Re: How to deal with "assets" packages shadowing real upstream
On Saturday 27 February 2016 12:29 AM, Jonas Smedegaard wrote:
> ¹ bug#809977 requests adding node-handlebars to src:libjs-handlebars (to
> cover not only browser but also server-side use), but package maintainer
> chose to instead package libjs-handlebars from a Ruby bundling
> (re)source (see changelog entry for ruby-handlebars-assets 2:0.20.1-3,
> written some months after bug#809977).
>
I did not see this bug when I updated libjs-handlebars (so it was not
_instead_ of fixing).
In this particular case, maintaining one single package was considered
better than maintaining 3 source packages. If I had seen that bug before
the source packages were combined, the justification of less maintenance
would not have been there.
Adding more source package adds to the burden of maintenance. IMHO, it
makes sense to reduce source packages if there is only a ruby package
using the js package. If more packages needs the js package, then
maintaining separate source packages is justified.
And the the upload that used ruby-handlebars-assets as source for
libjs-handlebars was on Tue, 07 Apr 2015 19:51:22 +0530 but #809977 was
filed on 5 Jan 2016 01:12:12 UTC. So I don't think it is fair to say the
choosing to use the rubygem provided copy was instead of adding
node-handlebars. ("written some months after bug#809977"). No malice was
intended as is is made out to be.
I just uploaded a separate libjs-handlebars pcakage which provides
node-handlebars, libjs-handlebars and libjs-handlebars.runtime binary
packages.
signature.asc
Description: OpenPGP digital signature
Re: debian-www / debian-doc teams no longer responsive [Was: Re: Bad release in install documentation]
Hi, Laura Arjona Reina wrote: > I'm in debwww since some days ago and this is one of the things I wanted to > look at, but couldn't put time yet. > I hope I can have a look at it in the following days. > That would be fine indeed. While I think about, if recruting new people to the team wouldn't make sense, nevertheless. As said above, debian-www and debian-doc seem not very responsive ATM ... Holger -- Created with Sylpheed 3.5.0 under D E B I A N L I N U X 8 . 0 " J E S S I E " . Registered Linux User #311290 - https://linuxcounter.net/
Bug#817024: ITP: cmor-tables -- MIP tables for the Climate Model Output Rewriter library
Package: wnpp Severity: wishlist Owner: Alastair McKinstry * Package name: cmor-tables Version : 1.0 Upstream Author : Laurence Livermore Labs (LLNL), PCMDI * URL : https://github.com/PCMDI/ * License : Public Programming Lang: None/XML Description : MIP tables for the Climate Model Output Rewriter library This package contains tables for use with CMOR that describe the variables and format of data needed for the CMIP "Coupled Model Intercomparison Project". . CMOR software uses these tables to verify that output is valid. This package is a follow-on and replacement to cmip5-cmor-tables, currently in Debian, and adds CMIP6 and other tables. The tables are copyright but publically available with license text from LLNL provided in the previous package.
Re: How to deal with "assets" packages shadowing real upstream
Hi Praveen,
Quoting Pirate Praveen (2016-03-07 10:27:31)
> On Saturday 27 February 2016 12:29 AM, Jonas Smedegaard wrote:
>> ¹ bug#809977 requests adding node-handlebars to src:libjs-handlebars
>> (to cover not only browser but also server-side use), but package
>> maintainer chose to instead package libjs-handlebars from a Ruby
>> bundling (re)source (see changelog entry for ruby-handlebars-assets
>> 2:0.20.1-3, written some months after bug#809977).
>>
>
> I did not see this bug when I updated libjs-handlebars (so it was not
> _instead_ of fixing).
>
> In this particular case, maintaining one single package was considered
> better than maintaining 3 source packages. If I had seen that bug
> before the source packages were combined, the justification of less
> maintenance would not have been there.
>
> Adding more source package adds to the burden of maintenance. IMHO, it
> makes sense to reduce source packages if there is only a ruby package
> using the js package. If more packages needs the js package, then
> maintaining separate source packages is justified.
>
> And the the upload that used ruby-handlebars-assets as source for
> libjs-handlebars was on Tue, 07 Apr 2015 19:51:22 +0530 but #809977
> was filed on 5 Jan 2016 01:12:12 UTC. So I don't think it is fair to
> say the choosing to use the rubygem provided copy was instead of
> adding node-handlebars. ("written some months after bug#809977"). No
> malice was intended as is is made out to be.
I do not blame you for malicious intend, and apopogize if my choice of
words made it look that way.
What I do "blame" you for is choosing a pragmatic approach which I
believe we should generally not do in Debian, which is the reason I
raised the question here on -devel - generalized, with your case only as
an example.
Thanks for your clarifications - they seem to confirm that you were,
and still intend to be, pragmatic - e.g. track the real upstream only
when strongly encouraged to do so.
> I just uploaded a separate libjs-handlebars pcakage which provides
> node-handlebars, libjs-handlebars and libjs-handlebars.runtime binary
> packages.
Thanks.
The general concern of mine still stand: I feel that we in Debian should
use alternate source only in special situations, not as a convenience.
