[Debian-med-packaging] Bug#752223: Bug#752223: [biomaj-watcher] Some sources are not included in your package

olivier.sallou at codeless.fr olivier.sallou at codeless.fr
Sun Jun 22 07:08:37 UTC 2014 

Those sources files are not really "source files" , they are
added/generated by GWT, used to build the war file.
Those files are not used to build the package, and are
regenerated/copied by the build process from GWT.

As biomaj-watcher is in contrib, this should not be an issue.

I will, however, check if an easy repack of upstream tarball to remove
those files from source package is possible.

Olivier

On 06/21/2014 12:10 PM, Bastien ROUCARIES wrote:
> Package: src:biomaj-watcher
> Version: 1.2.1-1
> user: debian-qa at lists.debian.org
> usertags: source-is-missing
> severity: serious
> X-Debbugs-CC: ftpmaster at debian.org
>
> Hi,
>
> Your package seems to include some files that lack sources
> in prefered forms of modification:
>
> usr/share/biomaj-watcher/src/war/bmajwatcher/bmajwatcher.nocache.js
> (may be included elsewhere)
> usr/share/biomaj-watcher/src/war/resources/chart/open-flash-chart.swf
> usr/share/biomaj-watcher/src/war/resources/flash/swfobject.js
> (may be packaed under debian)
> usr/share/biomaj-watcher/src/war/bmajwatcher/sc/modules/ISC_DSBrowser.js
> usr/share/biomaj-watcher/src/war/bmajwatcher/sc/modules/ISC_EBay.js
> usr/share/biomaj-watcher/src/war/bmajwatcher/sc/modules/ISC_History.js
> usr/share/biomaj-watcher/src/war/bmajwatcher/sc/modules/ISC_Kapow.js
> (no idea about these 4)
>
> According to Debian Free Software Guidelines [1] (DFSG) #2:
>  "The program must include source code, and must allow distribution
>   in source code as well as compiled form.".
>
> This could also constitute a license violation for some copyleft
> licenses such as the GNU GPL.
>
> In order to solve this problem, you could:
> 1. repack the origin tarball adding the missing source to it.
> 2  add the source files to "debian/missing-sources" directory
>
> Both way satisfies the requirement that we ship the source. Second option
> might be preferable due to the following reasons [2]:
>  - Upstream can do it too and you could even supply a patch to them,
> thus full filling our social contract [3], see particularly §2.
>  - If source and non-source are in different locations, ftpmasters may
>    miss the source and (needlessly) reject the package.
>  - The source isn't duplicated in every .diff.gz/.debian.tar.* (though
>    this only really matters for larger sources).
>
> You could also ask debian-qa at lists.debian.org or #debian-qa for more
> guidance.
>
> [1] https://www.debian.org/social_contract.en.html#guidelines
> [2] https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=736873#8
> [3] https://www.debian.org/social_contract
>
> _______________________________________________
> Debian-med-packaging mailing list
> Debian-med-packaging at lists.alioth.debian.org
> http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/debian-med-packaging
>
> -- 
> gpg key id: 4096R/326D8438  (keyring.debian.org)
> Key fingerprint = 5FB4 6F83 D3B9 5204 6335  D26D 78DC 68DB 326D 8438

More information about the Debian-med-packaging mailing list