it:
a) for other packages that I maintain personally, outside any team
b) for team-maintained packages (I guess this one might be a per-team
decision, discussed separately on the appropriate lists)
(obviously, I'm not asking for permission or anything; apparently
at least one member of the FTP team is okay with me doing it at
least for some packages. This is more of a "float the idea, see
what people think about doing this more widely, not just me")
As a redistributor I find it a good practice to include most possible
copyright and licensing information provided by upstream authors,
exactly because we are doing a service for our users, and it is a slight >> > disservice to omit information that upstream put effort into tracking
and publishing.
Wait, I may have been unclear. I did not mean that I want to omit
the upstream copyright years *when they are there*. And, of course,
if upstream does not specify any copyright years, we cannot invent
any out of thin air. So I guess my question was mainly what people
think about dropping the years in the debian/* copyright notice
(packaging files, patches, etc).
Your rephrased question seems the same to me - so perhaps I was
unclear...
It is my inderstanding that when copyright years are missing from
upstream source then that is acceptable for Debian redistribution (i.e.
not a surprise to me that ftpmaster approves it).
It is my opinion that when copyright years do exist in upstream source,
then we should list those known-to-us years in debian/copyright (a.k.a.
not omit them a.k.a. not drop them), even though we are legally not >required¹ to do so (for the same reason as upstream above is not legally >required to state copyright at all).
- Jonas
¹ Unless some licensing requires listing copyright *years* which from
the top of my head I do not recall having seen, but am too lazy to check
- also because my interest is not to cut corners most possible but to be
as helpful to our users as possible, and copyright years serve a real
(albeit cornercase) purpose.
Quoting Daniel Baumann (2023-02-22 14:30:11)
while having copyright information centrally available per package in
d/copyright is definitly a usefull service, is providing the *years*
really a service worth providing?
personally I don't think so: for packages with non-trivial d/copyright,
it's a significant effort to keep the years in sync with the upstream
sources.
Ensuring that debian/copyright stays correct take some effort, but that
is required to re-examine anyway for each new upstream release.
I dare question that examining copyright *years* in particular is
noticably larger effort than the general required examination.
(and I doubt that all our source packages have accurate d/copyright,
even less so when it comes to the year-information.)
"Peter" == Peter Pentchev <roam@ringlet.net> writes:
Peter> Hi, So I've seen this idea floating around in the past couple
Peter> of years (and in some places even earlier), but I started
Peter> doing it for the couple of pieces of software that I am
Peter> upstream for after reading Daniel Stenberg's blog entry:
Peter> https://daniel.haxx.se/blog/2023/01/08/copyright-without-years/
Peter> And then, a couple of weeks ago, I quietly checked whether
Peter> the Debian FTP team would be okay with that by uploading two
Peter> NEW packages without any years mentioned in the
Peter> debian/copyright file: either upstream or for my Debian
As Jonas mentions, including the years allows people to know when works
enter the public domain and the license becomes more liberal.
I think our users are better served by knowing when the Debian packaging would enter the public domain.
On 2/22/23 14:26, Peter Pentchev wrote:
Wait, I may have been unclear. I did not mean that I want to omit the
upstream copyright years *when they are there*.
I know you didn't mean that, nevertheless, it's imho good idea.
1. Does the Debian Project consider it okay for an upstream package to
include one or more (or all) files with clear license grants (either
included or referred to in the files), and with clear copyright
notices (again, either in the files or in a central file) that
contain the authors' names, but no years? Does such a package
comply with the DFSG? I believe the answer ought to be "yes", but
I thought it wouldn't hurt to ask.
2. If an upstream project does that, the debian/copyright file should
reflect that and have a `Files: *` (or whatever pattern) notice that
has a copyright notice without any years... right? And if an upstream
project does that between releases, the debian/copyright file should
change (drop the years) in the next "new upstream release" upload...
right?
3. Now, what about the `Files: debian/*` section of the debian/copyright
file? The common wisdom seems to be that, if only to make it easier to
submit patches to the upstream project, the debian/* files ought to be
licensed under the same terms as the upstream source. Now I know that
licensing and copyright are different things :) So would the Debian
Project consider it okay for a Debian package to have
a `Files: debian/*` section in its copyright file that does not
mention any years? This question is both from a DFSG point of view and
from a "what would be best for our users" one. And does the answer
depend on whether the upstream project's copyright notices include
years or not? (as in, should we follow upstream's lead in that, too)
On Wed, Feb 22, 2023 at 01:55:02PM +0100, Jonas Smedegaard wrote:[snip my original message]
Quoting Peter Pentchev (2023-02-22 10:49:30)
So I've seen this idea floating around in the past couple of years
(and in some places even earlier), but I started doing it for
the couple of pieces of software that I am upstream for after reading Daniel Stenberg's blog entry:
https://daniel.haxx.se/blog/2023/01/08/copyright-without-years/
[snip useful information]
As a redistributor I find it a good practice to include most possible copyright and licensing information provided by upstream authors,
exactly because we are doing a service for our users, and it is a slight disservice to omit information that upstream put effort into tracking
and publishing.
Wait, I may have been unclear. I did not mean that I want to omit
the upstream copyright years *when they are there*. And, of course,
if upstream does not specify any copyright years, we cannot invent
any out of thin air. So I guess my question was mainly what people
think about dropping the years in the debian/* copyright notice
(packaging files, patches, etc).