- Jonas
--
* Jonas Smedegaard - idealist & Internet-arkitekt
* Tlf.: +45 40843136 Website: http://dr.jones.dk/
[x] quote me freely [ ] ask before reusing [ ] keep private
signature.asc
Description: signature
Bug#817028: RFP: dolphin -- [SHORT DESCRIPTION]
Package: wnpp Severity: wishlist X-Debbugs-CC: debian-devel@lists.debian.org --- Please fill out the fields below. --- Hello, As in the subject, Copy/Paste with folders works well among different windows of Dolphin, but has problems when trying to perform the same action between two panels in split view. To activate the bug you must change in someway the content inside a folder and then try to C/P it somewhere. The workaround is to force refresh of the view (press F5). Valerio Package name: dolphin Version: 4:15.08.3-1 Upstream Author: [NAME ] URL: [http://example.com] License: [GPL, LGPL, BSD, MIT/X, etc.] Description: [DESCRIPTION] -- Valerio
Re: How to deal with "assets" packages shadowing real upstream
On Monday 07 March 2016 03:59 PM, Jonas Smedegaard wrote: > Thanks for your clarifications - they seem to confirm that you were, > and still intend to be, pragmatic - e.g. track the real upstream only > when strongly encouraged to do so. > I don't think there is much benefit to enforce this rule for every case than increase the burden of maintaining already challenging rails packages. There is neither duplication of code, nor bit rot here. The js code is separated as its own package and the its corresponding rubygem is regularly updated. In case of rails-assets-* gems, they are auto-generated from their bower packages and the security concern would be only about rails-assets.org service. In case of diaspora, the rails-assets-* (there are more wrapper packages than this) packages it needs are, ruby-rails-assets-diaspora-jsxc (>= 0.1.4~), ruby-rails-assets-jquery-colorbox (>= 1.6.3~), ruby-rails-assets-favico.js (>= 0.3.9~dfsg-2~), ruby-rails-assets-jquery-fullscreen-plugin, ruby-rails-assets-jquery, ruby-rails-assets-markdown-it (>= 5.0.2~), ruby-rails-assets-markdown-it-hashtag (>= 0.4.0~), ruby-rails-assets-markdown-it-diaspora-mention (>= 0.4.0~), ruby-rails-assets-markdown-it-sanitizer (>= 0.4.1~), ruby-rails-assets-markdown-it--markdown-it-for-inline, ruby-rails-assets-markdown-it-sub, ruby-rails-assets-markdown-it-sup, ruby-rails-assets-highlightjs (>= 8.9.1~), ruby-rails-assets-jeresig-jquery.hotkeys (>= 0.2.0-3~), ruby-rails-assets-jquery-idletimer, ruby-rails-assets-jquery-placeholder (>= 2.1.3~), ruby-rails-assets-jquery-textchange, ruby-rails-assets-perfect-scrollbar (>= 0.6.7~), ruby-rails-assets-perfect-scrollbar (<< 0.7), ruby-rails-assets-jakobmattsson-jquery-elastic, Out of the 20 packages listed here, 9 of the corresponding js packages have only the ruby-rails-assets as reverse dependencies. ruby-rails-assets-jquery-colorbox some and ruby-rails-assets-jquery has many reverse dependencies. Others are likely to be used by diaspora only. If someone volunteers to package original upstream, I'd be happy to use them instead. signature.asc Description: OpenPGP digital signature
Re: How to deal with "assets" packages shadowing real upstream
Quoting Jonas Smedegaard (2016-02-27 13:08:37) >> 2. Needless forking is bad. There is no consent on what is >>"needless" though. My point is that having multiple copies of a >>thing that are all treated as source leads to problems. In >>Debian, we recognize that and one effect of that is that we don't >>want bundled libraries in packages. In the greater free software >>community, not everyone sees it this way. Having this opinion in >>Debian, I think we should use our influence to try to push >>upstreams the right way. That means we should package real >>upstream if there are multiple sources to choose from. Another >>reason for doing this is that future code duplication in Debian is >>automatically prevented. In your example: if someone needs the >>serverside version of the package, they would package >>node-handlebars and then we have two versions of the code in >>Debian. If the real upstream was used to begin with, that problem >>would have been avoided. > > Right. That is the issue. Question I raise is how to deal with it? > > I agree with you that the real upstream should be used when possible - > but is that just the personal opinion of two Debian developers which > should not be imposed on others (read: at most file wishlist > bugreports) or do we have rough consensus in Debian to make it into > Policy, so that issues of that kind can be treated as more severe > bugs? Oh - I just discovered that this _is_ covered by Policy §4.13 already. I will file severe bugreports whenever I stumble upon this kindof issue in the future. Thanks for helping out! - Jonas -- * Jonas Smedegaard - idealist & Internet-arkitekt * Tlf.: +45 40843136 Website: http://dr.jones.dk/ [x] quote me freely [ ] ask before reusing [ ] keep private signature.asc Description: signature
Bug#817048: ITP: jo -- command-line processor to output JSON from a shell
Package: wnpp
Severity: wishlist
Owner: Vincent Bernat
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
* Package name: jo
Version : git snapshot
Upstream Author : Jan-Piet Mens
* URL : https://github.com/jpmens/jo
* License : GPL-2+
Programming Lang: C
Description : command-line processor to output JSON from a shell
jo creates a JSON string on stdout from words given it as arguments
or read from stdin. It can generate both arrays and objects. Here is
a short example:
.
