Bug#885065: ITP: node-ifvisible.js -- Determine if a web page is visible in the browser

2017-12-23 Thread Daniel Ring 
Package: wnpp
Severity: wishlist
Owner: Daniel Ring 
X-Debbugs-CC: debian-devel@lists.debian.org

* Package name: node-ifvisible.js
  Version : 1.0.6
  Upstream Author : Serkan Yersen 
* URL : https://github.com/serkanyersen/ifvisible.js
* License : Expat
  Programming Lang: JavaScript
  Description : Determine if a web page is visible in the browser

 Ifvisible.js provides a cross-browser and lightweight method of determining
 whether a user is currently looking at or interacting with a web page.
 .
 Node.js is an event-based server-side JavaScript engine.

Bug#885070: ITP: libatteanx-compatibility-trine-perl -- compatibility layer between RDF::Trine and Attean

2017-12-23 Thread Jonas Smedegaard 
Package: wnpp
Severity: wishlist
Owner: Jonas Smedegaard 

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512

* Package name: libatteanx-compatibility-trine-perl
  Version : 0.001
  Upstream Author : Kjetil Kjernsmo 
* URL : https://metacpan.org/release/AtteanX-Compatibility-Trine
* License : Artistic or GPL-1+
  Programming Lang: Perl
  Description : compatibility layer between RDF::Trine and Attean

 AtteanX::Compatibility::Trine provides a tiny shim
 for code written for RDF::Trine to instead use Attean.
 .
 RDF::Trine and Attean are both Perl frameworks
 for working with RDF data and SPARQL queries,
 the former using Moose and deprecated
 in favor of the latter using Moo.
 .
 SPARQL is an RDF query language,
 that is, a semantic query language for databases,
 able to retrieve and manipulate data
 stored in Resource Description Framework format.
 .
 Resource Description Framework (RDF) is a standard model
 for data interchange on the Web.

This package is needed for recent release of librdf-rdfa-generator-perl.
It will be team-maintained in the Debian Perl Group.

 - Jonas

-BEGIN PGP SIGNATURE-

iQIzBAEBCgAdFiEEn+Ppw2aRpp/1PMaELHwxRsGgASEFAlo+VzIACgkQLHwxRsGg
ASH9WxAAi96RcURD8UNATv+YMJfYdNUGvMueeff2TuwBq2QkUyMiIN26bTi825Cb
UwjC2+AgQgi/a6ZX6Rp5A6k8/WYkFcG+pWZ3u5GOIe3B8A4wVC8VRkb5egSbDcMo
1kDYXXm+uqp2a9v++8bnM3OU1/3sXxJrtIykkaMj7EJp1DgcKHdkGdQxPGx6Mddy
cxHGjiCVeSMrd4KBsh9HdtvVHuxXpnWOr5mPPXN64p7/0+LcuzdijJXG3fJwFSDe
IC8DwY+SOgH2liefHvip9FUKo2qCY85SVhKNh0gpHSkYh/GQ0v9lub9Yi3z2TsDl
Ci7Ziu0UQT5F+Yq21uQd3mlpoNG36txQCexdOriD3n5z1mmUYR/Bq5B+H/x9rOBh
I02Neyowiza/c78fcM10pjdRv72cMQdmq84VefHmriP88GLA94sFJkpvp9clpwqI
OkDhTwlyqzHWjcPKboRt8ZE0YXBNGE3+h5/eS0H5GCB/gIpIzDXSzIwEeh/mr/6Y
lHGPbgKlXkCe3Ae52V25jpG39fVBi5pKrf6qIFbWl6XkNtvq29XneD7c+FS3cEE8
qykVzbXANuYj82HOtrau28KPv8qxDXjRmQi4esZ7EhP7DqO2u5JWleRzyVxxPg8u
upTH4jjgFlrl6Eub6oe3VVCyvVGNkFDqYC8cjvizD3H1IklBBrA=
=VoYR
-END PGP SIGNATURE-

Re: Why do we list individual copyright holders?

2017-12-23 Thread Jeremy Stanley 
On 2017-12-23 11:53:38 +0800 (+0800), Paul Wise wrote:
> On Sat, Dec 23, 2017 at 9:07 AM, Thomas Goirand wrote:
> 
> > (ie: the Apache license doesn't require listing copyright holders).
> 
> IANAL, but it seems pretty clear to me that this is not the case, at
> least for source packages (see 4.c), for binary packages we also have
> to distribute any associated NOTICE files (see 4.d, but I guess we
> violate this rule quite a lot), which I would guess usually contain
> copyright information.
> 
> https://www.apache.org/licenses/LICENSE-2.0

It doesn't require all holders of copyright to declare they hold a
copyright:

[from 4.d second ¶] "You may add Your own copyright statement to
Your modifications..."

Every patch is a modification being distributed, and the license
states that you _may_ add your own copyright statement to the
existing statements (if there are any), but does not say that you
are _obligated_ to add your own to the existing copyright
statements.

