Another team member identified that there is code in this package
under a number of different licenses other than GPL-3+, but that is
not specified in sufficient detail in d/copyright. That contravenes
both Debian Policy and the terms of those licenses.
My apologies. You are completely correct. I don't understand how I
came to think that the approach I took was sufficient. I guess it is
a long time since I prepared a package with so many different bits and
pieces in it.
Hi Ian,
On Mo 11 Apr 2022 18:51:35 CEST, Ian Jackson wrote:
Another team member identified that there is code in this package
under a number of different licenses other than GPL-3+, but that is
not specified in sufficient detail in d/copyright. That contravenes
both Debian Policy and the terms of those licenses.
My apologies. You are completely correct. I don't understand how I
came to think that the approach I took was sufficient. I guess it is
a long time since I prepared a package with so many different bits and
pieces in it.
sharing some best practice here, feel free to adopt or give feedback on.
For d/copyright maintenance I use my update-copyright.in script [1]. I
run it on the source package's base folder.
The script creates a d/copyright.in file. I keep this file as-is as part
of my debian/ folder and use it for later reference.
When wrapping up a new DEB package, I copy over d/copyright.in to d/copyright and complete it manually (plus doing some manual checks to
see if the licensecheck tool got things right). Note, that I don't use
file globbing in d/copyright, at all; every source file is listed individually.
This catches 99% of all DFSG licenses on 80-95% of files in the
src:pkg's source tree (depending on upstream being good at using proper license headers on individual files or not).
Whenever an upstream version bump is due, I import the new upstream and re-run the update-copyright.in script on the src:pkg's base folder
again. I get a diff between my previous debian/copyright.in version and
the new version. This diff I then work into the actual d/copyright
manually and thus have an easy workflow for tracking copyright changes
in upstream projects (on a per individual file basis).
This workflow is esp. helpful on projects where many copyright
holders/years and/or licenses are involved and get updated every year or maybe with every changeset / new contributor.
Greets,
Mike
[1] https://github.com/sunweaver/MyHomeConfig/blob/master/bin/update-copyright.in
For d/copyright maintenance I use my update-copyright.in script [1]. I
run it on the source package's base folder.
[1] https://github.com/sunweaver/MyHomeConfig/blob/master/bin/update-copyright.in
Sysop: | Keyop |
---|---|
Location: | Huddersfield, West Yorkshire, UK |
Users: | 307 |
Nodes: | 16 (2 / 14) |
Uptime: | 40:45:39 |
Calls: | 6,910 |
Files: | 12,376 |
Messages: | 5,429,057 |