On 07/10/16 05:37, Peter Colberg wrote:
> Dear Go package team,
> Could a DD upload the following three packages to the NEW queue?
> https://anonscm.debian.org/cgit/pkg-go/packages/golang-github-hlandau-goutils.git
> https://anonscm.debian.org/cgit/pkg-go/packages/golang-github-hlandau-buildinfo.git
> https://anonscm.debian.org/cgit/pkg-go/packages/golang-github-hlandau-dexlogconfig.git

> Please note the peculiar form of licensing chosen by the upstream
> author as described in each debian/patches/upstream-license.patch.

It is indeed peculiar, and I wonder what ftp-master will think of it.
Tracking license info for each commit could be fine, but the license
needs to be in the repository, otherwise an exported tarball has no
license. He could also import the license in each file if he wanted to
make sure everyone is aware...

Comments on the package (I only checked goutils):

* Replace the golang-go build-dependency with golang-any, which brings
gccgo where golang-go is not available.
* Drop the golang-go dependency in the binary package, as it is not
really needed.
* The description is too vague, this package is actually only useful for
his other utilities, so I'd specify that more clearly.
* In debian/copyright you say it is Expat license, but then your patch
says it is MIT.
* The copyright info for clock/* does not reflect anything in the
repository. I pressume you extracted this from RILTS?

> I have spent many, many issues trying to convince the author of
> shipping license files alongside their software; but instead, the
> author has devised a custom licensing scheme (RILTS) that places the
> license file in an external repository and references it by SHA256
> hash in the commit messages of a package’s repository.

Seeing his replies, I am not sure it will be a pleasant upstream to work
with :(

Martín Ferrari (Tincho)

Pkg-go-maintainers mailing list

Reply via email to