Scraping a list of copyright holders who have chosen to note their
copyright in at least one file is fairly easy to enable upstream by
standardizing the format of copyright notices in files and a smidge
of CI to reject additions which look like malformed copyright lines.
However we're not going to require that someone add new copyright
lines, because the license itself does not require that. As a
result, the best we can do is reproduce a list of all copyright
statements present in the files, but we cannot produce a list of all
copyright holders because we have no way to know about copyright
holders who have not added copyright statements.

(perhaps this is a nuanced distinction, but listing all copyright
statements is not the same thing as listing all copyright holders)
-- 
Jeremy Stanley


signature.asc
Description: Digital signature

Re: Why do we list individual copyright holders?

2017-12-23 Thread Vincent Bernat 
 ❦ 22 décembre 2017 19:58 -0800, Russ Allbery  :

>> IANAL, but it seems pretty clear to me that this is not the case, at
>> least for source packages (see 4.c), for binary packages we also have to
>> distribute any associated NOTICE files (see 4.d, but I guess we violate
>> this rule quite a lot), which I would guess usually contain copyright
>> information.
>
>> https://www.apache.org/licenses/LICENSE-2.0
>
> I just found a few packages under Apache 2.0 that didn't distribute the
> NOTICE file.  It turned out that the same information was in
> debian/copyright, but that may not be the case in the future.
>
> I'll file a wishlist bug against Lintian to check for a NOTICE file in
> packages that say they're under Apache 2.0 and warn if it's not included
> in the binary package.

4.d also says NOTICE can be distributed in the source form when it is
distributed along the derivative work (which is our case).

Unrelated, but I am developing some kind of "lintian fatigue". People
may find helpful to let Lintian warn about every little thing. Each time
I have to update a package, I have new lintian notices and/or
warnings. Sometimes Lintian is right, sometimes it's not. Most of the
time, this is quite pointless for me.

Related, this d/copyright stuff is also pointless to me (for the same
reasons pointed by zigo).
-- 
The naked truth of it is, I have no shirt.
-- William Shakespeare, "Love's Labour's Lost"


signature.asc
Description: PGP signature

Re: Why do we list individual copyright holders?

2017-12-23 Thread Russ Allbery 
Vincent Bernat  writes:
>  ❦ 22 décembre 2017 19:58 -0800, Russ Allbery  :

>> I just found a few packages under Apache 2.0 that didn't distribute the
>> NOTICE file.  It turned out that the same information was in
>> debian/copyright, but that may not be the case in the future.

>> I'll file a wishlist bug against Lintian to check for a NOTICE file in
>> packages that say they're under Apache 2.0 and warn if it's not
>> included in the binary package.

> 4.d also says NOTICE can be distributed in the source form when it is
> distributed along the derivative work (which is our case).

People keep thinking this, and in a very strict and limited sense it's
sort of true, but it's not usefully true.  While Debian ourselves always
at least arguably has source alongside binaries (we have images without
the source, but the source is available from the same site), the project
has always allowed downstream distributors of binary-only images, and our
binary images (like netinst USB sticks) are intended to be widely
redistributable without worrying about loading source onto the same image.
It would be highly surprising, and rather rude, to those distributors if
suddenly their work was in violation of licenses because we stopped
complying with licenses unless source was distributed alongside.

(They obviously have to provide an offer of source or point to our
available source if they don't include source, due to all of the GPL code
we have, but that's much easier.)

> Unrelated, but I am developing some kind of "lintian fatigue". People
> may find helpful to let Lintian warn about every little thing.

I am one of those people -- I find it insanely useful, rely on it heavily,
and would be extremely upset if it ever went away.

> Each time I have to update a package, I have new lintian notices and/or
> warnings. Sometimes Lintian is right, sometimes it's not. Most of the
> time, this is quite pointless for me.

Turn down the thresholds?

-- 
Russ Allbery (r...@debian.org)

Re: Why do we list individual copyright holders?

2017-12-23 Thread Marc Haber 
On Fri, 22 Dec 2017 08:51:37 -0500, Scott Kitterman
 wrote:
>Marc, I don't want you to take this as me beating up on you, because that's 
>not my intent, but I find your tone frustrating.  The FTP Team is not a closed 
>cabal.  There are regular calls for volunteers (there is a new set of FTP 
>Trainees learning about the job right now), so anyone who's willing and able 
>to do the work is welcome to help.  I find demands on my time from those who 
>aren't frustrating.

Yes, that's a repeating pattern as well. Those who do the work do have
the right to decide how they do the work, but having power delegated
from the project comes with some obligations.

I find that communicating with the project is part of those
obligations.

I do apologize that my frustration with the lack of communication
frequently results in communication beginning, finding its climax in
communication about frustration caused by my frustration, and then
swiftly ending again.