$ jo -p name=jo n=17 parser@0
{
"name": "jo",
"n": 17,
"parser": false
}
-BEGIN PGP SIGNATURE-
Version: GnuPG v1
iQIcBAEBCAAGBQJW3ZvvAAoJEJWkL+g1NSX5rnUP/2E8wZnnKAHLwKcfzpi9SHwU
qS3y/p8RMbf1d2N3uC5O05lZE914ookA0T9xOL/gGaqMWyvG8PORcTkpq0SFegxo
sUakv7UaDseAhBPos8Il3GIRLSa1JOBWoqDvivXV85c1thT42cifpTVPDX/2IBqc
Bb6wA7tTThfn6Pmde3OSskqiarcVPHOwcHJFUqR5w1f+BUOCtjUGpqpAN6vAitcj
YcVnGVhvBj/Y81uCc3snGyZWILApG2opL7z7tJrejV7mAgCjACkf/2knGmzUywtQ
0Sl4LWS5uJzWUKvjqg58eE8GU3t0NlZ78l5XV8bPFjzqhVRYLrM1+qqhU2/jcLup
DvA3F76NvvKuKG7KrFoWC/WmQojN3C+TgaTmKsYAh42JeySGcvwCLf5Eoi5Aicft
M/TqjiT1R+EBdqO/4TMg93AQ+GlLv2dU1FgYe19XJ6a9RPfTiVhcgJAtLB+mx3mQ
OYZDga+COjAe22zpI3/6N2yFs+rI3axyIaP/Ban/RIOGpQQDXRuFf4nNZx2x/aei
+SXqilXj6f3GQ/mhQglxH1tCVGMfuXEqgkChUZJhC79t2v0gq4B8KPsLFHrqMmOH
1qtcKH9SUmSNiQ49ZfFC3wHrVU/mcsTDHJbpS4BMKFaT2dxMvHv54qY3qz+D5Jgr
xA9dZgZB0+t/0jqTb4oX
=j6Co
-END PGP SIGNATURE-
RFH: Breaks (<< $version) for moving conffiles vs. dpkg updating package version too early?
Hi,
I've re-built a version of libirt, which has:
> Package: libvirt-daemon-system
> Replaces: libvirt-bin (<< 1.2.7-4~)
> Conflicts: libvirt-bin (<< 1.2.6-1~)
...
> Package: libvirt-bin
> Depends: libvirt-daemon-system (>= ${binary:Version}),
The old "libvirt-bin" package (0.9.12-5) contained
"/etc/default/libvirt-guests", which got moved to
"libvirt-daemon-system" for 1.2.7, thus the "Replaces".
During the package upgrade "dpkg" complains about the file still being
owned by "libvirt-bin" and prevents "libvirt-daemon-system" from taking
over the file
> Entpacken von libvirt-daemon-system (aus
> .../libvirt-daemon-system_1.2.7-11_amd64.deb) ...
> dpkg: Fehler beim Bearbeiten von
> /var/cache/apt/archives/libvirt-daemon-system_1.2.7-11_amd64.deb (--unpack):
> Versuch, »/etc/default/libvirt-guests« zu überschreiben, welches auch in
> Paket libvirt-bin 1.2.7-11 ist
Reading /var/log/dpkg.log I see:
> 2016-03-07 15:39:04 upgrade libvirt-bin:amd64 0.9.12-5 1.2.7-11
> 2016-03-07 15:39:04 status half-configured libvirt-bin:amd64 0.9.12-5
> 2016-03-07 15:39:04 status unpacked libvirt-bin:amd64 0.9.12-5
> 2016-03-07 15:39:04 status half-installed libvirt-bin:amd64 0.9.12-5
> 2016-03-07 15:39:04 status half-installed libvirt-bin:amd64 0.9.12-5
> 2016-03-07 15:39:04 status half-installed libvirt-bin:amd64 0.9.12-5
> 2016-03-07 15:39:04 status unpacked libvirt-bin:amd64 1.2.7-11
> 2016-03-07 15:39:04 status unpacked libvirt-bin:amd64 1.2.7-11
> 2016-03-07 15:39:04 install libvirt-clients:amd64 1.2.7-11
> 2016-03-07 15:39:04 status half-installed libvirt-clients:amd64 1.2.7-11
> 2016-03-07 15:39:04 status half-installed libvirt-clients:amd64 1.2.7-11
> 2016-03-07 15:39:04 status unpacked libvirt-clients:amd64 1.2.7-11
> 2016-03-07 15:39:04 status unpacked libvirt-clients:amd64 1.2.7-11
> 2016-03-07 15:39:10 install libvirt-daemon:amd64 1.2.7-11
> 2016-03-07 15:39:10 status half-installed libvirt-daemon:amd64 1.2.7-11
> 2016-03-07 15:39:10 status half-installed libvirt-daemon:amd64 1.2.7-11
> 2016-03-07 15:39:10 status unpacked libvirt-daemon:amd64 1.2.7-11
> 2016-03-07 15:39:10 status unpacked libvirt-daemon:amd64 1.2.7-11
> 2016-03-07 15:39:10 install libvirt-daemon-system:amd64 1.2.7-11
> 2016-03-07 15:39:10 status half-installed libvirt-daemon-system:amd64 1.2.7-11
> 2016-03-07 15:39:10 status not-installed libvirt-daemon-system:amd64
> 2016-03-07 15:39:10 upgrade libvirt0:amd64 0.9.12-5 1.2.7-11
> 2016-03-07 15:39:10 status half-configured libvirt0:amd64 0.9.12-5
> 2016-03-07 15:39:10 status unpacked libvirt0:amd64 0.9.12-5
> 2016-03-07 15:39:10 status half-installed libvirt0:amd64 0.9.12-5
> 2016-03-07 15:39:10 status half-installed libvirt0:amd64 0.9.12-5
> 2016-03-07 15:39:10 status unpacked libvirt0:amd64 1.2.7-11
> 2016-03-07 15:39:10 status unpacked libvirt0:amd64 1.2.7-11
> 2016-03-07 15:39:11 configure libvirt0:amd64 1.2.7-11
