William Whyte writes ("Re: Questions about libntru license/ntru patent status"):
> Sorry for having let this drift for so long. Way back at the start
> of the discussion, as we got into the discussion of the FOSS
> Exception, there seems to have been an assumption that Tor would
> depend on that
Roberto writes ("Re: "Use as you wish" license"):
> The first one ("use as you wish") is already on Debian. To be honest I
> must say that I knew that, but I asked anyways to get independent
> answers not influenced by the fact that it has been included before.
I'm afraid that's not really a good
Roberto writes (""Use as you wish" license"):
> I've encountered two simple notices, I wonder if they are acceptable for
> DFSG under your opinion.
>
> Is "Use as you wish" an acceptable license?
I would argue that modifying and redistributing are uses, and
therefore included in `use'. To me
rs to those files, who are
AsciiWolf
Austin English
daniel.r.kegel[@gmail.com]
I think AsciiWolf must be Joseph ? But anyway that committer
committed only 4 lines to Makefile in one commit, which is a minimal
contribution which probably doesn't attract the copyright monopoly.
I see Au
Rahul Mohan G writes ("Debain licensing"):
> Can you please let me know whether this license information is of
> the original package? If so, what could be the license information
> of the debian package?
This licence information is of the Debian version of the package. The
licence information
ary to Debian's
established policy.
Ian.
--
Ian Jackson <ijack...@chiark.greenend.org.uk> These opinions are my own.
If I emailed you from an address @fyvzl.net or @evade.org.uk, that is
a private address which bypasses my fierce spamfilter.
l to download copies of the two github issues #99 and #106,
and put copies of the resulting html in the source package,
in debian/ somewhere.
* Write a debian/copyright file stating that the whole package is
MIT, and containing a copy of the MIT licence. I would copy
the text from https://
e source package. So you will
need to strip it out of the source package and make a "dfsg" orig
tarball.
Sorry. I think this is daft. Debian does at least permit you to
include a link to somewhere else the paper may be found.
Regards,
Ian.
--
Ian Jackson <ijack...@chiark.greenend.or
Frederic Bonnard writes ("Re: [Individual|Corporate] Contributor License
Agreement"):
> Though, as Ian mentionned, and as I intuitively felt, I still think
> there are unpleasant conditions in this agreement, in respect to the
> social contract will of giving back to the community, amongst
>
fer an alternative.
>
> You may want to offer the idea that, instead of asking for an additional
> CLA, they could simply ask for the contributor to certify the origin of
> the contribution <URL:http://developercertificate.org/>.
This is a good suggestion.
Ian.
--
Ian Jackson &l
icence author that they didn't mean
to forbid modification. Unfortunately that's not good enough when
other people have adopted the bad licence text.
Ian.
--
Ian Jackson <ijack...@chiark.greenend.org.uk> These opinions are my own.
If I emailed you from an address @fyvzl.net or @evade.org.uk, that i
nerators for RAR.
Is it really your position that this is acceptable ?
If so I will consider whether to write a cracker or key generator for
RAR and upload it to unstable !
Ian.
--
Ian Jackson <ijack...@chiark.greenend.org.uk> These opinions are my own.
If I emailed you from a
or
> > margins).
> >
...
> IMHO as they "ask": it is a wish and no obligation.
> I think this is OK in respect of the DFSG.
I agree.
Thanks,
Ian.
PS, Tobias, your email had wrap damage by the time it got to me. I
had to reformat it.
--
Ian Jackson <ijack...@chiar
compliant...
I think the situation is fine now. I suggest you include a
screenscrape of the openbsd web page, in the source package (to answer
future quetions, if any), if there are no better sourdes for the
relicence.
Thanks,
Ian.
--
Ian Jackson <ijack...@chiark.greenend.org.uk> These opinions are my own.
If I emailed you from an address @fyvzl.net or @evade.org.uk, that is
a private address which bypasses my fierce spamfilter.
Pali Rohár writes ("Re: is igmpproxy dfsg compliant?"):
> Can you review proposed package?
Willdo.
Regards,
Ian.
--
Ian Jackson <ijack...@chiark.greenend.org.uk> These opinions are my own.
