r18 - in /web: ./ deps/dep5.mdwn

vorlon at users.alioth.debian.org vorlon at users.alioth.debian.org
Thu Mar 19 05:25:52 UTC 2009 

Author: vorlon
Date: Thu Mar 19 05:25:51 2009
New Revision: 18

URL: http://svn.debian.org/wsvn/dep/?sc=1&rev=18
Log:
initial import of wiki.d.o/Proposals/CopyrightFormat as DEP5

Added:
    web/deps/dep5.mdwn
Modified:
    web/   (props changed)

Propchange: web/
------------------------------------------------------------------------------
--- bzr:file-ids (original)
+++ bzr:file-ids Thu Mar 19 05:25:51 2009
@@ -1,1 +1,1 @@
-index.mdwn	1 at 31fa8809-74ff-43ad-b926-e2fb09161165:web%2Findex.mdwn
+deps/dep5.mdwn	dep5.mdwn-20090318221159-u5o9mygfyg532tqu-1

Propchange: web/
------------------------------------------------------------------------------
--- bzr:revision-id:v4 (original)
+++ bzr:revision-id:v4 Thu Mar 19 05:25:51 2009
@@ -1,1 +1,2 @@
 14 vorlon at debian.org-20090318210105-bi8mutwera9p638q
+15 vorlon at debian.org-20090319052545-1012dre14gy76r8d

Propchange: web/
------------------------------------------------------------------------------
--- bzr:revision-info (original)
+++ bzr:revision-info Thu Mar 19 05:25:51 2009
@@ -1,4 +1,4 @@
-timestamp: 2009-03-18 14:01:05.375000000 -0700
+timestamp: 2009-03-18 22:25:45.874000072 -0700
 committer: Steve Langasek <vorlon at debian.org>
 properties: 
 	branch-nick: web

Propchange: web/
------------------------------------------------------------------------------
--- bzr:text-parents (original)
+++ bzr:text-parents Thu Mar 19 05:25:51 2009
@@ -1,1 +1,0 @@
-index.mdwn	svn-v4:31fa8809-74ff-43ad-b926-e2fb09161165:web:13

Added: web/deps/dep5.mdwn
URL: http://svn.debian.org/wsvn/dep/web/deps/dep5.mdwn?rev=18&op=file
==============================================================================
--- web/deps/dep5.mdwn (added)
+++ web/deps/dep5.mdwn Thu Mar 19 05:25:51 2009
@@ -1,0 +1,649 @@
+[[!meta title="DEP-5: Machine-readable debian/copyright"]]
+
+Title: Machine-readable debian/copyright
+DEP: 5
+State: DRAFT
+Date: 2009-03-18
+Drivers: Steve Langasek <vorlon at debian.org>
+URL: http://dep.debian.net/deps/dep5
+Abstract:
+ Establish a standard, machine-readable format for debian/copyright
+ files within packages, to facilitate automated checking and
+ reporting of licenses for packages and sets of packages.
+
+
+[[!toc]]
+
+# Introduction
+
+This is a proposal to make `debian/copyright` machine-interpretable.
+This file is one of the most important files in Debian packaging, yet
+its existing format is vague and varies tremendously across packages,
+making it difficult to automatically parse.
+
+This is not a proposal to change the policy in the short term.
+
+# Rationale
+
+The diversity of free software licenses means that Debian needs to care
+not only about the freeness of a given work, but also its license's
+compatibility with the other parts of Debian it uses.
+
+The arrival of the GPL version 3, its incompatibility with version 2,
+and our inability to spot the software where the incompatibility might
+be problematic is one prominent occurrence of this limitation.
+
+There are earlier precedents, also. One is the GPL/OpenSSL
+incompatibility. Apart from grepping `debian/copyright`, which is
+prone to numerous false positives (packaging under the GPL but software
+under another license) or negatives (GPL software but with an "OpenSSL
+special exception" dual licensing form), there is no reliable way to
+know which software in Debian might be problematic.
+
+And there is more to come. There are issues with shipping GPLv2-only
+software with a CDDL operating system such as Nexenta. The GPL version 3
+solves this issue, but not all GPL software can switch to it and we have
+no way to know how much of Debian should be stripped from such a system.