> 2016-03-07 15:39:11 status unpacked libvirt0:amd64 1.2.7-11
> 2016-03-07 15:39:11 status half-configured libvirt0:amd64 1.2.7-11
> 2016-03-07 15:39:11 status installed libvirt0:amd64 1.2.7-11
> 2016-03-07 15:39:13 configure libvirt-clients:amd64 1.2.7-11
> 2016-03-07 15:39:13 status unpacked libvirt-clients:amd64 1.2.7-11
> 2016-03-07 15:39:13 status unpacked libvirt-clients:amd64 1.2.7-11
> 2016-03-07 15:39:13 status unpacked libvirt-clients:amd64 1.2.7-11
> 2016-03-07 15:39:13 status half-configured libvirt-clients:amd64 1.2.7-11
> 2016-03-07 15:39:13 status installed libvirt-clients:amd64 1.2.7-11
> 2016-03-07 15:39:13 configure libvirt-daemon:amd64 1.2.7-11
> 2016-03-07 15:39:13 status unpacked libvirt-daemon:amd64 1.2.7-11
> 2016-03-07 15:39:13 status half-configured libvirt-daemon:amd64 1.2.7-11
> 2016-03-07 15:39:13 status installed libvirt-daemon:amd64 1.2.7-11
> 2016-03-07 15:40:12 install libvirt-daemon-system:amd64 1.2.7-11
> 2016-03-07 15:40:12 status half-installed libvirt-daemon-system:amd64 1.2.7-11
> 2016-03-07 15:40:12 status not-installed libvirt-daemon-system:amd64
Looking into "/var/lib/dpkg/status" I see:
> Package: libvirt-bin
> Status: install ok unpacked
> Version: 1.2.7-11
> Config-Version: 0.9.12-5
To me it looks like dpkg already uses the *new* version "1.2.7-11" of
"libvirt-bin" after unpacking, which prevent the "Replaces << 1.2.7-4"
of "libvirt-daemon-system" from being allowed.
Is this a know bug (of dpkg) or did I misunderstand anything?
dpkg1.16.16
Thanks in advance.
Philipp
PS: To my understanding the "Conflicts" should be changed to "Breaks",
but that's another issue.
Bug#817052: ITP: python-requests-unixsocket -- use requests to talk HTTP via a UNIX domain socket
Package: wnpp Severity: wishlist Owner: Thomas Goirand * Package name: python-requests-unixsocket Version : 0.1.5 Upstream Author : Marc Abramowitz * URL : https://github.com/msabramo/requests-unixsocket * License : Apache-2.0 Programming Lang: Python Description : use requests to talk HTTP via a UNIX domain socket The requests-unixsocket makes it possible to talk using the HTTP protocol via a UNIX domain socket. Internally, requests-unixsocket uses monkeypatching to use the functionality of requests while making minimal changes. . Requests allow you to send HTTP/1.1 requests. You can add headers, form data, multipart files, and parameters with simple Python dictionaries, and access the response data in the same way. It's powered by httplib and urllib3, but it does all the hard work and crazy hacks for you.
Bug#817056: ITP: python-typing -- Type Hints for Python
Package: wnpp Severity: wishlist Owner: Debian Med team * Package name: python-typing Version : 3.5.0.1 Upstream Author : Guido van Rossum, Jukka Lehtosalo, Łukasz Langa * URL : https://docs.python.org/3.5/library/typing.html * License : Python 2.0 Programming Lang: Python Description : Type Hints for Python This is a backport of the standard library typing module to Python versions older than 3.5. Typing defines a standard notation for Python function and variable type annotations. The notation can be used for documenting code in a concise, standard format, and it has been designed to also be used by static and runtime type checkers, static analyzers, IDEs and other tools. This is a new dependency for python-schema-salad, and will be for any other Py2/Py3 package that contains typing hints. It will be maintained by the Debian-Med team but I'm happy to hand it over to other interested parties.
Can "PDB" license be considered free ?
Hi All, I am going to package a software with pdb files in the test suite and I wonder if the license below can be considered free. ftp://ftp.wwpdb.org/pub/pdb/advisory.txt http://www.rcsb.org/pdb/static.do?p=general_information/about_pdb/policies_references.html Thank you, Alex
Re: Can "PDB" license be considered free ?
