On Wednesday, January 22, 2025 6:52:34 PM MST Glenn Strauss wrote: > PLEASE NOTE: **none** of the issues you raised are reported on > https://tracker.debian.org/pkg/lighttpd
tracker.debian.org is a nice tool, but it does not contain a comprehensive list of all the problems with a package, particularly those that need human review to identify. > PLEASE NOTE: **all** of the issues you raised are present in the prior > lighttpd package. Why is this suddenly a blocker to release rather than > suggestions for a future release? Many Debian packages have problems that existed in previous releases. A RFS is a good time to identify and correct them. > > 3. Licenses [4]: Issue > > > > philwyett@ks-tarkin:~/Development/builder/debian/lighttpd$ lrc > > en: Versions: recon '3.4' check '3.3.9-1' > > > > Parsing Source Tree .... > > Reading d/copyright .... > > > > Missing Files: Paragraph for debian/ > > > > Running licensecheck .... > > > > d/copyright | licensecheck > > > > BSD-3-clause | GPL-1 debian/lighty-enable-mod > > > > File states: > > > > # You may distribute under the terms of either the GNU General Public > > # License[1] or the Artistic License[2]. > > This is not reported on https://tracker.debian.org/pkg/lighttpd I would not expect it to be. tracker.debian.org does not do any automatic checking of licensing information because it is too easy to hit false positives. > This is newly reported, as this file has been part of the lighttpd > debian package circa 2006. A lot of time licensing information is missed. One of the great things that Phil is doing is running lrc (licence recon, which is a relatively new tool that I don’t think was available in 2006) against every RFS package, which is illuminating a lot of tricky licensing issues. However, you should note that lrc is prone to a lot of false positives (because parsing licensing information is difficult, so it is not run automatically in places like tracker.debian.org. When you do find a false positive, you can override it similar to how you override incorrect lintian tags. For example: https://salsa.debian.org/soren/privacybrowser/-/blob/master/debian/lrc.config? ref_type=heads -- Soren Stoutner so...@debian.org
signature.asc
Description: This is a digitally signed message part.
