-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Paul Tagliamonte <paul...@debian.org> writes:
> On Mon, Sep 02, 2013 at 11:32:09PM +1000, Russell Sim wrote: >> Paul Tagliamonte <paul...@debian.org> writes: >> >> > I notice there's a mix of GPLv2 and Apache2 code in the same binary. >> > This combined work isn't distributable. It'd be super great to fix this >> > by getting upstream to move to GPLv3 or dropping the apache2 code (or >> > getting the copyright holders of the apache2 code to move to Expat or >> > similar) So I think that I have an answer to the GPLv2 and Apache2 incompatibilities. They have added a linking exception preamble to the license, so it's not a pure GPLv2 license, instead it's modified to make it more compatible[0]. "This is a custom license which in practical effects makes it more permissive than the LGPLv2, allowing redistribution of software linked against the library under all circumstances without having to disclose its source code." >> I have also found that I missed an update to the license that happened >> in 0.19.0. It was a new reference to the PHP 3.01 license. From my >> understanding it's also incompatible with the GPLv2 and GPLv3. >> >> I'll send a message upstream regarding these issues. In the mean time >> is there an action I should take regarding the package, it's currently >> in experimental, will it need to be removed from the archive? I have raised this with the upstream developers, and they are trying to remove the PHP code and are also seeking legal advice[1]. It also seems that I was mistaken, the PHP license was added to the code in the master branch, it's not in the 0.19.0 release. But they are still trying to workout the origin of the code. So it may have been mistakenly identified as being from the PHP code base. The code in question appears in the 0.19.0 release but it's only used for windows compatibility. I can remove it with a patch, so as to be sure it's not included in the binary? > Yeah, if you wouldn't mind a RoM, we can introduce it after upstream > gives folks the ability to, well, distribute the binaries :) Hehe, well I think this PHP license thing is probably the biggest problem now, perhaps we should wait until they actually figure out where the got it from. Cheers, Russell 0. https://github.com/libgit2/libgit2/issues/567 1. https://github.com/libgit2/libgit2/pull/1789 -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.14 (GNU/Linux) iQEcBAEBAgAGBQJSKSM7AAoJEKPQMr0n6UoaK3oH/2WZkDdseoeSkIjyIyvQptgm 7u7Seg4gTPJnSsiUZNfe91Vht9pCzjtq6gU1WpChWvJde7/zSFTCd0H+gelsuJcC IPn0DNk8CpJG5Mqc/CzjfzYtxFZP6rlhTPKjsw2JWjHRYoNQwtkJHAogMRr10/om vJHiTe9gJz9IJDjE2RFazQwg5mUqJj+N7P5lqOsiquCKd6VXadaJnGQbE3m+nz12 80uOox5c/QYKt61bZqSxfr3ZU86+AeOUX2uYDe3ayM1e+O6ckmTM4jomuVSHEhWo xNoPFneFiiuA9VPWavFhVYHFCVaAXbZPRjYKsEafjNeVz3bJQ27rP705rsDw6T4= =xwO3 -----END PGP SIGNATURE----- -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