Alex Mestiashvili writes: > I am going to package a software with pdb files in the test suite and > I wonder if the license below can be considered free. For reference in the discussion and for later reference, it helps to have the license text directly in a message. > ftp://ftp.wwpdb.org/pub/pdb/advisory.txt At the time of this message, that URL responds with the following text: = ADVISORY NOTICE FOR USE OF THE PDB ARCHIVE By using the materials available in this archive, the user agrees to abide by the following conditions: * The archival data files in the PDB archive are made freely available to all users. Data files within the archive may be redistributed in original form without restriction. Redistribution of modified data files using the same file name as is on the FTP server is prohibited. The rules for file names are detailed at http://www.wwpdb.org/wwpdb_charter.html. * Data files containing PDB content may incorporate the PDB 4-letter entry name (e.g. 1ABC) in standard PDB records only if they are exactly the same as what is residing in the PDB archive. This does not prevent databases from including PDB entry_id's as cross-references where it is clear that they refer to the PDB archive. PDB records refer to the standard PDB format. The distribution of modified PDB data including the records HEADER, CAVEAT, REVDAT, SPRSDE, DBREF, SEQADV, and MODRES in PDB format and their mmCIF and XML equivalents is not allowed. * The user assumes all responsibility for insuring that intellectual property claims associated with any data set deposited in the PDB archive are honored. It should be understood that the PDB data files do not contain any information on intellectual property claims with the exception in some cases of a reference for a patent involving the structure. * Any opinion, findings, and conclusions expressed in the PDB archive by the authors/contributors do not necessarily reflect the views of the wwPDB. * The data in the PDB archive are provided on an "as is" basis. The wwPDB nor its comprising institutions cannot be held liable to any party for direct, indirect, special, incidental, or consequential damages, including lost profits, arising from the use of PDB materials. * Resources on this site are provided without warranty of any kind, either expressed or implied. This includes but is not limited to merchantability or fitness for a particular purpose. The institutions managing this site make no representation that these resources will not infringe any patent or other proprietary right. = -- \ “Facts do not cease to exist because they are ignored.” —Aldous | `\Huxley | _o__) | Ben Finney
Bug#787311: RFP: python-flask-oldsessions -- legacy sessions for Flask
Package: wnpp Followup-For: Bug #787311 Owner: Ximin Luo Control: retitle -1 ITP: python-flask-oldsessions Hi, I'm going to package this, based on the stub from python-stdeb
Re: Bug#817056: ITP: python-typing -- Type Hints for Python
On Monday, March 07, 2016 09:01:30 AM Michael R. Crusoe wrote: > Package: wnpp > Severity: wishlist > Owner: Debian Med team > > * Package name: python-typing > Version : 3.5.0.1 > Upstream Author : Guido van Rossum, Jukka Lehtosalo, Łukasz Langa > * URL : > https://docs.python.org/3.5/library/typing.html * License : Python > 2.0 > Programming Lang: Python > Description : Type Hints for Python > > This is a backport of the standard library typing module to Python > versions older than 3.5. > > Typing defines a standard notation for Python function and variable > type annotations. The notation can be used for documenting code in a > concise, standard format, and it has been designed to also be used by > static and runtime type checkers, static analyzers, IDEs and other > tools. > > This is a new dependency for python-schema-salad, and will be for any other > Py2/Py3 package that contains typing hints. It will be maintained by the > Debian-Med team but I'm happy to hand it over to other interested parties. Please only package this for python(2). We are in the process of dropping python3.4, so a python3 package isn't needed. Scott K
Re: Can "PDB" license be considered free ?
> The distribution of modified PDB data including the records HEADER, CAVEAT, > REVDAT, SPRSDE, DBREF, SEQADV, and MODRES in PDB format and their mmCIF and > XML equivalents is not allowed. I'm not sure what the PDB format is, so I might be wrong, but my intuition is that trying to stop people from distributing data in a certain file format would be non-free. pgpqoqpl4y3Gv.pgp Description: PGP signature
Re: Can "PDB" license be considered free ?
Hi Riley, On 07/03/2016 19:20, Riley Baird wrote: The distribution of modified PDB data including the records HEADER, CAVEAT, REVDAT, SPRSDE, DBREF, SEQADV, and MODRES in PDB format and their mmCIF and XML equivalents is not allowed. I'm not sure what the PDB format is, so I might be wrong, but my intuition is that trying to stop people from distributing data in a certain file format would be non-free. We had this discussion some years back about SwissProt protein sequence entries included as test data in EMBOSS. We also have PDB files in the EMBOSS test data. The conclusion was that scientific data (SwissProt, PDB, etc.) are scientific facts and it is not reasonable to require permission to change them. The license says you may not alter the entries in the PDB database (text file) and redistribute it in any of its original formats - because PDB releases must only come from the curators of the database. It may help to consider an equivalent in another field. Imagine an open source package that included a copy of the Declaration of Independence. It would not be reasonable to insist on permission to change the text, for example to add a phrase from Animal Farm ... "but some are more equal than others" Hope that helps, Peter Rice
Re: Can "PDB" license be considered free ?
Hi, > * The user assumes all responsibility for insuring that intellectual > property claims associated with any data set deposited in the PDB > archive are honored. It should be understood that the PDB data files > do not contain any information on intellectual property claims with > the exception in some cases of a reference for a patent involving the > structure. I.e. on one hand the user would have to hunt down the IP information to see whether she can use the pdb files at all, and on the other had, there seem to be parts that are covered by patents for which a user would probably need to acquire an additional license. Would this not conflict with the DFSG 7? "The rights attached to the program must apply to all to whom the program is redistributed without the need for execution of an additional license by those parties." Best, Gert https://www.debian.org/social_contract
Re: Can "PDB" license be considered free ?
