[Licenses-discuss] discussion on scanner/DEP-5
Osamu Aoki
osamu at debian.org
Fri Aug 11 18:33:15 UTC 2017
Hi Branden,
Your talk on your previous job and your insight on copyright review
process was interesting. Thank you.
At this Debconf17, after my talk on "Modernized packaging tutorial and
practical challenge of DEP-5"
https://debconf17.debconf.org/users/osamu/
https://people.debian.org/~osamu/MG-DEP-5.odp (presentation, I had)
3 license scan program authors had chat on the subject with Kate from
Linux Foundation.
Jonas Smedegaard <dr at jones.dk> (licensecheck /perl)
Osamu Aoki <osamu at debian.org> (debmake -cc and debmake -k /python)
Maximiliano Curia <maxy at gnuservers.com.ar> (decopy /python)
Kate Stewart <kstewart at linuxfoundation.org> (linux foundation)
We agreed to share test data.
Also, FOSSology and ScanCode was mentioned as existing tool.
In free discussion, Jonas had pointed key fact on DEP-5. It meant not
to impose any new task to the DD (in theory).
Of course it is almost curse to scan text by hand ... but DEP-5 had *
for File field. That makes human work to be sloppy and easy in reality.
Anyway, even if a new file is added, DEP-5 looks loike it covers the new
file.
So DEP-5 is not perfect. We also talked about SPDX License List. It
goes by each file. To me, SPDX has more practical consideration and
realistic. When we write scanner, we scan for each file which is
easier. Reducing to DEP-5 is extra work.
There were discussion that scanner can not be perfect and human review
and correction needs to be properly recorded etc.
Anyway, we also decided to create mailing list at alioth*
https://lists.alioth.debian.org/mailman/listinfo/licenses-discuss
I CC list and each person. (Maybe by next week, everyone will be on
list but it is too new now.)
Osamu
More information about the Licenses-discuss
mailing list