As Jonas mentions, including the years allows people to know when works
enter the public domain and the license becomes more liberal.
I think our users are better served by knowing when the Debian packaging would enter the public domain.
"Peter" == Peter Pentchev <roam@ringlet.net> writes:
Peter> 3. Now, what about the `Files: debian/*` section of the
Peter> debian/copyright file? The common wisdom seems to be that, if
Peter> only to make it easier to submit patches to the upstream
Peter> project, the debian/* files ought to be licensed under the
Peter> same terms as the upstream source. Now I know that licensing
Peter> and copyright are different things :) So would the Debian
Peter> Project consider it okay for a Debian package to have a
Peter> `Files: debian/*` section in its copyright file that does not
Peter> mention any years? This question is both from a DFSG point of
Peter> view and from a "what would be best for our users" one. And
Peter> does the answer depend on whether the upstream project's
Peter> copyright notices include years or not? (as in, should we
Peter> follow upstream's lead in that, too)
Peter> Note that none of that comes from any "it's so difficult"
Peter> positions; I am actually one of the people who would include
Peter> file-by-file stanzas in the debian/copyright files for
Peter> upstream files with different copyright years :)
I think it is acceptable, but would urge you to include the years
because it is better for our users.
I think two things apply.
1) it helps our users know when something goes out of copyright.
2) As Russ points out, while your copyright is valid in the US even
without notice, certain damage provisions only apply if you have valid
notice including years.
Neither of these are huge deals.
I'd say years should be recommended but not required.
I don't think parity with upstream matters.
I don't think you would have any trouble submitting patches if the only >difference is one notice included years and one did not.
Le mer. 22 févr. 2023 à 15:39, Sam Hartman <hartmans@debian.org> a écrit :
"Peter" == Peter Pentchev <roam@ringlet.net> writes:
Peter> Hi, So I've seen this idea floating around in the past couple
Peter> of years (and in some places even earlier), but I started
Peter> doing it for the couple of pieces of software that I am
Peter> upstream for after reading Daniel Stenberg's blog entry:
Peter> https://daniel.haxx.se/blog/2023/01/08/copyright-without-years/
Peter> And then, a couple of weeks ago, I quietly checked whether
Peter> the Debian FTP team would be okay with that by uploading two
Peter> NEW packages without any years mentioned in the
Peter> debian/copyright file: either upstream or for my Debian
As Jonas mentions, including the years allows people to know when works enter the public domain and the license becomes more liberal.
I think our users are better served by knowing when the Debian packaging would enter the public domain.
Maybe only the first year the copyright was applied is important ?
People doing this should be aware that you're probably waiving certain
damage provisions in US copyright law should you ever sue someone in the
US for violating the license on the Debian packaging, at least so far as I understand US copyright law. (I am not a lawyer and this is not legal advice for your specific situation.)
On Wed, 2023-02-22 at 09:47 -0800, Russ Allbery wrote:
People doing this should be aware that you're probably waiving certain
damage provisions in US copyright law should you ever sue someone in
the US for violating the license on the Debian packaging, at least so
far as I understand US copyright law. (I am not a lawyer and this is
not legal advice for your specific situation.)
Could you give some more details about this? I hadn't heard of it yet.
Daniel Baumann <daniel.baumann@progress-linux.org> writes:
On 2/22/23 14:26, Peter Pentchev wrote:
Wait, I may have been unclear. I did not mean that I want to omit the
upstream copyright years *when they are there*.
I know you didn't mean that, nevertheless, it's imho good idea.
Unfortunately, it's often against the upstream license.
Redistribution and use in source and binary forms, with or without
modification, are permitted provided that the following conditions
are met:
1. Redistributions of source code must retain the above copyright
notice, this list of conditions and the following disclaimer.
and:
The above copyright notice and this permission notice shall be
included in all copies or substantial portions of the Software.
On Wed, Feb 22, 2023 at 08:20:27AM -0800, Russ Allbery wrote:
Unfortunately, it's often against the upstream license.
Redistribution and use in source and binary forms, with or without
modification, are permitted provided that the following conditions
are met:
1. Redistributions of source code must retain the above copyright
notice, this list of conditions and the following disclaimer.
and:
The above copyright notice and this permission notice shall be
included in all copies or substantial portions of the Software.
It says you need to do that, yes. It does not say *where* that copyrigh statement must be.
As Jonas mentions, including the years allows people to know when works
enter the public domain and the license becomes more liberal.
I think our users are better served by knowing when the Debian packaging would enter the public domain.
--Sam
On Wed, Feb 22, 2023 at 07:39:09AM -0700, Sam Hartman wrote:
As Jonas mentions, including the years allows people to know when
works
enter the public domain and the license becomes more liberal.
I think our users are better served by knowing when the Debian
packaging
would enter the public domain.
If this is the intention, then including the years is pointless.
Article 7 of the Berne Convention says:
(1) The term of protection granted by this Convention shall be the
life
of the author and fifty years after his death.
....
(6) The countries of the Union may grant a term of protection in
excess
of those provided by the preceding paragraphs.
Sysop: | Keyop |
---|---|
Location: | Huddersfield, West Yorkshire, UK |
Users: | 300 |
Nodes: | 16 (2 / 14) |
Uptime: | 29:41:28 |
Calls: | 6,707 |
Files: | 12,239 |
Messages: | 5,352,925 |