I usually try minimizing my interactions with those people who are
part of these cycles of frustration in the project, minimizing my
frustration as well, but once in a while I fail to keep my mouth shut.

Greetings
Marc
-- 
-- !! No courtesy copies, please !! -
Marc Haber |   " Questions are the | Mailadresse im Header
Mannheim, Germany  | Beginning of Wisdom " | http://www.zugschlus.de/
Nordisch by Nature | Lt. Worf, TNG "Rightful Heir" | Fon: *49 621 72739834

Re: Why do we list individual copyright holders?

2017-12-23 Thread Scott Kitterman 


On December 23, 2017 2:20:43 PM EST, Marc Haber  
wrote:
>On Fri, 22 Dec 2017 08:51:37 -0500, Scott Kitterman
> wrote:
>>Marc, I don't want you to take this as me beating up on you, because
>that's 
>>not my intent, but I find your tone frustrating.  The FTP Team is not
>a closed 
>>cabal.  There are regular calls for volunteers (there is a new set of
>FTP 
>>Trainees learning about the job right now), so anyone who's willing
>and able 
>>to do the work is welcome to help.  I find demands on my time from
>those who 
>>aren't frustrating.
>
>Yes, that's a repeating pattern as well. Those who do the work do have
>the right to decide how they do the work, but having power delegated
>from the project comes with some obligations.
>
>I find that communicating with the project is part of those
>obligations.
>
>I do apologize that my frustration with the lack of communication
>frequently results in communication beginning, finding its climax in
>communication about frustration caused by my frustration, and then
>swiftly ending again.
>
>I usually try minimizing my interactions with those people who are
>part of these cycles of frustration in the project, minimizing my
>frustration as well, but once in a while I fail to keep my mouth shut.
>
>Greetings
>Marc

I understand.  I'm not saying your frustrations are unreasonable.  They aren't.

As much as people find writing debian/copyright, imagine the pain associated 
with checking it.  Personally, I don't want it to be any harder than it has to 
be.  I'm currently canvasing other members of the FTP Team to understand what 
everyone thinks is correct.  This isn't the ideal time of year to do it, so I 
make no promises on schedule, but I do hope to be able to have a coordinated 
response to the points brought up in this thread.

Scott K

Re: Why do we list individual copyright holders?

2017-12-23 Thread Russ Allbery 
Scott Kitterman  writes:

> As much as people find writing debian/copyright, imagine the pain
> associated with checking it.  Personally, I don't want it to be any
> harder than it has to be.  I'm currently canvasing other members of the
> FTP Team to understand what everyone thinks is correct.  This isn't the
> ideal time of year to do it, so I make no promises on schedule, but I do
> hope to be able to have a coordinated response to the points brought up
> in this thread.

Thank you for doing that, Scott!

For those who feel strongly about this and have some time or resources to
put into resolving it, I again strongly encourage people to form a working
group on this that can focus on coming up with a concrete proposal.  I
think our scattershot discussion approach in debian-devel is good for a
lot of things, but not for something that's large and complex like how we
handle license and copyright notices.  There are going to be a lot of
details, and the sprawling thread is going to be frustrating.

A working group can divvy up the work and collaborate on a concrete
proposal, which makes the resulting discussion a lot easier.

I don't have a ton of time at the moment, so I'm reluctant to volunteer,
but I may be able to spring some hours if someone else would be willing to
take on the coordination work.  (Scott's already volunteering to canvas
ftpmaster, so it would be great if someone else could take on the rest of
the logistics.)  I think a separate (public) mailing list dedicated to
this would be ideal, but feel free to use a bug against debian-policy
instead if the lower-overhead setup is appealing.

-- 
Russ Allbery (r...@debian.org)

Re: Why do we list individual copyright holders?

2017-12-23 Thread Jeremy Stanley 
On 2017-12-23 15:15:35 -0800 (-0800), Russ Allbery wrote:
[...]
> I think a separate (public) mailing list dedicated to this would
> be ideal
[...]

As in debian-legal@l.d.o or a completely new ML specifically for
copyright documentation discussions?
-- 
Jeremy Stanley

Re: Why do we list individual copyright holders?

2017-12-23 Thread Russ Allbery 
Jeremy Stanley  writes:
> On 2017-12-23 15:15:35 -0800 (-0800), Russ Allbery wrote:
> [...]
>> I think a separate (public) mailing list dedicated to this would
>> be ideal
> [...]

> As in debian-legal@l.d.o or a completely new ML specifically for
> copyright documentation discussions?

debian-legal would work the way that debian-policy would, but I think this
sort of thing would really benefit from a mailing list specifically for
the working group.  Anyone can join in if they want to be part of the
working group, but I think the random people already subscribed to
existing project mailing lists will produce more noise than benefit during
the early process of hammering out a concrete proposal.  (Obviously, after
that proposal is roughly shaped, it should be exposed to the project as a
whole for feedback and course correction.)

-- 
Russ Allbery (r...@debian.org)