+
+# Compatibility and Human-Readability
+The file must be encoded as UTF-8 and strictly formatted as a superset
+of RFC2822 including significant newlines. Free-form text is not
+allowed.
+
+The `debian/copyright` file must be machine-interpretable, yet
+human-readable, while communicating all mandated upstream information,
+copyright notices and licensing details.
+
+For the sake of human-readability this proposal avoids any complex field
+names or syntax rules.
+
+# Implementation
+## Sections
+### Header Section (Once)
+The header should be rfc2822 compliant, consisting of multiple fields.
+
+ * format specification
+   * only once
+   * mandatory
+   * Suggested name: **`Format-Specification`**
+   * Suggested format: URI of the format specification, such as:
+     * http://wiki.debian.org/Proposals/CopyrightFormat?action=recall&rev=REVISION
+     * Note that the unwieldy length of the URL should be solved in 
+future by hosting the specification at a shorter URL (including
+specification version).
+     * Currently (2008-07-25) this field can trigger a lintian warning
+about excessive line length; an exception for the
+`Format-Specification` line is pending in
+[bug 491302](http://bugs.debian.org/491302).
+
+ * name of the software as spelled upstream
+   * only once
+   * optional
+   * Suggested name: **`Upstream-Name`**
+   * Suggested format: single line (in most cases a single word)
+ * preferred way(s) to reach current upstream maintainer
+   * only once
+   * optional
+   * Suggested name: **`Upstream-Maintainer`**
+   * Suggested format: line(s) of RFC2822 address or URIs or free text,
+one line per preferred way
+ * where the upstream sources (if any) were downloaded from
+   * only once
+   * optional
+   * Suggested name: **`Upstream-Source`**
+   * Suggested format: line(s) of URIs, one line per upstream source
+ * disclaimer for non-free and contrib packages (see [Policy
+12.5](http://www.debian.org/doc/debian-policy/ch-docs.html#s-copyrightfile)
+   * only once
+   * optional
+   * Suggested name: **`Disclaimer`**
+   * Suggested format: free content explaining that the contrib or
+non-free package is not part of the Debian GNU/Linux distribution and
+briefly explain why.
+
+Examples:
+
+	Format-Specification: http://wiki.debian.org/Proposals/CopyrightFormat?action=recall&rev=196
+	Upstream-Name: SOFTware
+	Upstream-Maintainer: John Doe <john.doe at example.com>
+	Upstream-Source: http://www.example.com/software/project
+
+	Format-Specification: http://wiki.debian.org/Proposals/CopyrightFormat?action=recall&rev=196
+	Upstream-Name: xyz
+	Upstream-Maintainer: Jane Smith <jane.smith at example.com>
+	Upstream-Source: http://www.example.com/gitwww
+
+### Files Section (Repeatable)
+
+The declaration of copyright and license for files is done in one or
+more stanzas, formatted as RFC2822-style fields. Each stanza is
+separated from others by a blank line.
+
+ * List of files sharing copyright holders and licensing terms
+   * Repeatable field, like the **`Package`** field in `debian/control`
+   * Suggested name: **`Files`**
+   * Suggested format: list of files or patterns, see "File patterns" below
+   * Good place to add mandatory hints on original package authors: use
+**`Files: debian/*`**
+ * Copyright holders for the files listed in the previous **`Files`** field
+   * Repeatable field, one field per copyright statement
+   * Suggested name: **`Copyright`**
+   * Suggested format: a single valid copyright statement
+     * Example Format: Copyright 2008, John Q. Holder <john.holder at example.org>
+     * A valid copyright statement, as per the UCC, MUST include all of the following:
+       * One of "Copyright", "Copr.", or "©". Note that an approximation
+like "(c)" is explicitly *not* acceptable; it never had legal standing
+and is too ambiguous.
+       * The year(s) of publication of the work. Years SHOULD be full
+four-digit years, either separately or a dash-separated range of
+four-digit years.
+       * The specific identifying name of the copyright holder. Real names
+of people or legal entities SHOULD be used where available instead of
+nicknames or "screen names". Optional contact information or URI is
+recommended.
+       Maintainers MAY reformat copyright statements for clarity or
+consistency as long as the legal meaning is not changed. For more
+information study the [GPL
+Howto](http://www.gnu.org/licenses/gpl-howto.html).
