Debian Bug report logs - #885698
Update and document criteria for inclusion in /usr/share/common-licenses

Package: debian-policy; Maintainer for debian-policy is Debian Policy Editors <[email protected]>; Source for debian-policy is src:debian-policy (PTS, buildd, popcon).

Reported by: Sean Whitton <[email protected]>

Date: Fri, 29 Dec 2017 09:51:01 UTC

Severity: important

Blocking fix for 1009343: please consider adding Boost-1.0 and Expat to /usr/share/common-licenses, 1013195: Add AGPL-3 to common-licenses, 795402: base-files: Please add Creative Commons license texts, 833709: Please add the MIT/Expat license to common-licenses, 883966: debian-policy: please add MIT/Expat to common licenses, 883968: debian-policy: please add CC-BY-SA-3.0 to common licenses, 883969: debian-policy: please add CC-BY-SA-4.0 to common licenses, 884223: debian-policy: please add AGPL-3.0 to common licenses, 884224: debian-policy: please add CC-BY-3.0 to common licenses, 884225: debian-policy: please add CC-BY-4.0 to common licenses, 884226: debian-policy: please add EPL-1.0 to common licenses, 884227: debian-policy: please add zlib to common licenses, 884228: debian-policy: please add OFL-1.1 to common licenses, 910548: base-files - please consider adding /usr/share/common-licenses/Unicode-Data, 924094: Add Artistic-2.0 to common-licenses

Full log

🔗 View this message in rfc822 format

X-Loop: [email protected]
Subject: Bug#885698: What licenses should be included in /usr/share/common-licenses?
Reply-To: Jonas Smedegaard <[email protected]>, [email protected]
Resent-From: Jonas Smedegaard <[email protected]>
Resent-To: [email protected]
Resent-CC: Debian Policy Editors <[email protected]>
X-Loop: [email protected]
Resent-Date: Mon, 11 Sep 2023 04:48:03 +0000
Resent-Message-ID: <[email protected]>
Resent-Sender: [email protected]
X-Debian-PR-Message: followup 885698
X-Debian-PR-Package: debian-policy
X-Debian-PR-Keywords: 
References: <[email protected]> <[email protected]> <[email protected]> <[email protected]> <[email protected]> <[email protected]> <[email protected]>
X-Debian-PR-Source: debian-policy
Received: via spool by [email protected] id=B885698.16944075383046857
          (code B ref 885698); Mon, 11 Sep 2023 04:48:03 +0000
Received: (at 885698) by bugs.debian.org; 11 Sep 2023 04:45:38 +0000
X-Spam-Checker-Version: SpamAssassin 3.4.6-bugs.debian.org_2005_01_02
	(2021-04-09) on buxtehude.debian.org
X-Spam-Level: 
X-Spam-Status: No, score=-6.9 required=4.0 tests=ATTENDEES_DBSPAM_BODY3,
	BAYES_00,FOURLA,HAS_BUG_NUMBER,META_ATTENDEES_DBSPAM1,PGPSIGNATURE,
	SPF_HELO_PASS,SPF_PASS autolearn=ham autolearn_force=no
	version=3.4.6-bugs.debian.org_2005_01_02
X-Spam-Bayes: score:0.0000 Tokens: new, 17; hammy, 150; neutral, 205; spammy,
	0. spammytokens: hammytokens:0.000-+--allbery, 0.000-+--Allbery,
	0.000-+--H*ct:application, 0.000-+--H*ct:protocol, 0.000-+--H*ct:micalg
Received: from graograman.jones.dk ([194.45.78.41]:49556 helo=xayide.jones.dk)
	by buxtehude.debian.org with esmtps (TLS1.3:ECDHE_X25519__RSA_PSS_RSAE_SHA256__AES_256_GCM:256)
	(Exim 4.94.2)
	(envelope-from <[email protected]>)
	id 1qfYnn-00Cmc4-NL
	for [email protected]; Mon, 11 Sep 2023 04:45:38 +0000
Received: from localhost (localhost [127.0.0.1])
	by xayide.jones.dk (Postfix) with ESMTP id 549EEE0D;
	Mon, 11 Sep 2023 06:45:28 +0200 (CEST)
Received: from xayide.jones.dk ([127.0.0.1])
 by localhost (xayide.jones.dk [127.0.0.1]) (amavis, port 10024) with LMTP
 id WWk5uawCCBWC; Mon, 11 Sep 2023 06:45:24 +0200 (CEST)
Received: from localhost (unknown [192.168.222.40])
	(using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
	(No client certificate requested)
	by xayide.jones.dk (Postfix) with ESMTPSA id 1CADDD19;
	Mon, 11 Sep 2023 06:45:24 +0200 (CEST)
Content-Type: multipart/signed; micalg="pgp-sha512"; protocol="application/pgp-signature"; boundary="===============7843015345789552690=="
MIME-Version: 1.0
Content-Disposition: inline
In-Reply-To: <[email protected]>
From: Jonas Smedegaard <[email protected]>
To: [email protected], [email protected]
Date: Mon, 11 Sep 2023 06:45:22 +0200
Message-ID: <[email protected]>
User-Agent: alot/0.10