If I emailed you from an address @fyvzl.net or @evade.org.uk, that is
a private add
ave talked to OSI or to Ubuntu.
I have CC'd one of the OSI lists. I couldn't find an appropriate list
for Ubuntu. Maybe someone else here knows how to bring this to the
appropriate Ubuntu people's attention ?
Ian.
--
Ian Jackson <ijack...@chiark.greenend.org.uk> These opinions are my ow
s to
sourceforge but actually it's now on github AFAICT.
Regards,
Ian.
--
Ian Jackson <ijack...@chiark.greenend.org.uk> These opinions are my own.
If I emailed you from an address @fyvzl.net or @evade.org.uk, that is
a private address which bypasses my fierce spamfilter.
> licensing conditions.
This is clearly false as regards acceptability to Debian.
I doubt very much that they have talked to OSI or to Ubuntu.
I have CC'd one of the OSI lists and legal@canonical.
As the three institutions whose names are being taken in vain, I think
it would be good for us to have a c
Pali Rohár writes ("Re: is igmpproxy dfsg compliant?"):
> On Sunday 11 December 2016 13:13:08 Ian Jackson wrote:
> > Historical information can be retained in the git history, and in a
> > document which explains the authorship and licensing history of
> > igmpproxy.
+?
Yes.
> Or do they need to "relicense" their changes also under new BSD Stanford
> too?
No.
Ian.
--
Ian Jackson <ijack...@chiark.greenend.org.uk> These opinions are my own.
If I emailed you from an address @fyvzl.net or @evade.org.uk, that is
a private address which bypasses my fierce spamfilter.
net/src/sympathy/1.2.1%2Bwoking%2Bcvs%2Bgit20161222/debian/copyright/>.
>
> So, if you can point to what you mean, I may be able to better respond :-)
I meant this, which I provided a link to earlier:
https://browse.dgit.debian.org/sympathy.git/tree/COPYING.emails
Ben Finney writes ("Re: unknown license for package/debian/* in d/copyright in
adopted package"):
> Ian Jackson <ijack...@chiark.greenend.org.uk> writes:
> > I would encourage everyone who does packaging to explictly licence
> > your debian/* with some very permi
eavily redacted, in the package.
As an example of how to do this for some upstream contributions, I
offer this:
https://browse.dgit.debian.org/sympathy.git/tree/COPYING.emails
> The bug associated with this ITA is #844184. By now it's kind of a
> long read ;-)
I haven't read it :-).
Goo
n that.
I think we should do that, yes, and I think that is fine.
Ian.
--
Ian Jackson <ijack...@chiark.greenend.org.uk> These opinions are my own.
If I emailed you from an address @fyvzl.net or @evade.org.uk, that is
a private address which bypasses my fierce spamfilter.
Drew Parsons writes ("Re: freeness and compatibility of CeCILL-C licence"):
> If I'm reading that right, we can link it from BSD and LGPL libraries.
> Currently MUMPS is in Debian used by
...
> code-aster GPL2
This is a problem then.
Is there any possibility of CeCILL being persuaded to add a
Dmitry Alexandrov writes ("Re: freeness and compatibility of CeCILL-C licence"):
> [Ian:]
> > (IMO it would not be fine if it specified Russian or Chinese courts.)
>
> Interesting idea. Any substantiation for such a discrimination of origin?
Some courts are more trustworthy than others.
Ian.
Carlos Alberto Lopez Perez writes ("Re: System libraries and the GPLv2"):
> However, I still don't understand why we don't just declare OpenSSL a
> system library; or at least define a clear policy for when a package is
> considered part of the base system (so the GPL system exception applies
> to
Drew Parsons writes ("freeness and compatibility of CeCILL-C licence"):
> There are various discussions about the status of the CeCILL-C licence
> v1 (and other CeCILL licences) in the history of this mailing list.