+     * History of package maintainers can optionally be reflected as
+multiple copyright fields for **`Files: debian/*`**
+ * Licensing terms for the files listed in the previous **`Files`** field
+  * Suggested name: **`License`**
+  * Suggested format:
+    * First line: See *Keywords* section.
+    * Remaining lines: One of the following:
+      * If a single license keyword is used you must either:
+        * Copy the full text of the license, or
+        * Leave this section empty if a standalone **`License`**
+section exists (see the *Standalone License Section* section) that
+matches the license keyword.
+      * If multiple licenses apply you must not copy any text into the
+remaining lines. A standalone **`License`** section must be used
+for each license keyword mentioned.
+
+Example:
+
+	Files: *
+	Copyright: Copyright 2008, John Doe <john.doe at example.com>
+	Copyright: Copyright 2007, Jane Smith <jane.smith at example.com>
+	License: PSF-2
+	 [LICENSE TEXT]
+
+## Resolved issues
+
+### Standalone License Section
+Where a set of files are dual (tri, etc) licensed you must use a single
+line **`License`** field and use standlone **`License`** fields to
+expand the license keywords.
+
+	Files: src/js/editline/*
+	Copyright: Copyright 1993, John Doe
+	Copyright: Copyright 1993, Joe Average
+	License: MPL-1.1 | GPL-2 | LGPL-2.1
+	License: MPL-1.1
+	 [LICENSE TEXT]
+	License: GPL-2
+	 [LICENSE TEXT]
+	License: LGPL-2.1
+	 [LICENSE TEXT]
+
+Where multiple sets of files use the same license you can avoid
+repetition by using a single line **`License`** field and use a separate
+standalone **`License`** field to expand the license keyword.
+
+	Files: src/js/editline/*
+	Copyright: Copyright 1993, John Doe
+	Copyright: Copyright 1993, Joe Average
+	License: MPL-1.1
+	Files: src/js/fdlibm/*
+	Copyright: Copyright 1993, J-Random Comporation
+	License: MPL-1.1
+	License: MPL-1.1
+	 [LICENSE TEXT]
+
+### License Aliases
+
+If a common type of license is a combination of multiple licenses (like 
+the perl license), an alias can be made, so that it can be clear that 
+it's the particular combination of licenses and not just any 
+combination.
+
+	Files: *
+	License: Perl
+	License-Alias: Perl
+	Licenses: GPL-2+ | Artistic-2.0
+	License: GPL-2+
+	 [LICENSE TEXT]
+	License: Artistic-2.0
+	 [LICENSE TEXT]
+
+
+## Fields Detail
+### Files
+#### Format
+The value of the **`Files`** field should be a list of comma-separated
+values:
+
+	Files: foo.c, bar.*, baz.[ch]
+
+File names containing spaces or commas should be put within double
+quotes. The backslash character is an escaping character, be it inside
+or outside double quotes:
+
+	Files: "Program Files/*", manual[english].txt
+
+#### Syntax
+Patterns are the ones recognised by the `find` utility's `-name`
+option and in case of the pattern contains path separator "/", it can be
+used for `-path` option.
+
+The following matches all `Makefile.am` files in the tree and all
+Python scripts:
+
+	Files: */Makefile.am, *.py
+
+But this will only match the top-level `Makefile.am`:
+
+	Files: ./Makefile.am
+
+The command for find from the first example would be:
+
+	find . -path "*/Makefile.am -o -name "*.py"
+
+It is quite common for a work to have files with copyright held by
+different parties and received under different licenses. To allow this,
+**multiple stanzas are allowed with different `Files`
+declarations**.
+
+However it makes for easier reading if the copyright file lists the
+"main" license first: the one matching the "top level" of the work, with
+others listed as exceptions. To allow this, the following precedence
+rule applies for matching files: **If multiple `Files` declarations
+match the same file, then only the last match counts.**
+
+As a result, it is recommended for clarity that the stanzas appear in
+order from most general (e.g. `Files: *`) first, through to most
+specific. In the following example, the file `getopt.c` matches both
+`Files: *` and `Files: getopt.*`; only the last match counts, so
+the file `getopt.c` has the license declaration `License: BSD-C2`.
+
+	Files: *
+	Copyright: Copyright 2003-2005, John Doe <jdoe at xample.com>
+	License: [the main work's license]
+	 [LICENSE TEXT]
+	Files: getopt.*
+	Copyright: Copyright 2000, The Corporation Foundation, Inc.
