Package: debian-policy
Version: 4.7.0.2
Severity: minor
X-Debbugs-Cc: j...@debian.org, ftpmas...@debian.org
I like to propose roughly the following changes, to bring
the specification of copyright information closer to the
reality and make them more useful as some sort of SBOM.
One thing left to do is document that we should not
make up our own copyright statements, which people
increasingly more do so and some ftpteam members
reject packages without copyright notices or with
vague copyright notices-ish ("Copyright foo contributors")
even if there are no copyright notices to be preserved.
>From 45a1d775788380b5e260c0be7f91cd362b4dde3c Mon Sep 17 00:00:00 2001
From: Julian Andres Klode <juli...@ubuntu.com>
Date: Fri, 24 Jan 2025 10:44:01 +0100
Subject: [PATCH] Change d/copyright requirements to reflect reality
Remove the need to only preserve copyright information required
to be retained by the license, as we want to document all copyright
information.
Remove the special exception for plain text files to be not documented,
as we want to have a central location for all of them, and generally
do require them anyway.
Narrow the exception for files not ending up in binary packages
to automatically generated files.
---
policy/ch-archive.rst | 28 +++-------------------------
1 file changed, 3 insertions(+), 25 deletions(-)
diff --git a/policy/ch-archive.rst b/policy/ch-archive.rst
index 7415b2c..b8c3117 100644
--- a/policy/ch-archive.rst
+++ b/policy/ch-archive.rst
@@ -257,31 +257,9 @@ Every package must be accompanied by a verbatim copy of its
distribution license(s) in the file ``/usr/share/doc/PACKAGE/copyright``.
The copyright information for files in a package must be copied
-verbatim into ``/usr/share/doc/PACKAGE/copyright``, when all of the
-following hold:
-
-#. the distribution license for those files requires that copyright
- information be included in all copies and/or binary distributions;
-
-#. the files are shipped in the binary package, either in source or
- compiled form; and
-
-#. the form in which the files are present in the binary package does
- not include a plain text version of their copyright notices.
-
-Thus, the copyright information for files in the source package which
-are only part of its build process, such as autotools files, need not
-be included in ``/usr/share/doc/PACKAGE/copyright``, because those
-files do not get installed into the binary package. Similarly, plain
-text files which include their own copyright information and are
-installed into the binary package unmodified need not have that
-copyright information copied into ``/usr/share/doc/PACKAGE/copyright``
-
-However, the copyright notices for any files which are compiled into
-the object code shipped in the binary package must all be included in
-``/usr/share/doc/PACKAGE/copyright`` when the license requires that
-copyright information be included in all copies and/or binary
-distributions, as most do. [5]_
+verbatim into ``/usr/share/doc/PACKAGE/copyright``, unless it
+pertains to automatically generated files not installed into
+binary packages (autotools files, for example).
See :ref:`s-copyrightfile` for further details.
--
2.47.1
also presumably we should replace copyright notice here with
license grant. A copyright notice is not a license grant, but
specifically under US law the line "Copyright <year(s)> <names>",
so this is factually wrong, though it may need more rewording
to make sense.
diff --git a/policy/ch-archive.rst b/policy/ch-archive.rst
index b8c3117..311d208 100644
--- a/policy/ch-archive.rst
+++ b/policy/ch-archive.rst
@@ -287,7 +287,7 @@ and its mirrors at all.
Note that under international copyright law (this applies in the United
States, too), *no* distribution or modification of a work is allowed
without an explicit notice saying so. Therefore a program without a
-copyright notice *is* copyrighted and you may not do anything to it
+license grant *is* copyrighted and you may not do anything to it
without risking being sued! Likewise if a program has a copyright notice
but no statement saying what is permitted then nothing is permitted.
-- System Information:
Debian Release: trixie/sid
APT prefers plucky
APT policy: (500, 'plucky'), (500, 'oracular-security'), (100,
'plucky-proposed')
Architecture: amd64 (x86_64)
Kernel: Linux 6.12.0-10-generic (SMP w/16 CPU threads; PREEMPT)
Kernel taint flags: TAINT_PROPRIETARY_MODULE, TAINT_WARN, TAINT_OOT_MODULE
Locale: LANG=C.UTF-8, LC_CTYPE=C.UTF-8 (charmap=UTF-8) (ignored: LC_ALL set to
C.UTF-8), LANGUAGE not set
Shell: /bin/sh linked to /usr/bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled
debian-policy depends on no packages.
Versions of packages debian-policy recommends:
ii libjs-jquery 3.6.1+dfsg+~3.5.14-1
ii libjs-sphinxdoc 8.1.3-3
ii sphinx-rtd-theme-common 3.0.2+dfsg-2
Versions of packages debian-policy suggests:
pn doc-base <none>
-- no debconf information
--
debian developer - deb.li/jak | jak-linux.org - free software dev
ubuntu core developer i speak de, en
