2010/2/8 Tres Seaver <tseaver@palladion.com>:
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
Gediminas Paulauskas wrote:
2010/2/8 Tres Seaver <tseaver@palladion.com>:
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
Gediminas Paulauskas wrote:
Hello Zope Developers,
I am packaging many Zope libraries for Ubuntu. But my packages were rejected by archive admin because the source tarballs do not satisfy the inclusion requirements.
From https://wiki.ubuntu.com/PackagingGuide/Basic#Copyright :
* The upstream tarball must contain verbatim copies of all licenses that are used by the files in the tarball. References to URLs or paths to system files (such as /usr/share/common-licenses/) are not sufficient. The license(s) must accompany the source code.
Every file under the ZPL has a sentence "A copy of the ZPL should accompany this distribution." in it's header. But that's not the case. Very few packages ship a ZopePublicLicense.txt in their source.
Reading the ZPL, its first condition is:
1. Redistributions in source code must retain the accompanying copyright notice, this list of conditions, and the following disclaimer.
Since this condition is not met, such packages cannot be legally distributed.
Who will add a copy of the license to each package in Zope SVN? When? $ wget \ http://pypi.python.org/packages/source/Z/Zope2/Zope2-2.12.3.tar.gz $ tar tzf Zope2-2.12.3.tar.gz | grep -i license Zope2-2.12.3/src/ZServer/medusa/dist/license.html Zope2-2.12.3/ZopePublicLicense.txt
I am talking about the packages making up the ZTK and ZopeApp. I am packaging each of them separately -- see http://revu.ubuntuwire.com/u/menesis . Each one, even the smallest ones like zope.size, zope.filerepresentation, zope.app.zcmlfiles has to contain a license in their source tarballs.
I've got no objections to having that file copied to each of those packages and new releases made, but it isn't my itch to scratch.
$ for pkg in $(cat list_of_package_branches_needing_zpl.txt); do \ svn cp -m "Add ZPL text" $ZSVN/Zope2/trunk/ZopePublicLicense.txt \ $ZSVN/$pkg; done
should be a start. Making new releases and uploading them is left as an exercise for the reader. I will note that Christian Theune is about to run a big script updating all comment headers to indicate copyright assignment to the Zope Foundation: perhaps you would coordinate with him, as he will likely be doing a release-and-upload-geddon after that change.
I know that copyright is about to be changed to Zope Foundation. A perfect time to ensure the license is there.
In the mean time, you could patch the file in via your debian/ control stuff, I guess. The Ubuntu / Debian interpretation of "legality of distribution" is not controlling outside their universes, I think.
Yes, I was told that patching the source to add the file would be enough to get them accepted. Provided that I ask the upstream developers to do that in the future for real.