+	License: BSD-C2
+	 [LICENSE TEXT]
+	Files: debian/*
+	Copyright: Copyright [years], [the debian package copyright holder]
+	License: [the debian package license]
+	 [LICENSE TEXT]
+
+It is very common for the Debian packaging work to have a different
+copyright holder and/or license from the upstream work. In these cases,
+it is important that the `debian/*` pattern is placed after any
+other conflicting patterns.
+
+### License
+#### Keywords
+The "`License`" field, to be machine-parseable, should not contain
+arbitrary values. There needs to be a list of accepted keywords which
+have a very specific, unambiguous meaning. The convention for license
+abbreviations keyword is `XYZ` for a license with only one version, and
+`XYZ-n` for sequential version *n* of the XYZ license, where
+`XYZ-1` is chronologically earlier than `XYZ-2`. The syntax of
+the `License` keyword can be defined using similar to [EBNF
+grammar](http://en.wikipedia.org/wiki/Extended_Backus–Naur_form):
+
+		License ::= <keyword>[<version>]["BY" {N* <clarification>}]
+		<keyword> ::=
+			<License keyword FSF>
+			| <License keyword BSD>
+			| <License keyword well known>
+			| "other"
+		<License keyword FSF> ::=
+			GPL | LGPL | AGPL | GFDL
+		<License keyword BSD> ::=
+			... to be decided, see table below for proposals.
+		<License keyword well known> ::=
+			... to be decided, see table below for proposals.
+		<version>          ::= <License version>["+"]
+		<License version>  ::= <Numeric version> | <Other version>
+		<Numeric version>  ::= [0-9.]+
+		<Other version>    ::= <Vendor's version> | <publication date>
+		<Vendor's version> ::= string (* anything: "A", "B", "public" *)
+		<publication date> ::= YYYYMMDD
+		<clarification> ::=
+			<clarification GPL>
+			| <clarification GFDL>
+			| <clarification CC>
+			| <clarification other>
+		<clarification GPL> ::=
+			"-CC"      (* With Creative Commons' metadata and Commons Deed added to GPL *)
+			"-OpenSSL" (* With openSSL exception added *)
+			"-Font"    (* With font exception added *)
+		<clarification GFDL> ::=
+			"-NIV" (* With no invariant sections *)
+			"-CC"  (* With Creative Commons' metadata and Commons Deed added to GFDL *)
+		<clarification CC> ::= (* Creative Commons License variants *)
+			"-NC" (* No Commercial *)
+			"-ND" (* No Derivative Works *)
+			"-SA" (* Share Alike *)
+		<clarification other> ::= Other list of license specific keywords that clarify optional parts included or exluded.
+
+Examples of the above grammar:
+
+[[!table data="""
+**keyword** | **meaning**
+`Apache-2.0` | Apache license, version 2.0 only
+`GPL-2+` | GNU General Public License, version 2 or (at your option) any later version
+`GPL-3` | GNU General Public License, version 3 only
+`LGPL-2` | GNU Lesser General Public License, version 2 only
+`LGPL-2+-BY-OpenSSL` | GNU Lesser Public License, version 2 or (at your option) any later and with OpenSSL linkage exception added
+`GFDL-1.2` | GNU Free Documentation License, version 1.2 only
+`GFDL-1.2+-BY-NIV` | GNU Free Documentation License, version 1.2 or (at your option) any later, with no invariant sections
+`PSF-2` | Python Software License, version 2 only
+`other` | Any other custom license. *License notice text must be copied verbatim.*
+"""]]
+
+Notes:
+
+TODO: If author did not specify version and version cannot be decoded
+from the context or other files, how the license should be expressed?
+
+Consult FSF's page for
+[GPL
+compatibility](http://www.fsf.org/licensing/licenses/#GPLCompatibleLicenses)
+of particular license.
+
+There is no difference between regular versions and point-zero versions.
+E.g. keyword `CC-3` is identical to `CC-3.0` notation. The
+*point-zero* syntax can be used in cases where there are minor
+releases of the same license available; like in case of GFDL-1.2.
+
+The extra plus-sign in `<License version>["+"]` means that the
+License contains clauses similar to GPL's "version N or (at your option)
+any later version".
