© 2004
Canonical Ltd.
•
Terms of use
•
Data privacy
•
Contact Launchpad Support
•
Blog
•
Careers
•
System status
•
0e1f616
(Get the code!)
Hello Erich! Thank you for preparing the new package and thank you Thomas for sponsoring it. The package looks good, but there are still a few things I'd like to have addressed before we can accept it.
1) Copyright needs a bit more work, I suppose? So the worst thing about packages that batch up multiple projects together is the copyright hell. Due to copyright reasons we should always try to get as close to the actual copyright state of the source as possible. After glancing through the source with licensecheck -r, it still feels to me that there are a few parts missing in debian/copyright. For example:
- dpf/dgl/src/nanovg is copyrighted separately and is licensed under the zlib license.
- dpf/dgl/
- dpf/dgl/
- dpf/distrho/
- dpf/distrho/
- plugins/common/ - these files are not mentioned anywhere but are reported as MIT
Could you do a licensecheck run on the source and see what can be done?
2) I see in debian/control that you have a versioned dependency on libprojectm-dev (>= 2.0.1+dfsg-
3) There is no debian/watch file, but I also don't see any releases shared on the homepage of the project. This makes me wonder - how are the new upstream versions prepared and tagged? Where does the 1.2 version number come from? (I didn't see it anywhere in the source). It's rather important for us to be able to match new upstream releases pushed to Ubuntu with releases done on the home project. We all trust eachother as we know eachother, but to the outside this might feel unsafe, as no one knows if the upstream tarball only consists of changes approved by upstream.
How does this situation look here? Could you explain the process?
Ok, I guess this is most of it. I will reject the source for now - let's try iterating on it some more. Thanks!