checker-framework_3.0.0+repack1-1~exp2_amd64.changes REJECTED
Olek Wojnar
olek at debian.org
Sun Jul 5 03:32:50 BST 2020
Hi Thorsten,
Thanks for reviewing my package and thanks for the feedback! I have
uploaded a new version [1] that I believe addresses all of your concerns. I
took the opportunity to make a couple other minor improvements, detailed
below.
On Fri, Jul 3, 2020 at 5:00 PM Thorsten Alteholz <
ftpmaster at ftp-master.debian.org> wrote:
>
> Hi Olek,
>
> it looks strange to have one package with a version ~exp2 and only
> one debian/changelog entry besides a package with version ~exp1.
>
My mistake, I forgot to update the changelog. In the initial version I had
neglected to add the "lib" prefix to the binary package name.
After reading your email, I took the opportunity to start the
packaging from scratch because I've learned a lot about Gradle since I
first worked on this package. This now has a fairly conventional build
process (apart from the heavy patching required for any Gradle build). I
also packaged the 3.0.1 version instead of 3.0.0 to include the latest bug
fixes to the 3.x version.
Anyway, please tell upstream to put better copyright information into
> the software or at least start with the developers from pom.xml as
> copyright holders in your debian/copyright.
>
That's a fair point, done.[2] Sadly, not unique to this package as I'm sure
you've seen with other corporate-sponsored packages.
> If the term "Checker Framework developers" does not come from upstream,
> there should be real persons/companies mentioned as copyright holders.
>
That term is the only attribution that they give in their LICENSE.txt file.
[3] However, as I mentioned, I have asked them to be more verbose. In the
meantime, I took your suggestion and included the authors from the maven.org
pom.xml files in d/copyright. You may have noticed that in their
LICENSE.txt they have a rather confusing [4] explanation for which files
are covered under the MIT license. Digging through the source code, they
can only be referring to the source files for that build [5]. That is also
now clarified in the d/copyright file. (Previously, I was pulling the
source from maven.org and it did not include the GPL code. Pulling all the
code from GitHub allows us to build additional modules from this package in
the future if their dependencies become available in Debian.)
Finally, I clarified the updated d/copyright as well as the build system
decision in a fresh d/changelog.
Thanks!
> Thorsten
>
>
>
> ===
>
> Please feel free to respond to this email if you don't understand why
> your files were rejected, or if you upload new files which address our
> concerns.
>
Done :) Please let me know if you have any additional concerns!
-Olek
[1]
https://ftp-master.debian.org/new/checker-framework-java_3.0.1+ds-1~exp1.html
[2] https://github.com/typetools/checker-framework/issues/3429
[3]
https://github.com/typetools/checker-framework/blob/b323ab2d3dfcd0a3699ce61ad2c7f511db801afe/LICENSE.txt#L2
[4]
https://github.com/typetools/checker-framework/blob/master/LICENSE.txt#L14-L15
[5]
https://github.com/typetools/checker-framework/blob/master/checker-qual/build.gradle#L19-L29
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/pkg-java-maintainers/attachments/20200704/6c6c7f60/attachment.html>
More information about the pkg-java-maintainers
mailing list