Hi, On Sat, Dec 28, 2019 at 09:49:22AM +0000, Sean Whitton wrote: > Hello, > > On Thu 26 Dec 2019 at 11:29am -05, Roberto C. Sánchez wrote: > > > One interesting thing about this is that I have often wondered if it > > would be beneficial to have checks on debian/copyright during the life > > of a package. Checking only once when a package first enters the Debian > > archive seems to leave open the rather likely possibility that some > > change in a future upstream release changes or adds some component > > license that should be documented in debian/copyright. I try to be > > diligent in this regard and even at times have found that I overlook > > things. > > Well, this is one of the reasons why source package which add new binary > packages end up in NEW again.
> The full source tree gets checked again at that point as if the source > package were completely new. Really? Why? So far I assumed that simple binary package renames due to shared library bumps or other API transitions where fast-tracked without full review, perhaps slightly less so for additions or split-offs of e.g. -data or -doc packages. Adding new binaries is an arbitrary (apart from the technical implementation reason in dak, of course) point in time to recheck a source package; even more so if this is due to external reasons (binary name changed to the external API changes, like a PostgreSQL major version transition). Maybe we should have a conversation about periodical rechecks, but packages like rdkit[1] languishing in NEW for almost two months and counting just because of a new PostgreSQL release is a bit depressing. Michael [1] https://ftp-master.debian.org/new/rdkit_201909.1-1.html