> It's not listed at https://www.debian.org/legal/licenses/
> but when it last
Ole Streicher writes ("No-Copyright?"):
> one (Java) source file of an ITP package (jcdf) has the following comments:
>
> * The code for the Huffman and Adaptive Huffman decompressing stream
> * implementations in this class is based on the C implementation in
> * "The Data Compression Book"
Paulo Ricardo Paz Vital writes ("OpenSSL license for new packages."):
> I'm intending to package the openssl-ibmca library for s390 arch into
> Debian and I have a question about the license.
Thanks for getting in touch.
> Since this is an engine for OpenSSL, we have choose the license as
>
Ben Finney writes ("Re: OpenSSL license for new packages."):
> Paulo Ricardo Paz Vital writes:
>
> > Since this is an engine for OpenSSL, we have choose the license as
> > OpenSSL License, which is based on BSD license.
>
> Two problems with that:
>
> * There are multiple
Kristian Fiskerstrand writes ("Re: OpenSSL license for new packages."):
> On 07/28/2017 02:45 PM, Ian Jackson wrote:
> > I looked at the git repository linked to, and a few guessing clicks
> > got me here
> > https://github.com/opencryptoki/openssl-ibmca/blob
Nicholas D Steeves writes ("File is BCP 78 or Simplified BSD? Lintian says BCP
78"):
> I am wondering if Lintian correctly detected a file's copyright as BCP
> 78, or if it's a false alarm. I want to believe that it's a false
> alarm, but have submitted a patch to make the package dfsg-free in
Justin Gerhardt writes ("Working with a non-public license"):
> I'm a first time package creator and I could use some advice in
> regards to a license. I'm looking to package some proprietary
> software for inclusion in the non-free repo. The software is a
> popular game that is distributed in two
p...@reseau-libre.net writes ("[licence] specific licenses for backdoor-factory
software"):
> I'm currently packaging "backdoor-factory" for the pkg-security team.
> The tool is already in kali.
> The upstream sources are hosted here:
> https://github.com/secretsquirrel/the-backdoor-factory
>
>
Jeff Epler writes ("Re: zstd: PATENTS application to copyright"):
> Apparently,
> https://github.com/facebook/zstd
> https://github.com/facebook/zstd/blob/dev/LICENSE
> https://github.com/facebook/zstd/blob/dev/PATENTS
>
> Contents of .../LICENSE of this date:
> BSD License
This is all fine.
Ben Finney writes ("Re: unknown license for package/debian/* in d/copyright in
adopted package"):
> Are there messages in that file that could be removed? I typically try
> to get a single message from the copyright holder, that contains an
> explicit and unambiguous grant of a specific license.
Nicholas D Steeves writes ("advice for free software package named almost
identically to non-free software"):
> An upstream has named their GPL software almost identically to a
> proprietary piece of software. Both the free and the proprietary
> software are developed in the U.S.A. The upstream
Ghislain Vaillant writes ("Re: Bug#875876: RFS: python-dtcwt/0.12.0-1"):
> FYI, here is the interpretation of the license by the upstream author. I
> asked about it back when I did the initial release, and no issue was
> raised by the FTP team.
>
> https://github.com/rjw57/dtcwt/issues/109
Hi, debian-science. debian-legal had a query about a program which
had a citation requirement in its licence. See below. What's our
usual approach ?
Boud Roukema writes ("does MUSIC (cosmology package) qualify as free under
DFSG?"):
> I would like to use the MUSIC cosmological initial
Herbert Fortes writes ("Re: Bug#875876: RFS: python-dtcwt/0.12.0-1"):
> [Ian Jackson:]
> > So I think that the situation is perfectly clear. Algorithms are not
> > covered by copyright (anywhere). The upstream author is just being
> > over-cautious in leaving in th
> =
>
> Anki's logo is copyright Alex Fraser, and is licensed under the AGPL3
> like the rest of Anki's code, but with extra provisions to allow more
> liberal use of the logo under limited conditions.
I read this as a dual licence. That is, the user may, at their option
use the AGPLv3
es:
...
> I still have doubts about if this situation is a DFSG violation and I
> need more opinions.
Pabs and Helmut are right.
Can't you find a copy of the configure.ac somewhere ? If not, you may
be able to reconstruct one. Skimreading the configure script suggests
that wouldn't be too
appropriate
copyright notice" perhaps read together with the GPL3 requirement for
notices of modification.