On Mon, 07 Mar 2016, Peter Rice wrote: > We had this discussion some years back about SwissProt protein > sequence entries included as test data in EMBOSS. We also have PDB > files in the EMBOSS test data. > > The conclusion was that scientific data (SwissProt, PDB, etc.) are > scientific facts and it is not reasonable to require permission to > change them. This isn't true; there are loads of reasons to change sequences and structural models of proteins. Protein sequences are just based on references which have inaccuracies and do not represent ancestral sequences or the true variation present in real populations; in my lab we modify UniProt sequences and redistribute those modifications in publications all of the time. PDB files are also just the current model of a particular crystallization of a particular set of molecules. It's pretty standard practice to modify them using simulations to account for different binding partners and assemblies. [I've published the PDB files containing these modifications, for example.] All of that said, because PDB and UniProt files are not works of authorship, they likely do not qualify for copyright protection in the US, so the licensing terms can largely be ignored. However, that may not be true of other jurisdictions. -- Don Armstrong http://www.donarmstrong.com It is easier to build strong children than to repair broken men. -- Frederick Douglass
Re: Bug#817056: ITP: python-typing -- Type Hints for Python
That was my plan. Though I just realized that I don't need this if I switch to building only the Python 3 version of schema-salad-tool so I am likely to close this ITP. The package is at git+ssh://git.debian.org/git/debian-med/python-typing.git if anyone is interested. On Mon, Mar 7, 2016 at 7:38 PM, Scott Kitterman wrote: > On Monday, March 07, 2016 09:01:30 AM Michael R. Crusoe wrote: > > Package: wnpp > > Severity: wishlist > > Owner: Debian Med team > > > > * Package name: python-typing > > Version : 3.5.0.1 > > Upstream Author : Guido van Rossum, Jukka Lehtosalo, Łukasz Langa > > * URL : > > https://docs.python.org/3.5/library/typing.html * License : > Python > > 2.0 > > Programming Lang: Python > > Description : Type Hints for Python > > > > This is a backport of the standard library typing module to Python > > versions older than 3.5. > > > > Typing defines a standard notation for Python function and variable > > type annotations. The notation can be used for documenting code in a > > concise, standard format, and it has been designed to also be used by > > static and runtime type checkers, static analyzers, IDEs and other > > tools. > > > > This is a new dependency for python-schema-salad, and will be for any > other > > Py2/Py3 package that contains typing hints. It will be maintained by the > > Debian-Med team but I'm happy to hand it over to other interested > parties. > > Please only package this for python(2). We are in the process of dropping > python3.4, so a python3 package isn't needed. > > Scott K > -- Michael R. Crusoe CWL Community Engineer cru...@ucdavis.edu Common Workflow Language projectUniversity of California, Davis https://impactstory.org/MichaelRCrusoe http://twitter.com/biocrusoe
Re: Can "PDB" license be considered free ?
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On Mon, Mar 07, 2016 at 04:38:55PM -0600, Don Armstrong wrote: > On Mon, 07 Mar 2016, Peter Rice wrote: > > The conclusion was that scientific data (SwissProt, PDB, etc.) are > > scientific facts and it is not reasonable to require permission to > > change them. > > This isn't true; there are loads of reasons to change sequences and > structural models of proteins. Protein sequences are just based on > references which have inaccuracies and do not represent ancestral > sequences or the true variation present in real populations; in my lab > we modify UniProt sequences and redistribute those modifications in > publications all of the time. Note that this text only says that if you modify things, you're required to change the name. In other words, they are protecting the terminology, so when you use a certain code, everyone is always talking about the same thing. This is a very reasonable thing to require; without it, the database would be much less useful. > All of that said, because PDB and UniProt files are not works of > authorship, they likely do not qualify for copyright protection in the > US, so the licensing terms can largely be ignored. However, that may not > be true of other jurisdictions. The text that was quoted doesn't really talk about IP; it just says that it isn't about that: as a user, you must find the license and abide by it. This is annoying (because it means you must find those licenses before you know if you can use the data), but I don't blame them. On the other hand, if you are correct (I have no idea about this data) that it is not copyrightable, then you also don't need a license, so that solves that problem. The question would probably have been better asked on -legal though, so I'm sending it there. For those reading there without seeing the thread before, it starts here: https://lists.debian.org/debian-devel/2016/03/msg00091.html Thanks, Bas -BEGIN PGP SIGNATURE- Version: GnuPG v1 iQIcBAEBAgAGBQJW3kjSAAoJEJzRfVgHwHE6vUIP/2c9sCzBFH7L2muFotxeDFnB 9A3TRZbTfRX05Ik9FZyFSZr/zE/XEHA/aMogvEu1sB3Z1XpyEEx5Q+kvDiB4lqL7 6h5g5LTXWKIzdPDNciwCMSVqpBtPfuOJ11qEGPRZbsPVfXLjoSh+bjarSmYltun+ TlcpkOwcpSuevJI+BVxDKz5L59DcNqp/0Dh8kj2ek+dzDWmOiyJ1azqx6DptR3KB uZ0gKi7LRsOjy6f6Q/bKs5Ym0it4CoVIBYuABAxFV6YsoP7qeUQqhd9gWqw9jAuV 6JTxnyLBwEZHJ640PAvTl/Q7W7+LL3aRQvqwCUfLUKtvAVywR5mBzTn5DrY0r8SO ms0bftWq2DFezqctn8WYMvseIjkq4k2/Bt2e59dIi8d8ytj79dE5+raYl/cYYNUt 71shP7r+41zRb23ZguRVHcpOIBMu5UlhHpXR8PWhUhDF4mhnPDBXZGmvrZTTgVjy iOHC3g7EtFg5NZTdMeeKs7NyKtT9ZLLDbwqiVmKSTPgIGywSyVLpR2X+5S0pek3C ybtvSBifRQd8m/nhveQiQFAhNIpJHjFimdzTObKonKVAGAhag4TlvO9dak921CZK TWii3txJnPmTMAaR/LGY8VjlcJjwN3J1UZTvB/0HTVGnLEUjSxtN0f6BQo1KXVSV TDvMAD6wYUfdt9Ik9krj =bzir -END PGP SIGNATURE-
Bug#817093: ITP: golang-github-alecthomas-template -- text templates with newline elision for Go
Package: wnpp Severity: wishlist Owner: Peter Colberg * Package name: golang-github-alecthomas-template Version : 0.0~git20151201.0.14fd436 Upstream Author : Alec Thomas * URL : https://github.com/alecthomas/template * License : BSD-3-clause Programming Lang: Go Description : text templates with newline elision for Go This is a fork of the text/template package from Go 1.4 with the addition that a backslash immediately after a closing delimiter will delete all subsequent newlines until a non-newline. This package will be maintained by the Debian Go team (Cc'ed).