+
+The GPL "`-Font`" clarification refers to the text added to the
+license notice of each file as expressed at FSF's page
+[How does the GPL apply to
+fonts?](http://www.gnu.org/licenses/gpl-faq.html#FontException).  The
+text needed is:
+
+> ...
+
+> As a special exception, if you create a document which uses this font,
+> and embed this font or unaltered portions of this font into the
+> document, this font does not by itself cause the resulting document to
+> be covered by the GNU General Public License. This exception does not
+> however invalidate any other reasons why the document might be covered
+> by the GNU General Public License. If you modify this font, you may
+> extend this exception to your version of the font, but you are not
+> obligated to do so. If you do not wish to do so, delete this exception
+> statement from your version.
+
+The GPL "`-OpenSSL`" clarification gives permission in cases where GPL
+code is linked with OpenSSL library. For more information, see page
+["The OpenSSL License and The 
+GPL"](http://www.gnome.org/~markmc/openssl-and-the-gpl.html) by Mark
+McLoughlin and message 
+["middleman software license conflicts with
+OpenSSL"](http://lists.debian.org/debian-legal/2004/05/msg00595.html)
+by Mark McLoughlin in Debian legal mailing list. Any GPL source that
+uses OpenSSL and does not contain an openSSL exception notice is
+[REJECTED](http://ftp-master.debian.org/REJECT-FAQ.html) by the Debian
+FTP administrators. The license notice needs to include following or
+close to similar excerpt to qualify for `BY-OpenSSL` which allows
+linking with OpenSSL:
+
+> ...
+
+> In addition, as a special exception, the copyright holders give
+> permission to link the code of portions of this program with the
+> OpenSSL library under certain conditions as described in each
+> individual source file, and distribute linked combinations including
+> the two.
+
+> You must obey the GNU General Public License in all respects for all
+> of the code used other than OpenSSL. If you modify file(s) with this
+> exception, you may extend this exception to your version of the
+> file(s), but you are not obligated to do so. If you do not wish to do
+> so, delete this exception statement from your version. If you delete
+> this exception statement from all source files in the program, then
+> also delete it here.
+
+
+**&lt;License keyword BSD>**
+
+*Proposal 1:*
+
+Comment: These licenses have no recognised version number. Perhaps the
+abbreviation should deliberately show the number of clauses in a way
+that doesn't indicate a version number: BSD-C<N>. But that still sounds
+vaguely like a version number; it still suggests sequence in the
+different versions that doesn't actually match the true chronology; it
+also fails to indicate *which* clauses are included. —BenFinney
+2008-10-16
+
+[[!table data="""
+**keyword** | **GPL compatible** | **meaning**
+`BSD-C2` | Yes | Two-clause BSD license
+`BSD-C3` | Yes | Three-clause BSD license, with no-endorsement clause, as seen in `/usr/share/common-licenses/BSD`
+`BSD-C4` |<bgcolor="#ffcccc"> No | Four-clause BSD license, with no-endorsement clause and advertising clause; GPL-incompatible (need exact text)
+"""]]
+
+*Proposal 2:*
+
+In the absence of a clear succession of differently-numbered consecutive
+versions of a license text, my proposal is: we could come up with
+abbreviations similar to those used for indicating active clauses in the
+Creative Commons licenses. This way, no false impression of
+chronological sequence is implied, and the abbreviation provides a
+mnemonic for what the terms of the license actually are, not just the
+number of clauses in them. -- BenFinney 2008-10-15
+
+[[!table data="""
+`BSD-BY-LC` | forms requiring only the inclusion of copyright notice and condition
+`BSD-BY-LC-NE` | plus “no endorsement without permission”
+`BSD-BY-LC-NE-AD` | plus “advertising required”
+"""]]
+
+*Proposal 3:*
+
+While mnemonics like `LC,NE,AD` may sound practical (where does LC
+abbreviation come from?), in BSD case I find them lacking wider
+recognition. The BSD licenses have been examined by FSF, so perhaps we
+could use names and definitions used at [License
+list](http://www.gnu.org/philosophy/license-list.html#FreeBSD)
+—JariAalto
+
+[[!table data="""
+`keyword` | `GPL compatible` | `meaning`
+[BSD](http://www.gnu.org/philosophy/license-list.html#OriginalBSD) |<bgcolor="#ffcccc"> No | Also known as the “[Original 4-clause BSD license](http://www.opensource.org/licenses/bsd-license.php)”. Contains the “obnoxious BSD advertising clause”.