Ian.
--
Ian Jackson <ijack...@chiark.greenend.org.uk> These opinions are my own.
If I emailed you from an address @fyvzl.net or @evade.org.uk, that is
a private address which bypasses my fierce spamfilter.
documentation with
properly Free documentation.
Maybe if there *are* things we can present this way, we should present
them on manpages.nonfree.org ?
Ian.
--
Ian Jackson <ijack...@chiark.greenend.org.uk> These opinions are my own.
If I emailed you from an address @fyvzl.net or @evade
Ben Finney writes ("Re: Bug#874295: Not a bug"):
> Thomas Pierson writes:
> > It's only if a user want to connect to a particular external service
> > that a plugin file is downloaded and used.
>
> That is still a problem, IMO. It would be best if the program did not do
be minimal effort for a package maintainer to opt into).
(The question is: how do we stop a Postscript file received by email
being rendered automatically when the user clicks on it, while
allowing the user to still open a Postscript file they generated
themselves ?)
Ian.
--
Ian Jack
Ian Jackson writes ("Re: Can we serve GFDL documentation (e.g. gcc-7-doc) on
manpages.d.o?"):
> I haven't looked at gcc-7-doc, but a GFDL-licenced manpage would be
> legally serveable if there is no front cover text and no back cover
> text and no invariant sections. But s
Carsten Leonhardt writes ("Re: SHA1 implementation by Steve Reid"):
> Ian Jackson <ijack...@chiark.greenend.org.uk> writes:
> > And, if at any point in the future somebody takes a more legalistic
> > view and starts sending takedown notices, we can just throw away
he copyrightholders are likely to
be estopped from claiming otherwise because everyone has been relying
on that implied permission for, presumably, years).
Ian.
--
Ian Jackson <ijack...@chiark.greenend.org.uk> These opinions are my own.
If I emailed you from an address @fyvzl.net or @evade.org.uk, that is
a private address which bypasses my fierce spamfilter.
a fairly straightforward permissive licence. It looks
[A]GPL[123]-compatible to me, even.
So unless your "application in main" has a very odd licence, that too
is fine.
Don't forget to copy the licence text etc. into your program, if you
copy the DTDs, of course.
Ian.
--
Ian Jack
)
from the proprietary music files it downloads (permitted, if there
were a Free client that could do the download).
Ian.
--
Ian Jackson <ijack...@chiark.greenend.org.uk> These opinions are my own.
If I emailed you from an address @fyvzl.net or @evade.org.uk, that is
a private addr
Florian Weimer writes ("Re: DFSG + Hack typeface license with transition to
proposed new source file build in Debian package"):
> Ian Jackson:
> > Debian is not likely to accept a restriction on modifying glyphs. We
> > consider that Debian (and its downstream
provides new kernels, the user gets them automatically.)
Although Debian doesn't formally give security support for all of
these kernels, in practice they would probably get updated faster than
you would mananage if you had to do it yourselves.
Ian.
--
Ian Jackson <ijack...@chiark.green
Ian Jackson writes ("Re: Preinstall slightly modified Debian on laptops for
sale"):
> Kumar Appaiah writes ("Preinstall slightly modified Debian on laptops for
> sale"):
> > I am working with a team that is working on a low-cost laptop that
> > would be GN
Kumar Appaiah writes ("Re: Preinstall slightly modified Debian on laptops for
sale"):
> On Thu, Dec 07, 2017 at 12:56:31PM +, Ian Jackson wrote:
> > And it remains that your users would be better off with a kernel from
> > their distro, whatever th
Nicholas D Steeves writes ("Re: Bug#883731: audacious: Debian packaging has
incorrect license"):
> Will I also need to provide formal copies in debian/COPYING.emails or
> would a README.copyright or similar pointing to the bug report
> suffice? In particular I'm concerned about lines like this
Bastien ROUCARIES writes ("New license review"):
> May I ask a review about this license (http://lillicense.org/v1.html,
> verbatim below)
Ie, this one:
> Any modification to the software submitted to the authors may be
> incorporated into the software under the terms of this license.