Bug#817095: ITP: golang-github-alecthomas-units -- Go package for parsing byte units
Package: wnpp Severity: wishlist Owner: Peter Colberg * Package name: golang-github-alecthomas-units Version : 0.0~git20151022.0.2efee85 Upstream Author : Alec Thomas * URL : https://github.com/alecthomas/units * License : Expat Programming Lang: Go Description : Go package for parsing byte units This package provides multipliers and string conversion functions for byte units with support for decimal and binary SI prefixes. This package will be maintained by the Debian Go team (Cc'ed).
Bug#817096: ITP: golang-github-cheggaaa-pb -- console progress bar for Go
Package: wnpp Severity: wishlist Owner: Peter Colberg * Package name: golang-github-cheggaaa-pb Version : 0.0~git20160304.0.a75ad33 Upstream Author : Sergey Cherepanov * URL : https://github.com/cheggaaa/pb * License : BSD-3-clause Programming Lang: Go Description : console progress bar for Go This package provides a simple progress bar for console programs. This package will be maintained by the Debian Go team (Cc'ed).
Bug#817097: ITP: golang-github-erikdubbelboer-gspt -- setproctitle for Go
Package: wnpp Severity: wishlist Owner: Peter Colberg * Package name: golang-github-erikdubbelboer-gspt Version : 0.0~git20151120.0.bbaae60 Upstream Author : Erik Dubbelboer * URL : https://github.com/ErikDubbelboer/gspt * License : Expat Programming Lang: Go Description : setproctitle for Go This package provides a function for setting the title of a process. This package will be maintained by the Debian Go team (Cc'ed).
Bug#817100: ITP: golang-github-mitchellh-go-wordwrap -- Go package for wrapping words into multiple lines
Package: wnpp Severity: wishlist Owner: Peter Colberg * Package name: golang-github-mitchellh-go-wordwrap Version : 0.0~git20150314.0.ad45545 Upstream Author : Mitchell Hashimoto * URL : https://github.com/mitchellh/go-wordwrap * License : Expat Programming Lang: Go Description : Go package for wrapping words into multiple lines This package wraps words to limit the line length to a given number of characters, which is useful to format output in console programs. This package will be maintained by the Debian Go team (Cc'ed).
Bug#817098: ITP: golang-github-hlandau-degoutils -- miscellaneous utilities for Go
Package: wnpp Severity: wishlist Owner: Peter Colberg * Package name: golang-github-hlandau-degoutils Version : 0.0~git20160211.0.16c74cc Upstream Author : Hugo Landau * URL : https://github.com/hlandau/degoutils * License : Expat Programming Lang: Go Description : miscellaneous utilities for Go This package provides utility functions needed for building acmetool. This package will be maintained by the Debian Go team (Cc'ed).
Bug#817099: ITP: golang-github-jmhodges-clock -- Go package for testing time-dependent code
Package: wnpp Severity: wishlist Owner: Peter Colberg * Package name: golang-github-jmhodges-clock Version : 0.0~git20151001.0.3c4ebd2 Upstream Author : Jeff Hodges * URL : https://github.com/jmhodges/clock * License : Expat Programming Lang: Go Description : Go package for testing time-dependent code This package provides an abstraction for system time that enables testing of time-dependent code. This package will be maintained by the Debian Go team (Cc'ed).
Bug#817101: ITP: golang-github-ogier-pflag -- POSIX/GNU-style command-line flags for Go
Package: wnpp Severity: wishlist Owner: Peter Colberg * Package name: golang-github-ogier-pflag Version : 0.0~git20160129.0.45c278a Upstream Author : Alex Ogier * URL : https://github.com/ogier/pflag * License : BSD-3-clause Programming Lang: Go Description : POSIX/GNU-style command-line flags for Go This package is a drop-in replacement for Go's flag package providing POSIX/GNU-style long-form command-line flags. This package will be maintained by the Debian Go team (Cc'ed).
Bug#817102: ITP: golang-github-peterhellberg-link -- Go package for parsing link headers
Package: wnpp Severity: wishlist Owner: Peter Colberg * Package name: golang-github-peterhellberg-link Version : 0.0~git20151119.0.1053d3b Upstream Author : Peter Hellberg * URL : https://github.com/peterhellberg/link * License : Expat Programming Lang: Go Description : Go package for parsing link headers This package parses link headers (RFC 5988) used for pagination. This package will be maintained by the Debian Go team (Cc'ed).
Bug#817103: ITP: golang-gopkg-alecthomas-kingpin.v2 -- command-line and flag parser for Go
Package: wnpp Severity: wishlist Owner: Peter Colberg * Package name: golang-gopkg-alecthomas-kingpin.v2 Version : 2.1.11 Upstream Author : Alec Thomas * URL : https://github.com/alecthomas/kingpin * License : Expat Programming Lang: Go Description : command-line and flag parser for Go This package provides a fluent-style, type-safe command-line parser. It supports flags, nested commands, positional arguments, customizable help output using Go templates, and automatically generated man pages. This package will be maintained by the Debian Go team (Cc'ed).