+[ModifiedBSD](http://www.gnu.org/philosophy/license-list.html#ModifiedBSD) | Yes | This is the original BSD license, modified by removal of the advertising clause. It is a simple, permissive non-copyleft free software license.
+[FreeBSD](http://www.gnu.org/philosophy/license-list.html#FreeBSD) | Yes | Also known as the “[2-clause BSD license](http://www.freebsd.org/copyright/freebsd-license.html)”. Original BSD license with the advertising clause and another clause removed. This is safe, simple, permissive non-copyleft free software license.
+[OpenBSD](http://www.gnu.org/philosophy/license-list.html#ISC) | Yes | Also known by name "[ISC License](http://www.opensource.org/licenses/isc-license.txt)". This license does have an unfortunate wording choice.
+[ClearBSD](http://www.gnu.org/philosophy/license-list.html#clearbsd) | Yes | Based on the modified BSD license, and adds a term expressly stating it does not grant you any patent licenses.
+"""]]
+
+**&lt;License keyword well known>**
+
+The basis of these keywords should be wide recognition. Something based
+on lists like [Open Source Initiative: Licenses by
+Name](http://www.opensource.org/licenses/alphabetical),
+[Wikipedia: List of FSF approved software
+licences](http://en.wikipedia.org/wiki/List_of_FSF_approved_software_licences),
+[FSF: Various Licenses and Comments about 
+Them](http://www.gnu.org/philosophy/license-list.html) and [Open Source
+Initiative: Licenses by
+Name](http://www.opensource.org/licenses/alphabetical).
+
+This list does not yet represent all widely used licenses. Good
+candicates are those listed in FSF or OSI pages mentioned above.  The
+column "Version needed" means that the license keyword should always be
+accompanied with version number. E.g. plain keyword `Artistic` is to
+be avoided in favor of more explicit `Artistic-2` keyword.
+
+The *GPL compatible* field indicates compatibility in respect to
+license's version. E.g in case of Apache, the "2.0+ (v3)" means that
+Apache license version 2.0 was the first GPL v3 compatible license. The
+Apache licenses are not GPL v2 compatible. In case of CPL, the "No
+(1.0)" means that license version 1.0 is GPL incompatible; no
+information about other versions is known. If the field is linked to
+somewhere else, it means that the opinion has not been verified by FSF,
+but external source is being cited.
+
+[[!table data="""
+**keyword** | **Version needed?** | **GPL compatible** | **meaning**
+`Apache` | Yes | 2.0+ (v3) | Apache license. For versions, consult [Apache Software Foundation](http://www.apache.org/licenses/).
+`Artistic` | Yes | 2.0+ (v2+) | The Perl Artistic license. For versions, consult [Perl Foundation](http://www.perlfoundation.org/perl5/index.cgi?action=revision_list;page_name=artistic_license)
+`CDDL` | Yes |<bgcolor="#ffcccc"> No | Common Development and Distribution License, For verions, consult [Sun Microsystems](http://www.sun.com/cddl/). Based on MPL 1.1.