I think
Bastien ROUCARIES writes ("Re: New license review"):
> On Mon, May 14, 2018 at 2:24 PM, Ian Jackson
...
> > I assume you are looking at some actual software you think is released
> > under this licence. There may be other problems with that specific
> > software
Sean Whitton writes ("Running an external JBIG2 encoder if one exists"):
> An upcoming release of OCRmyPDF, which I maintain in Debian, will call
> jbig2 if it can be found on PATH, or gracefully degrade. On Debian,
> this won't do anything, since we don't have that package.
>
> I don't have any
you should draw the matter to their attention (as well as that of
downstreams) by mentioning it in d/copyright.
Regards,
Ian.
--
Ian JacksonThese opinions are my own.
If I emailed you from an address @fyvzl.net or @evade.org.uk, that is
a private address which bypasses my fierce spamfilter.
ntry fields and key checks, but the fact that you are able to infer
> that the author likely intended something else makes the GPL
> declaration somewhat doubtful (despite the curious construction in
> section 7 of the GPLv3).
I think s7 of the GPLv3 is a complete answer to suggestions that
ptatible with the licence of
the rest of the package, and it is often useful to copy fragments from
one debian/ to another.
Ian.
--
Ian Jackson <ijack...@chiark.greenend.org.uk> These opinions are my own.
If I emailed you from an address @fyvzl.net or @evade.org.uk, that is
a private a
Ian Jackson writes ("Re: Bug#897046: RFS: link-grammar/5.4.4-1 [QA upload]"):
> But also I would like to suggest that people editing debian/ should
> explicitly add a CC0 dedication (or similar) somewhere.
This was ambiguous. I mean that the person editing debian/ should
ded
cult because there are many licences and
packages that are so obviously non-free that no-one ever discusses
them - and bringing them up on debian-legal, or asking ftpmaster about
them, would be a waste of time.
I do wonder if this approval tag might set up a bad incentive, for
people who want to p
Philipp Klaus Krause writes ("Re: Are register names and locations under
copyright?"):
> However, the files are just lists of register names and locations. So if
> the files are not under copyright, I guess that copyright note could be
> ignored?
Yes.
The ftpmasters seem to have agreed in the
It is OK for a Debian package to promote, to a limited
extent, the reasonable agenda of its upstreams - but we should not be
shipping crippleware.
HTH.
Ian.
--
Ian Jackson <ijack...@chiark.greenend.org.uk> These opinions are my own.
If I emailed you from an address @fyvzl.net or @evade.org.uk, that is
a private address which bypasses my fierce spamfilter.
(Adding d-legal)
Didier 'OdyX' Raboud writes ("CUPS GPL → Apache license change, how to
proceed?"):
> tl,dr; CUPS has moved from "GPL-2.0 with AOSDL exception" to
> "Apache-2.0"; how should the license incompatibilities be enforced?
This reply is going to be annoying, I fear:
> Some questions
Sébastien Villemot writes ("DFSG-compatibility of X13-ARIMA-SEATS (U.S. federal
govt. software)"):
> However, the last clause of the licence says that the `user agrees to
> make a good faith effort to use the Software in a way that does not
> cause damage, harm, or embarrassment to the United
n debian/ in the source package about
when you retrieved the web page (and, ideally, a copy of the page).
You probably also want to send a patch to upstream to fix the LICENSE
file to agree with the website.
Ian.
--
Ian JacksonThese opinions are my own.
If I emailed you from a
hen there is no other build system, then upstream are doing
the same manual thing that we are expecting ourselves, our users, and
our downstreams to do.
Thanks,
Ian.
--
Ian JacksonThese opinions are my own.
If I emailed you from an address @fyvzl.net or @evade.org.uk, that is
a private address which bypasses my fierce spamfilter.
Giacomo Tesio writes ("Re: Hacking License"):
> On Mon, 10 Dec 2018 at 18:31, Ian Jackson
> wrote:
> > I recommend to my fellow Debian Developers that they do not try to
> > introduce into Debian a package with this licence. In particular,
> > I would recomme
Giacomo Tesio writes ("Re: Hacking License"):
> On Mon, 10 Dec 2018 at 17:29, Ian Jackson
> > I think Giacomo would be well served by adopting AGPLv3+ and
> > nominating himself as licence steward.
