Am Montag, den 10.10.2016, 21:48 +0200 schrieb Bastien ROUCARIES: > On Mon, Oct 10, 2016 at 8:30 PM, Tobias Frost <t...@debian.org> > wrote: > > Dear Developers, > > > > while packaging an updated version of one of my packages which > > included > > now rapidjson I became aware that this library includes the test > > suite > > date of http://json.org/JSON_checker/. While there is no license on > > the > > testsuite.zip, json_checker is licensed by json.org with the > > infamous > > clause "The Software shall be used for Good, not Evil." > > and I believe the testdata is covered under the same license "best > > case", (worst case not licensed at all. > > > > For rapidjson [1] I filed #840333, but afterwards I checked also > > codesearch.debian.net for one of the testcases [2] and found many > > packages including it verbatim. > > > > I'm not sure if my assessment is right and we have a DFSG problem > > here, > > but if so, I guess this should be handled by extending the existing > > lintian error. > > > With my lintian maint hat, they are here two approach: > - autoreject based on md5sum and sha1 > - autoreject based on regexp > > Do you have better signature than this file ?
The testsuite data are in total 36 (mostly) small files, so I guess the hashes would work, maybe with an additional indicator if more than one file in the set is found. The zip is here: http://json.org/JSON_checker/test.zip a git repo for convenient browsing them here: https://github.com/miloyip/rapidjson/tree/master/bin/jsonchecker > > > > Thoughts? > > > > > > [1] (where upstream is aware of it and later versions recommend to > > remove the testsuite) > > [1] https://codesearch.debian.net/search?q=%22Extra+comma%22%3A+tru > > e%2C > > +path%3Afail9.json&perpkg=1 > > > > > > -- > > tobi > > > -- tobi
signature.asc
Description: This is a digitally signed message part