[Message part 1 (text/plain, inline)]
Quoting Russ Allbery (2023-09-10 23:24:24)
> Jonas Smedegaard <[email protected]> writes:
> 
> > I have so far worked the most on identifying and grouping source data,
> > putting only little attention (yet - but do dream big...) towards
> > parsing and processing debian/copyright files e.g. to compare and assess
> > how well aligned the file is with the content it is supposed to cover.
> 
> > So if I understand your question correctly and you are not looking for
> > the output of `licensecheck --list-licenses`, then unfortunately I have
> > nothing exciting to offer.
> 
> I think that's mostly correct.  I was wondering what would happen if one
> ran licensecheck debian/copyright, but unfortunately it doesn't look like
> it does anything useful.  I tried it on one of my packages (remctl) that
> has a bunch of different licenses, and it just said:
> 
> debian/copyright: MIT License
> 
> and apparently ignored all of the other licenses present (FSFAP, FSFFULLR,
> ISC, X11, GPL-2.0-or-later with Autoconf-exception-generic, and
> GPL-3.0-or-later with Autoconf-exception-generic).  It also doesn't notice
> that some of the MIT licenses are variations that contain people's names.
> 
> (I still put all the Autoconf build machinery licenses in my
> debian/copyright file because of the tooling I use to manage my copyright
> file, which I also use upstream.  I probably should change that, but I
> need to either switch to licensecheck or rewrite my horrible script.)
> 
> Also, presumably it doesn't know about copyright-format since it wouldn't
> be expecting that in source files, so it wouldn't know to include licenses
> referenced in License stanzas without the license text included.

Right.  Licensecheck so far mostly scans for human prose stating "this
has been licensed as..." and "this is the license...", and rarely is
able to recognize "the default license of this project is..." or "that
folder over there is licensed as..." style prose.

That said, there is interest in covering that as well, and also interest
in improving on non-prose forms like "[this is YAML;] Copyright: ..." or
binary forms most commonly embedded in fonts and ICC data in images.

It is helpful if you (i.e. anyone reading this) have a good (as in
particularly rich/tricky/peculiar) case that you file a bugreport
pointing to its failure of being recognized by licensecheck.

Also, I hadn't thought of there being interest in statistics - it should
not be too hard to spit out numbers for variation in licenses or
copyright holders once licensecheck has recognized the information.
Again, if someone has suggestions for formats they'd particularly like
such statistisc to be served from licensecheck then please file a
bugreport.

Sorry this isn't helping anything for the topic being discussed.


 - Jonas

-- 
 * Jonas Smedegaard - idealist & Internet-arkitekt
 * Tlf.: +45 40843136  Website: http://dr.jones.dk/
 * Sponsorship: https://ko-fi.com/drjones

 [x] quote me freely  [ ] ask before reusing  [ ] keep private
[signature.asc (application/pgp-signature, inline)]

Send a report that this bug log contains spam.

Debian bug tracking system administrator <[email protected]>. Last modified: Tue May 13 12:08:04 2025; Machine Name: buxtehude

Debian Bug tracking system

Debbugs is free software and licensed under the terms of the GNU General Public License version 2. The current version can be obtained from https://bugs.debian.org/debbugs-source/.

Copyright © 1999 Darren O. Benham, 1997,2003 nCipher Corporation Ltd, 1994-97 Ian Jackson, 2005-2017 Don Armstrong, and many other contributors.