>
> Thanks for your suggestion.
> Unfortunately AGPLv3 does
And now I will exercise my freedom to direct my energy by not engaging
with the rest of your message...
Regards,
Ian.
--
Ian JacksonThese opinions are my own.
If I emailed you from an address @fyvzl.net or @evade.org.uk, that is
a private address which bypasses my fierce spamfilter.
Giacomo Tesio writes ("Re: Hacking License"):
> Laziness is blind cost minimization.
>
> [150-odd lines more text deleted]
/me blindly minimises costs:
tl;dr
I think this closes the converation for me. I've made my pitch, and
you disagree.
Ian.
Xavier writes ("Re: Hacking License"):
> No Debian accepts any license that are DFSG compliant (DFSG is just a
> guidelines). You may use the 3 tests to understand what may be wrong :
These tests are not official. AFAIAA they do not form part of the
approval process used by the Debian ftpmasters
Jan-Henrik Haukeland writes ("Copyright concerns regarding Seafile"):
> Libzdb is licensed under GPLv3. Copying and modifying GPL code is
> perfectly fine as long as the original copyright notice and license
> are kept. Unfortunately, this is not what the Seafile team
> did. Instead they copied
a project, we do not have the resources to fully audit all the code
we ingest from upstreams and redistribute to our users. We must rely
on trust. That depends on the upstream being trustworthy.
Ian.
--
Ian JacksonThese opinions are my own.
If I emailed you from an address @f
"librejs" stuff is useful in practice
but we should probably offer it as an option. Something like a ublock
configuration that turns off JS by default and can be fiddled with,
would probably be appropriate for users who select 0 or 1.
Ian.
--
Ian JacksonThese opinions are my own.
r
(hopefully fairly small) screenshot into the source package ?
I don't use Facebook, so I will ask: How do you know that the Facebook
user in question is the same person as the copyright holder ?
Ian.
--
Ian JacksonThese opinions are my own.
If I emailed you from an address @fyvzl.n
e software.
The thing you are complaining about here is different, because that
particular feature only ever downloads non-free software.
Ian.
--
Ian JacksonThese opinions are my own.
If I emailed you from an address @fyvzl.net or @evade.org.uk, that is
a private address which bypasses my fierce spamfilter.
Nat Tuck writes ("Re: Missing source in firefox-esr: EME module"):
> [Ian Jackson:]
> > You didn't answer my question:
> > | [The bug] says that firefox-esr only downloads this proprietary
> > | software after explicit user action. Is that right ?
...
> If t
Nat Tuck writes ("Re: Missing source in firefox-esr: EME module"):
> All that gets a bit off topic for why I started this thread on debian-legal.
> Currently, the Firefox package *logically* bundles this component in a way
> that's clearly intended to dishonestly circumvent the DFSG. Papering
m exercising our rights
just because it would annoy proprietary software owners.
--
Ian JacksonThese opinions are my own.
If I emailed you from an address @fyvzl.net or @evade.org.uk, that is
a private address which bypasses my fierce spamfilter.
he preferred form for modification - but those
> don't normally have any copyright license granted (I certainly didn't
> put this email under a copyright license!) so they are non-free.
So that interpretation of the PFM is not compatible with upstream's
practices.
Ian.
--
Ian JacksonThese op
hey will probably
explicitly confirm the CC-BY-SA information from Wikimedia. Have you
tried that ?
Regards,
Ian.
--
Ian JacksonThese opinions are my own.
If I emailed you from an address @fyvzl.net or @evade.org.uk, that is
a private address which bypasses my fierce spamfilter.
or two
reasons:
- It makes it possible to upgrade the licence piecemeal to AGPL3+
later, because AGPL3+ and GPL2+ code can be mixed;
- GPL2's termination-for-fault clause is well known to be draconian.
Both GPL2+ and AGPL3+ are better choices than a custom clause because
they provide much bet
101 - 187 of 187 matches
Mail list logo