[openstack-dev] Call for a clear COPYRIGHT-HOLDERS file in all OpenStack projects (and [trove] python-troveclient_0.1.4-1_amd64.changes REJECTED)

Mark McLoughlin markmc at redhat.com
Tue Oct 22 07:39:26 UTC 2013 

On Tue, 2013-10-22 at 14:19 +0800, Thomas Goirand wrote:
> On 10/22/2013 04:48 AM, Mark McLoughlin wrote:
> > On Tue, 2013-10-22 at 01:55 +0800, Thomas Goirand wrote:
> >> On 10/21/2013 09:28 PM, Mark McLoughlin wrote:
> >>> In other words, what exactly is a list of copyright holders good for?
> >>
> >> At least avoid pain and reject when uploading to the Debian NEW queue...
> > 
> > I'm sorry, that is downstream Debian pain.
> 
> I agree, it is painful, though it is a necessary pain. Debian has always
> been strict with copyright stuff. This should be seen as a freeness Q/A,
> so that we make sure everything is 100% free, rather than an annoyance.

A list of copyright holders does nothing to improve the "freeness" of
OpenStack.

> > It shouldn't be inflicted on
> > upstream unless it is generally a useful thing.
> 
> There's no other ways to do things, unfortunately. How would I make sure
> a software is free, and released in the correct license, if upstream
> doesn't declare it properly? There's been some cases on packages I
> wanted to upload, where there was just:
> 
> Classifier: License :: OSI Approved :: MIT License
> 
> in *.egg-info/PKG-INFO, and that's it. If the upstream authors don't fix
> this by adding a clear LICENSE file (with the correct definition of the
> MIT License, which is confusing because there's been many of them), then
> the package couldn't get in. Lucky, upstream authors of that python
> module fixed that, and the package was re-uploaded and validated by the
> FTP masters.

I fully understand the importance of making it completely clear what the
license of a project is and have had to package projects that don't make
this clear. Fedora's guidelines on the subject are e.g.

https://fedoraproject.org/wiki/Packaging:LicensingGuidelines#License_Text

> I'm not saying that this was the case for Trove (the exactitude of the
> copyright holder list in debian/copyright is less of an issue), though
> I'm just trying to make you understand that you can't just ignore the
> issue and say "I don't care, that's Debian's problem". This simply
> doesn't work (unless you would prefer OpenStack package to *not* be in
> Debian, which I'm sure isn't the case here).

I can say "Debian policies that no-one can provide any justification for
is Debian's problem". And that's the case with this supposed "Debian
requires a complete list of copyright holders" policy.

Mark.

More information about the OpenStack-dev mailing list