[openstack-dev] Call for a clear COPYRIGHT-HOLDERS file in all OpenStack projects (and [trove] python-troveclient_0.1.4-1_amd64.changes REJECTED)
Michael Basnight
mbasnight at gmail.com
Tue Oct 22 00:23:21 UTC 2013
On Oct 21, 2013, at 5:09 PM, Monty Taylor wrote:
> On 10/21/2013 10:44 PM, Clint Byrum wrote:
>> Excerpts from Mark McLoughlin's message of 2013-10-21 13:45:21 -0700:
>>> On Mon, 2013-10-21 at 10:28 -0700, Clint Byrum wrote:
>>>> Excerpts from Robert Collins's message of 2013-10-20 02:25:43 -0700:
>>>>> On 20 October 2013 02:35, Monty Taylor <mordred at inaugust.com> wrote:
>>>>>
>>>>>> However, even as a strong supporter of accurate license headers, I would
>>>>>> like to know more about the FTP masters issue. I dialog with them, as
>>>>>> folks who deal with this issue and its repercutions WAY more than any of
>>>>>> us might be really nice.
>>>>>
>>>>> Debian takes it's responsibilities under copyright law very seriously.
>>>>> The integrity of the debian/copyright metadata is checked on the first
>>>>> upload for a package (and basically not thereafter, which is either
>>>>> convenient or pragmatic or a massive hole in rigour depending on your
>>>>> point of view. The goal is to ensure that a) the package is in the
>>>>> right repository in Debian (main vs nonfree) and b) that Debian can
>>>>> redistribute it and c) that downstreams of Debian who decide to use
>>>>> the package can confidently do so. Files with differing redistribution
>>>>> licenses that aren't captured in debian/copyright are an issue for c);
>>>>> files with different authors and the same redistribution licence
>>>>> aren't a problem for a/b/c *but* the rules the FTP masters enforce
>>>>> don't make that discrimination: the debian/copyright file needs to be
>>>>> a concordance of both copyright holders and copyright license.
>>>>>
>>>>> Personally, I think it should really only be a concordance of
>>>>> copyright licenses, and the holders shouldn't be mentioned, but thats
>>>>> not the current project view.
>>>>>
>>>>
>>>> The benefit to this is that by at least hunting down project leadership
>>>> and getting an assertion and information about the copyright holder
>>>> situation, a maintainer tends to improve clarity upstream.
>>>
>>> By "improve clarity", you mean "compile an accurate list of all
>>> copyright holders"? Why is this useful information?
>>>
>>> Sure, we could also "improve clarity" by compiling a list of all the
>>> cities in the world where some OpenStack code has been authored ... but
>>> *why*?
>>>
>>
>> If you don't know who the copyright holders are, you cannot know that
>> the license being granted is actually enforceable. What if the Trove
>> developers just found some repo lying out in the world and slapped an
>> Apache license on it? We aren't going to do an ehaustive investigation,
>> but we want to know _who_ granted said license.
>
> You know I think you're great, but this argument doesn't hold up.
>
> If the trove developers found some repo in the world and slapped an
> apache license AND said:
>
> Copyright 2012 Michael Basnight
>
> in the header, and Thomas put that in debian/copyright, the Debian FTP
> masters would very happily accept it.
I endorse this message.
But seriously, the Trove team will take some time tomorrow and add copyrights to the files appropriately. Then ill be sure to ping zigo.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 495 bytes
Desc: Message signed with OpenPGP using GPGMail
URL: <http://lists.openstack.org/pipermail/openstack-dev/attachments/20131021/17d696d3/attachment.pgp>
More information about the OpenStack-dev
mailing list