+`Eiffel` | Yes | [2+](http://www.eiffel-nice.org/license/) | The Eiffel Forum License. For versions, consult [Open Source Initiative](http://www.opensource.org/licenses/eiffel.html)
+`CPL` | Yes |<bgcolor="#ffcccc"> No 1.0 | For versions, consult [IBM Common Public License (CPL) Frequently asked questions](http://www.ibm.com/developerworks/library/os-cplfaq.html). See also [Wikipedia](http://en.wikipedia.org/wiki/Common_Public_License)
+`ISC` |<bgcolor="#ffebbb"> No | Yes | The Internet Software Consortium's [“ISC license”](http://opensource.org/licenses/isc-license.txt). Sometimes also known as the OpenBSD License
+`MPL` | Yes |<bgcolor="#ffcccc"> No | Mozilla Public License. For versions, consult [Mozilla.org](http://www.mozilla.org/MPL)
+`PSF` | Yes |<bgcolor="#ffcccc"> No 1.6b1-2.1 | For versions, consult [Python Software Foundation License](http://www.python.org/psf/license/)
+`W3C-Software` | Yes (YYYMMDD) | Yes | The W3C Software License. For more information, consult [W3C Intellectual Rights FAQ](http://www.w3.org/Consortium/Legal/IPR-FAQ-20000620S) and [20021231 W3C Software notice and license](http://www.w3.org/Consortium/Legal/2002/copyright-software-20021231)
+`ZLIB` |<bgcolor="#ffebbb"> No | Yes | [The zlib/libpng license](http://www.opensource.org/licenses/zlib-license.php)
+`Zope` | Yes | 2.0, 2.1 | Zope Public License. For versions, consult [Zope.org](http://www.zope.org/Resources/License/)
+"""]] 
+
+
+**Problematic Licenses**
+
+[[!table data="""
+**keyword** | **Version needed?** | **GPL compatible** | **meaning**
+`CC` | Yes |<bgcolor="#ffcccc"> No | [Creative Commons Attribution License](http://creativecommons.org/). You should not upload anything prior 3.x. Read [Debian Creative Commons Workgroup report](http://evan.prodromou.name/Debian_Creative_Commons_Workgroup_report) by Evan Prodromou. CC license can easily lead to repackaging; CC-licensed material that does not meet DFSG have to be removed. This license is neither GPL nor GFDL compatible
+`MIT` |<bgcolor="#ffebbb"> No | | Several variants of the MIT license exist: (1) the standard version with three paragraphs (blanket permission, keep this notice, NO WARRANTY), (2) a version with a no-endorsement clause, and (3) other versions with slight wording differences. *License notice text needs to be copied verbatim*
+`PD` |<bgcolor="#ffebbb"> No | | Being in the public domain is not a license. See Linux journal article ["Why the Public Domain Isn't a License"](http://www.linuxjournal.com/article/6225) by Lawrence Rosen. *License notice text needs to be copied verbatim*
+`PHP` | Yes |<bgcolor="#ffcccc"> No 3.01 | For versions, consult [PHP license](http://www.php.net/license). The PHP license may cause Debian FTP admin staff to [REJECT](http://ftp-master.debian.org/REJECT-FAQ.html) the package. The PHP license was designed for code contibuted to PHP language itself and not for developing PHP Web applications. It might be good idea to contact the author with suggestion to change to more safer LGPL or BSD license. See Debian mailing list threads [1](http://lists.debian.org/debian-legal/2005/08/msg00128.html), [2](http://lists.debian.org/debian-legal/2005/08/threads.html#00128), [3](http://lists.debian.org/debian-legal/2005/02/threads.html#00222), [4](http://lists.debian.org/debian-devel/2006/02/threads.html#00024), [5](http://lists.debian.org/debian-webapps/2006/04/threads.html#00008)
+`QPL` | Yes |<bgcolor="#ffcccc"> No 1.0 | For versions, consult [Trolltech](http://doc.trolltech.com). This is obsolete license for Qt. Suggest the author of the sources to study page [http://doc.trolltech.com/4.0/qpl.html](http://doc.trolltech.com/4.0/qpl.html)
+"""]] 
+
+**License keyword "other"**
+
+Examples of licenses not listed
+[OSI](http://www.opensource.org/licenses/alphabetical),
+[FSF](http://www.gnu.org/philosophy/license-list.html) pages. Should
+use License keyword `other`. The license notice is copied verbatim.
+
+[[!table data="""
+**License** |
+Erlang Public License
+The [Expat license](http://www.jclark.com/xml/copying.txt). This license is equivalent to what many people mean by "the MIT license" or "the MIT/X11 license", but those names are too ambiguous as there are multiple incompatible versions of an "MIT/X11 license" in the wild. For clarity, it is better to refer to "the Expat license" as that name refers only to these license terms.
+The LaTeX Project Public License. For versions, consult [Latex project](http://www.latex-project.org/lppl/). GPL-incompatible. Note that works under any version of the License often have additional restrictions attached; check carefully.
+"""]]
+
+#### Syntax
+License names are case-insensitive.
+
+The value of the field should follow the syntax of
+`debian/control`'s **`Depends`** field. The pipe character "|"
+is used for code that can be used under the terms of either licenses.
+The comma "," is used for code that must be used under the terms of both
+licenses (for rare cases where a single file contains code under both
+licenses).
