Bug#741419: missing license in debian/copyright

Markus Koschany apo at gambaru.de
Mon Mar 17 14:04:12 UTC 2014 

On 17.03.2014 13:30, Thorsten Alteholz wrote:
[...]
>> The text was placed in the public domain hence it is not subject to any
>> copyright and upstream is allowed to put this file under the same
>> license as stated in upstream's LICENSE.txt. See also debian/copyright
>> paragraph 1, Files: *, License: BSD-4 which makes this very clear.
> 
> no, a work in the public domain does not allow relicensing of the
> original work. Only derivative work may be licensed differently. So Jon
> Bosak, who created the SGML and XML version might have choosen a
> different license, but I don't see any evidence that upstream of the
> package created a derivative work.
> Anyway the term "public domain" is only valid in certain contries. For
> example if the author lives in Germany, he can not abandon his rights
> and the term "public domain" just means that he retains all rights. So
> in this case the file would not be distributable by Debian. In order to
> avoid any pitfalls, this should be documented in debian/coypright.

I disagree with your assumptions of the term "public domain". The whole
reason for granting a work to the public domain is to waive any form of
copyright. Public domain works can also be freely used in derivative
works, non-free or free. By creating the jdom2 software such a
derivative work was created and the jdom2 license rightfully covers this
new work.

Please also note that the Hamlet text by Shakespeare is not
copyrightable under German law since Shakespeare died more than 70 years
ago. For what it's worth there is no indication that the developers of
jdom2 are not allowed to incorporate this text under the same license as
documented in debian/copyright.

I could only imagine that someone might add a comment to
debian/copyright with the clarification written above. The severity of
such a request would either be wishlist or minor.

[...]
> The files catalog.xml, catalog.xsl contain:
>    A simple XML file from Elliotte Rusty Harold's talk at SD 2000 East
>    http://www.ibiblio.org/xml/slides/sd2000east/xslt/
> I don't see any evidence that upstream is allowed to change the license
> of the original work or that upstream created a derivative work. So
> upstreams license does not apply to these files.

I cannot find a license that differs from the one upstream uses. The
Debian policy also says that the copyright file "_should_ name the
original authors". I agree that a mention of Elliotte Rusty Harold would
be an improvement but I still don't see any reason why this issue should
be release critical.


> This file contains the block:
> <licenses>
>   <license>
>     <name>Similar to Apache License but with the acknowledgment clause
> removed</name>
>     <url>https://raw.github.com/hunterhacker/jdom/master/LICENSE.txt</url>
>     <distribution>repo</distribution>
>     <comments xml:space="preserve"><![CDATA[
>       @license@
>     ]]></comments>
>   </license>
> </licenses>
> 
> This is rather misleading as nowadays the "Apache License" is Apache-2.0
> whereas upstream refers to Apache-1.1.

Upstream just states that their own license is _similar_ to the Apache
license. That doesn't mean that this file is licensed under a different
license other than what debian/copyright states.

> 
>> I cannot find any mentions of "Apache license" in jdom2 and no reasons
>> why this might be a policy violation.
> 
> It is mentioned in maven\maven.pom.

No, I'm afraid it does not. The Apache foundation is the creator of the
maven software but the file is licensed under BSD-4.

>>Please clarify your bug report
>> since the severity is currently not appropriate. Telling upstream "that
>> there is room for improvement" is severity "minor" at best.
> 
> The reason for the severity is not the "room for improvement". This was
> only meant as an additional comment.
> 
> I hope I could clarify things a bit and you now understand why I choose
> that severity.

I can only come to the conclusion that the correct severity of this bug
report should be either wishlist or minor. There is no policy violation.

Markus

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 949 bytes
Desc: OpenPGP digital signature
URL: <http://lists.alioth.debian.org/pipermail/pkg-java-maintainers/attachments/20140317/15f5d5b0/attachment.sig>

More information about the pkg-java-maintainers mailing list