Bug#817104: ITP: golang-gopkg-hlandau-configurable.v1 -- Go package for managing program configuration
Package: wnpp Severity: wishlist Owner: Peter Colberg * Package name: golang-gopkg-hlandau-configurable.v1 Version : 1.0.1 Upstream Author : Hugo Landau * URL : https://github.com/hlandau/configurable * License : Expat Programming Lang: Go Description : Go package for managing program configuration This package provides an integration nexus for program configuration coming from command line arguments, configuration files, environment variables, or any other sources. This package will be maintained by the Debian Go team (Cc'ed).
Bug#817105: ITP: golang-gopkg-hlandau-easyconfig.v1 -- Go package with easy bindings for configurable
Package: wnpp Severity: wishlist Owner: Peter Colberg * Package name: golang-gopkg-hlandau-easyconfig.v1 Version : 1.0.12 Upstream Author : Hugo Landau * URL : https://github.com/hlandau/easyconfig * License : Expat Programming Lang: Go Description : Go package with easy bindings for configurable This package provides convenient interfaces for the configurable package. This package will be maintained by the Debian Go team (Cc'ed).
ITP: acmetool -- automatic certificate acquisition tool for Let's Encrypt
Package: wnpp Severity: wishlist Owner: Peter Colberg * Package name: acmetool Version : 0.0.49 Upstream Author : Hugo Landau * URL : https://hlandau.github.io/acme * License : Expat Programming Lang: Go Description : automatic certificate acquisition tool for Let's Encrypt acmetool is an easy-to-use command line tool for automatically acquiring TLS certificates from ACME servers such as Let's Encrypt, designed to flexibly integrate into your webserver setup to enable automatic verification. acmetool is designed to work like make: you specify what certificates you want, and acmetool obtains certificates as necessary to satisfy those requirements. If the requirements are already satisfied, acmetool doesn't do anything when invoked. Thus, acmetool is ideally suited for use on a cron job; it will do nothing until certificates are near expiry, and then obtain new ones. acmetool is designed to minimise the use of state and be transparent in the state that it does use. All state, including certificates, is stored in a single directory, by default /var/lib/acme. The schema for this directory is simple, comprehensible and documented. This package will be maintained by the Debian Go team (Cc'ed).
Bug#817108: ITP: golang-gopkg-tylerb-graceful.v1 -- Go package for gracefully shutting down HTTP server
Package: wnpp Severity: wishlist Owner: Peter Colberg * Package name: golang-gopkg-tylerb-graceful.v1 Version : 1.2.4 Upstream Author : Tyler Bunnell * URL : https://github.com/tylerb/graceful * License : Expat Programming Lang: Go Description : Go package for gracefully shutting down HTTP server This package enables graceful shutdown of a http.Handler server. When the process receives a SIGINT or SIGTERM, the listening port is closed immediately for reuse by another process, while active connections are gracefully terminated after a timeout. This package will be maintained by the Debian Go team (Cc'ed).
Bug#817107: ITP: golang-gopkg-hlandau-svcutils.v1 -- utilities for writing services in Go
Package: wnpp Severity: wishlist Owner: Peter Colberg * Package name: golang-gopkg-hlandau-svcutils.v1 Version : 1.0.7 Upstream Author : Hugo Landau * URL : https://github.com/hlandau/svcutils * License : Expat Programming Lang: Go Description : utilities for writing services in Go This package provides utilities for chrooting, determining the absolute path of an executable, determining user and group information, creating and locking PID files, changing UID and GID, sending status notifications to systemd, detecting and dropping capabilities, and duplicating file descriptors. This package will be maintained by the Debian Go team (Cc'ed).
Bug#817106: ITP: golang-gopkg-hlandau-service.v2 -- Go package for writing services
Package: wnpp Severity: wishlist Owner: Peter Colberg * Package name: golang-gopkg-hlandau-service.v2 Version : 2.0.15 Upstream Author : Hugo Landau * URL : https://github.com/hlandau/service * License : ISC Programming Lang: Go Description : Go package for writing services This package implements daemonization, PID file creation, privilege dropping, chrooting, status notification, and orderly shutdown. This package will be maintained by the Debian Go team (Cc'ed).
Bug#817109: ITP: golang-github-square-go-jose -- Javascript Object Signing and Encryption (JOSE) for Go
Package: wnpp Severity: wishlist Owner: Peter Colberg * Package name: golang-github-square-go-jose Version : 0.0~git20160304.0.7465d2b Upstream Author : Square Inc * URL : https://github.com/square/go-jose * License : Apache-2.0 Programming Lang: Go Description : Javascript Object Signing and Encryption (JOSE) for Go This package provides an implementation of the Javascript Object Signing and Encryption set of standards. The implementation follows the JSON Web Encryption standard (RFC 7516) and JSON Web Signature standard (RFC 7515). The package supports both the compact and full serialization formats, and optionally supports multiple recipients. This package will be maintained by the Debian Go team (Cc'ed).
Bug#817110: ITP: golang-github-hlandau-xlog -- logging library for Go
Package: wnpp Severity: wishlist Owner: Peter Colberg * Package name: golang-github-hlandau-xlog Version : 0.0~git20160208.0.c18de57 Upstream Author : Hugo Landau * URL : https://github.com/hlandau/xlog * License : Expat Programming Lang: Go Description : logging library for Go This package provides a hierarchical, configurable logging system suitable for use in libraries. This package will be maintained by the Debian Go team (Cc'ed).