+
+For instance, this is a simple, "GPL version 2 or later" field:
+
+		License: GPL-2+
+
+This is a dual-licensed GPL/Artistic work such as Perl:
+
+		License: GPL-2+ | Artistic-2.0
+
+This is for a file that has both GPL and classic BSD code in it:
+
+		License: GPL-2+, BSD-C2
+
+And this is for a file that has Perl code and classic BSD code in it:
+
+		License: GPL-2+ | Artistic-2.0, BSD-C3
+
+A GPL-2+ work with the OpenSSL exception is in effect a dual-licensed
+work that can be redistributed either under the GPL-2+, or under the
+GPL-2+ with the OpenSSL exception. It is thus expressed as
+`GPL-2+-BY-OpenSSL`:
+
+		License: GPL-2+-BY-OpenSSL
+		 In addition, as a special exception, the author of this
+		 program gives permission to link the code of its 
+		 release with the OpenSSL project's "OpenSSL" library (or
+		 with modified versions of it that use the same license as
+		 the "OpenSSL" library), and distribute the linked
+		 executables. You must obey the GNU General Public 
+		 License in all respects for all of the code used other 
+		 than "OpenSSL".  If you modify this file, you may extend
+		 this exception to your version of the file, but you are
+		 not obligated to do so.  If you do not wish to do so,
+		 delete this exception statement from your version.
+
+
+# Examples
+## Simple
+A possible `copyright` file for `xsol`:
+
+		Format-Specification: http://wiki.debian.org/Proposals/CopyrightFormat?action=recall&rev=143
+		Upstream-Name: X Solitaire
+		Upstream-Source: ftp://ftp.example.com/pub/games
+		Files: *
+		Copyright: Copyright 1998, John Doe <jdoe at example.com>
+		License: GPL-2+
+		 On Debian systems the full text of the GNU General Public 
+		 License can be found in the `/usr/share/common-licenses/GPL'
+		 file.
+		Files: debian/*
+		Copyright: Copyright 1998, Jane Smith <jsmith at example.net>
+		License: other
+		 [LICENSE TEXT]
+
+## Complex
+A possible `copyright` file for `planet-venus`:
+
+		Format-Specification: http://wiki.debian.org/Proposals/CopyrightFormat?action=recall&rev=178
+		Upstream-Name: Planet Venus
+		Upstream-Maintainer: John Doe <jdoe at example.com>
+		Upstream-Source: http://www.example.com/code/venus
+		Files: *
+		Copyright: Copyright 2008, John Doe <jdoe at example.com>
+		Copyright: Copyright 2007, Jane Smith <jsmith at example.org>
+		Copyright: Copyright 2007, Joe Average <joe at example.org>
+		Copyright: Copyright 2007, J. Random User <jr at users.example.com>
+		License: PSF-2
+		 [LICENSE TEXT]
+		Files: debian/*
+		Copyright: Copyright 2008, Dan Developer <dan at debian.example.com>
+		License: GAP
+		 Copying and distribution of this package, with or without
+		 modification, are permitted in any medium without royalty
+		 provided the copyright notice and this notice are
+		 preserved.
+		Files: debian/patches/theme-diveintomark.patch
+		Copyright: Copyright 2008, Joe Hacker <hack at example.org>
+		License: GPL-2+
+		 [LICENSE TEXT]
+		Files: planet/vendor/compat_logging/*
+		Copyright: Copyright 2002, Mark Smith <msmith at example.org>
+		License: MIT
+		 [LICENSE TEXT]
+		Files: planet/vendor/httplib2/*
+		Copyright: Copyright 2006, John Brown <brown at example.org>
+		License: other
+		 Unspecified MIT style license.
+		Files: planet/vendor/feedparser.py
+		Copyright: Copyright 2007, Mike Smith <mike at example.org>
+		License: PSF-2
+		 [LICENSE TEXT]
+		Files: planet/vendor/htmltmpl.py
+		Copyright: Copyright 2004, Thomas Brown <coder at example.org>
+		License: GPL-2+
+		 On Debian systems the full text of the GNU General Public
+		 License can be found in the `/usr/share/common-licenses/GPL'
+		 file.
+
+# References
+
+Early discussion of this document took place in the Debian wiki, at
+[http://wiki.debian.org/Proposals/Copyright](http://wiki.debian.org/Proposals/Copyright).

More information about the dep-commits mailing list