Package: tailor Version: 0.9.19-2 Severity: important Justification: DFSG 1 violation etc. by including _process.py
Please do not panic, it is easy to fix. :-) Proposed fix: (in /usr/lib/python2.4/site-packages/vcpx) * remove _process.py which cause useless license concern * possibly eliminate line 13-15 of shwrap.py for code clean. * ask upstream to change _process.py with the newer subprocess.py in 2.4 python package which has GPL compatible license. Explanation of fix: _process.py was included to address shortcomings of pre-python2.4 but it is not used in python2.4 environment. Currenty "tailor" package uses python2.4 due to bzr support inclusion. Thus, this package will function fine without _process.py and removal of _process.py will eliminate license issue :-) Explanation of license issue: _process.py found in tha package has following license: ----------------------------------------------------------------- ## From http://svn.red-bean.com/restedit/trunk/source/process.py # process - Subprocesses with accessible I/O streams # # Copyright (c) 2003-2004 by Peter Astrand <[EMAIL PROTECTED]> # # By obtaining, using, and/or copying this software and/or its # associated documentation, you agree that you have read, understood, # and will comply with the following terms and conditions: # # Permission to use, copy, modify, and distribute this software and # its associated documentation for any purpose and without fee is # hereby granted, provided that the above copyright notice appears in # all copies, and that both that copyright notice and this permission # notice appear in supporting documentation, and that the name of the # author not be used in advertising or publicity pertaining to # distribution of the software without specific, written prior # permission. # # THE AUTHOR DISCLAIMS ALL WARRANTIES WITH REGARD TO THIS SOFTWARE, # INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS. # IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY SPECIAL, INDIRECT OR # CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM LOSS # OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, # NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION # WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. ----------------------------------------------------------------- Although /usr/share/doc/tailor/copyright states GPL for tailor package, this is not GPL for sure. --> problem. This license only gives permission when fee is not charged. That seems to be DSFG1 violation. Also mixing code of GPL and this seems to be incompatible. I looked further and found practically the same code is licensed under # Licensed to PSF under a Contributor Agreement. # See http://www.python.org/2.4/license for licensing details. for python2.4. (subprocess.py) So no real issue should exist. Thus marked this as "important" instead of "serious". Cheers, Osamu -- System Information: Debian Release: testing/unstable APT prefers unstable APT policy: (500, 'unstable'), (500, 'testing') Architecture: i386 (i686) Shell: /bin/sh linked to /bin/bash Kernel: Linux 2.6.15-1-686 Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8) Versions of packages tailor depends on: ii python2.4 2.4.2-2 An interactive high-level object-o tailor recommends no packages. -- no debconf information -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
