Thanks Michael for your analysis.
I dont't think that copying the files is a problem. After all we are
already unzipping the zlib tar ball to a location of our choosing. Why
should copying some of the files to yet another location change
anything? They are not part of the source package and the binary
packages will contain the resulting zlib library anyway, regardless of
the location of any of its source files. But, of course, I am not a laywer.
Regarding the license issue:
I agree that the licensing may appear to be confusing because the
LICENSE file referenced in unzip.c is missing. But if you look closely
at the text, it says that the license text is also included in zip.h,
and that file exists and contains the same license text that is also
listed in MiniZip64_info.txt (in the same directory.) That license is
Condition of use and distribution are the same than zlib :
This software is provided 'as-is', without any express or implied
warranty. In no event will the authors be held liable for any damages
arising from the use of this software.
Permission is granted to anyone to use this software for any purpose,
including commercial applications, and to alter it and redistribute it
freely, subject to the following restrictions:
1. The origin of this software must not be misrepresented; you must not
claim that you wrote the original software. If you use this software
in a product, an acknowledgment in the product documentation would be
appreciated but is not required.
2. Altered source versions must source/current/git/main/zlib/be
plainly marked as such, and must not be
misrepresented as being the original software.
3. This notice may not be removed or altered from any source
distribution.
This text is contained in main/LICENSE at around line 2017. I see no
problem with this.
More comments inline.
On 20.04.2012 00:14, Michael Meeks wrote:
Hi guys,
I've been meaning to poke you guys about this; but perhaps your RAT
scan found it already[1]. If you poke in zlib/ there is a patch[2] (to
create a makefile), that looks just fine on the first few reads:
zlib/zlib-1.2.5.patch
...
+SLOFILES= $(SLO)$/adler32.obj \
....
+ $(SLO)$/unzip.obj \
Modules that seem to come from the same (sane) zlib directory, but then
there is this:
+$(MISC)$/%.c : contrib$/minizip$/%.c
+ @echo ------------------------------
+ @echo Making: $@
+ @$(COPY) $< $@
which copies files out of the contrib/minizip/ directory into there.
Their headers appear uniformly licensed, -but- the .c files that are
copied in have confusing licensing eg. unzip.c
...
See the accompanying file LICENSE, version 2000-Apr-09 or later
(the contents of which are also included in zip.h) for terms of use.
If, for some reason, all these files are missing, the Info-ZIP license
also may be found at: ftp://ftp.info-zip.org/pub/infozip/license.html
...
So - I was wondering: do you guys have the Info-ZIP license in your
notices / documentation etc. ? not sure which category it is ? I believe
it's used by spotlight and some windows integration but not on Linux
etc.
Hopefully it's in time to get right in your release.
Absolutely. But it is good that you finished your analysis of the
source code before the RC and not after so that people don't get the
wrong impression about your intentions.
Best regards,
Andre
ATB,
Michael.
[1] - IMHO, only a compiler/pre-processor can -really- get to the bottom
of this kind of deep badness, no idea how that rat thing works.
[2] - interestingly it is flagged:
"Copyright according the GNU Public License"
seemingly nonsensical; though there are another 5x extant
instances of that string.
