Re: In need of help before RFS

[Paul Wise]

On Wed, Jul 27, 2016 at 11:09 AM, Boyuan Yang wrote:

> 1. Upstream put some *CA certificates* of VeriSign and Thawte inside
> repository and intends to install it into final binary package. I
> don't know how to write copyright information for these files.  What
> should I do to deal with this problem?

I'm not sure, but I expect these certificates are not copyrightable.

> 2. Even though it is a C++/Qt project, upstream is providing a small
> prebuilt .jar file for feature enhancement. The source code for the
> .jar file is provided as well. Does it mean that I should drop
> prebuilt jar file and rebuild it from source code utilizing the
> toolchain of Java during building process?

Yes please. I would suggest that upstream remove it from their source
tarball and VCS and adjust their build system to always build it from
scratch. They can include the pre-built jar in their binary package
downloads and or as a separate download for people who only want to
have to build the C++ parts.

> 3. When adding debian-specific patches, do I have to write
> pseudo-headers for patch diff file?

This would be a good idea but not mandatory, please follow DEP-3 when
adding such headers though.

http://dep.debian.net/deps/dep3/

-- 
bye,
pabs

https://wiki.debian.org/PaulWise

In need of help before RFS

[Boyuan Yang]

Hello all,

I am working on my ITP for nixnote2, an open-source Evernote desktop
client (https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=609849) and
met some problems. I hope someone could help solve my problems here:

1. Upstream put some *CA certificates* of VeriSign and Thawte inside
repository and intends to install it into final binary package. I
don't know how to write copyright information for these files.  What
should I do to deal with this problem?

BTW, I looked into the source package of `ca-certificates' and found
that those CA certificates was provided by Mozilla in MPL-2.0 in a
completely different type and was somehow transformed into usable
certificates when building binary package.

2. Even though it is a C++/Qt project, upstream is providing a small
prebuilt .jar file for feature enhancement. The source code for the
.jar file is provided as well. Does it mean that I should drop
prebuilt jar file and rebuild it from source code utilizing the
toolchain of Java during building process?

3. When adding debian-specific patches, do I have to write
pseudo-headers for patch diff file? It is clear that patches generated
by dpkg-source or gbp provides such patches templates as well as "diff
--git" format diff files, but when I am trying to manage patches with
quilt, the generated patches are just plain traditional "diff -u"
style patch files.

4. There is one source file which is licensed under
*public-domain*(see the d/copyright file for detail, the whole project
is under GPL-2 though). I found some words about this situation
(https://www.debian.org/doc/packaging-manuals/copyright-format/1.0/#public-domain)
but still have little idea about writing correct copyright paragraph
in debian/copyright file. Should I just leave the body of license
empty, or should I add some description words here? And should I leave
the copyright-holder line empty, or just delete the "Copyright: "
line? I am in need of your suggestions. A concrete example would be
much appreciated.

For those who may be interested, my current work is hosted on
https://github.com/hosiet/nixnote2 .

Thanks,
Boyuan Yang