Distribution tarball has licensing problems that prevent redistribution
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
juju-core |
Fix Released
|
High
|
Ian Booth | ||
1.20 |
Fix Released
|
Critical
|
Ian Booth |
Bug Description
I have failed to update the debian/copyright for an upload of 1.20 to
Utopic for the following reasons:
src/code.
license permitting redistribution. It appears to have come from the
referenced W3C URL, which appears licensed under the W3C documentation
license that prohibits modification, contrary to DFSG.
src/github.
copyright holder and no license for redistribution.
src/launchpad.
code.
src/launchpad.
copyright statement).
src/launchpad.
apply to them (and no general licensing statement that clearly applies
to all files).
src/launchpad.
have no corresponding source files. Is this redundant now? What
copyright statement, licensing and mandatory statements apply to each
file?
src/github.
src/github.
copyright statement and state GPL-3, others have no statement at all.
src/github.
AGPL-3
src/github.
say AGPL-3
src/github.
files say AGPL-3 but refer to LICENSE (others say LGPL-3)
src/github.
say AGPL-3 but refer to LICENSE (others say LGPL-3)
src/github.
To be clear: every file must have clear copyright ownership and a
license that permits redistribution under the terms of the DFSG, whether
express, by reference to some other file, implied, etc.
It would be easiest if, for each package: 0) a single license is used,
or failing this, there is an separate explanation of what license
applies to what files, what dual-licensing is in place, etc; 1) there
is a general copyright and licensing statement that clearly applies to
the whole package, to disambiguate files which end up with no individual
statement; 2) files that can contain comments (and where practical)
contain a copyright notice and licensing statement for the elimination
of any doubt; 3) copyright notices and licensing statements are in a
form detectable by the "licensecheck" tool.
Note that changing licensing requires agreement from all existing
copyright holders.
Changed in juju-core: | |
importance: | High → Critical |
Changed in juju-core: | |
assignee: | nobody → Ian Booth (wallyworld) |
status: | Triaged → In Progress |
Changed in juju-core: | |
status: | In Progress → Fix Committed |
Changed in juju-core: | |
importance: | Critical → High |
Changed in juju-core: | |
status: | Fix Committed → Fix Released |
The core devs can fix the licenses for all the github.com/juju/* There might be some adventures updating 1.20 to use them as 1.20 tends to freeze its versions of those libraries.
Maybe we can delete code.google. com/p/go. net/html/ charset/ testdata/ from the tarball, or possibly more. Does the test suite look at that data.