On Fri, Sep 06, 2013 at 10:35:07AM +1000, Russell Sim wrote: > -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA1 > > Paul Tagliamonte <paul...@debian.org> writes: > > > On Mon, Sep 02, 2013 at 11:32:09PM +1000, Russell Sim wrote: > >> Paul Tagliamonte <paul...@debian.org> writes: > >> > >> > I notice there's a mix of GPLv2 and Apache2 code in the same binary. > >> > This combined work isn't distributable. It'd be super great to fix this > >> > by getting upstream to move to GPLv3 or dropping the apache2 code (or > >> > getting the copyright holders of the apache2 code to move to Expat or > >> > similar) > > So I think that I have an answer to the GPLv2 and Apache2 > incompatibilities. They have added a linking exception preamble to the
Erm, I just read this. This seems like it'd work :) > license, so it's not a pure GPLv2 license, instead it's modified to make > it more compatible[0]. > > "This is a custom license which in practical effects makes it more > permissive than the LGPLv2, allowing redistribution of software linked > against the library under all circumstances without having to disclose > its source code." > > >> I have also found that I missed an update to the license that happened > >> in 0.19.0. It was a new reference to the PHP 3.01 license. From my > >> understanding it's also incompatible with the GPLv2 and GPLv3. > >> > >> I'll send a message upstream regarding these issues. In the mean time > >> is there an action I should take regarding the package, it's currently > >> in experimental, will it need to be removed from the archive? > > I have raised this with the upstream developers, and they are trying to > remove the PHP code and are also seeking legal advice[1]. It also seems > that I was mistaken, the PHP license was added to the code in the master > branch, it's not in the 0.19.0 release. But they are still trying to > workout the origin of the code. So it may have been mistakenly > identified as being from the PHP code base. > > The code in question appears in the 0.19.0 release but it's only used > for windows compatibility. I can remove it with a patch, so as to be > sure it's not included in the binary? > > > Yeah, if you wouldn't mind a RoM, we can introduce it after upstream > > gives folks the ability to, well, distribute the binaries :) > > Hehe, well I think this PHP license thing is probably the biggest > problem now, perhaps we should wait until they actually figure out where > the got it from. > > Cheers, > Russell > > 0. https://github.com/libgit2/libgit2/issues/567 > 1. https://github.com/libgit2/libgit2/pull/1789 > -----BEGIN PGP SIGNATURE----- > Version: GnuPG v1.4.14 (GNU/Linux) > > iQEcBAEBAgAGBQJSKSM7AAoJEKPQMr0n6UoaK3oH/2WZkDdseoeSkIjyIyvQptgm > 7u7Seg4gTPJnSsiUZNfe91Vht9pCzjtq6gU1WpChWvJde7/zSFTCd0H+gelsuJcC > IPn0DNk8CpJG5Mqc/CzjfzYtxFZP6rlhTPKjsw2JWjHRYoNQwtkJHAogMRr10/om > vJHiTe9gJz9IJDjE2RFazQwg5mUqJj+N7P5lqOsiquCKd6VXadaJnGQbE3m+nz12 > 80uOox5c/QYKt61bZqSxfr3ZU86+AeOUX2uYDe3ayM1e+O6ckmTM4jomuVSHEhWo > xNoPFneFiiuA9VPWavFhVYHFCVaAXbZPRjYKsEafjNeVz3bJQ27rP705rsDw6T4= > =xwO3 > -----END PGP SIGNATURE----- -- .''`. Paul Tagliamonte <paul...@debian.org> : :' : Proud Debian Developer `. `'` 4096R / 8F04 9AD8 2C92 066C 7352 D28A 7B58 5B30 807C 2A87 `- http://people.debian.org/~paultag
signature.asc
Description: Digital signature
