--- /dev/null
+Check-Script: copyright-file
+Author: Christian Schwarz <schwarz@debian.org>
+Abbrev: cpy
+Type: binary
+Unpack-Level: 1
+Needs-Info: copyright-file
+Info: This script checks if a binary package conforms to policy
+ with regard to copyright files.
+ .
+ Each binary package must either have a
+ /usr/share/doc/<foo>/copyright file or must have a symlink
+ /usr/share/doc/<foo> -> <bar>, where <bar> comes
+ from the same source package and pkg foo declares a "Depends" relation on
+ bar.
+
+Tag: no-copyright-file
+Severity: serious
+Certainty: certain
+Info: Each binary package has to include a plain file
+ /usr/share/doc/<i>pkg</i>/copyright
+Ref: policy 12.5
+Tested: empty
+
+Tag: copyright-refers-to-old-directory
+Severity: important
+Certainty: certain
+Info: The common licenses (GPL, BSD, Artistic, etc) have been moved from
+ /usr/doc/copyright to /usr/share/common-licenses.
+ Copyright files should be updated.
+Ref: policy 12.5
+
+Tag: copyright-file-compressed
+Severity: serious
+Certainty: certain
+Info: The copyright file /usr/share/doc/<i>pkg</i>/copyright must not be
+ compressed.
+Ref: policy 12.5
+
+Tag: copyright-file-is-symlink
+Severity: serious
+Certainty: certain
+Info: The copyright file /usr/share/doc/<i>pkg</i>/copyright must not be a
+ symbolic link.
+Ref: policy 12.5
+
+Tag: copyright-file-contains-full-gpl-license
+Severity: important
+Certainty: certain
+Info: The copyright file /usr/share/doc/<i>pkg</i>/copyright contains the
+ complete text of the GPL v2 or v3. It should refer to the file
+ <tt>/usr/share/common-licenses/GPL-2</tt> or <tt>GPL-3</tt> instead.
+Ref: policy 12.5
+
+Tag: copyright-file-contains-full-gfdl-license
+Severity: important
+Certainty: certain
+Info: The copyright file /usr/share/doc/<i>pkg</i>/copyright contains the
+ complete text of the GFDL v1.2. It should refer to the file
+ <tt>/usr/share/common-licenses/GFDL-1.2</tt> instead.
+Ref: policy 12.5
+
+Tag: copyright-file-contains-full-apache-2-license
+Severity: important
+Certainty: certain
+Info: The copyright file /usr/share/doc/<i>pkg</i>/copyright contains the
+ complete text of the Apache 2.0 license. It should refer to the file
+ <tt>/usr/share/common-licenses/Apache-2.0</tt> instead.
+Ref: policy 12.5
+
+Tag: usr-share-doc-symlink-without-dependency
+Severity: important
+Certainty: certain
+Info: If the package installs a symbolic link /usr/share/doc/<i>pkg1</i> ->
+ <i>pkg2</i>, then <i>pkg1</i> has to depend on <i>pkg2</i> with the same
+ version as <i>pkg1</i>.
+ .
+ Note, that adding the "Depends:" entry just to fix this bug is not a good
+ solution. It's suggested that you include a real /usr/share/doc/<i>pkg1</i>
+ directory within <i>pkg1</i> and copy the copyright file into that directory.
+Ref: policy 12.5
+
+Tag: usr-share-doc-symlink-to-foreign-package
+Severity: important
+Certainty: certain
+Info: If the package installs a symbolic link /usr/share/doc/<i>pkg1</i> ->
+ <i>pkg2</i>, then <i>pkg1</i> and <i>pkg2</i> must both come from the same
+ source package.
+ .
+ It's suggested that you include a real /usr/share/doc/<i>pkg1</i> directory
+ within <i>pkg1</i> and copy the copyright file to that directory.
+Ref: policy 12.5
+
+Tag: cannot-check-whether-usr-share-doc-symlink-points-to-foreign-package
+Severity: minor
+Certainty: possible
+Info: There is a symlink /usr/share/doc/<i>pkg1</i> -> <i>pkg2</i>
+ in your package. This means that <i>pkg1</i> and <i>pkg2</i> must
+ both come from the same source package. I can't check this right now
+ however since I'm only checking a binary package and I only can check
+ this when I'm checking both the binary and the corresponding source
+ package.
+
+Tag: old-style-copyright-file
+Severity: important
+Certainty: certain
+Info: The package installs a /usr/doc/copyright/<i>pkg</i> file. Instead,
+ you should place the copyright file in /usr/share/doc/<i>pkg</i>/copyright.
+Ref: policy 12.5
+
+Tag: old-fsf-address-in-copyright-file
+Severity: normal
+Certainty: certain
+Info: The /usr/share/doc/<i>pkg</i>/copyright file refers to the old postal
+ address of the Free Software Foundation (FSF). The new address is:
+ .
+ Free Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston,
+ MA 02110-1301, USA.
+
+Tag: helper-templates-in-copyright
+Severity: important
+Certainty: certain
+Info: The /usr/share/doc/<i>pkg</i>/copyright file still contains the template
+ contents from a packaging helper. Please include the actual license and
+ download information about the package.
+
+Tag: copyright-refers-to-compressed-license
+Severity: important
+Certainty: certain
+Info: The /usr/share/doc/<i>pkg</i>/copyright file refers to a standard license
+ /usr/share/common-licenses/{GPL,LGPL,Artistic,BSD}.gz as a compressed
+ file. Please update the reference (the licenses are installed
+ uncompressed).
+
+Tag: usr-share-doc-symlink-points-outside-of-usr-share-doc
+Severity: important
+Certainty: certain
+Info: The /usr/share/doc/<i>pkg</i> symbolic link is pointing to a directory
+ outside of <tt>/usr/share/doc</tt>.
+Ref: policy 12.5
+
+Tag: copyright-does-not-refer-to-common-license-file
+Severity: normal
+Certainty: certain
+Info: If your package uses any one of the licenses in
+ <tt>/usr/share/common-licenses</tt>, the copyright file should refer to
+ files therein.
+Ref: policy 12.5
+
+Tag: copyright-refers-to-incorrect-directory
+Severity: important
+Certainty: certain
+Ref: policy 12.5
+Info: In the directory name /usr/share/common-licenses, licenses is spelled
+ with an "s", not as licences with a "c".
+
+Tag: copyright-file-lacks-pointer-to-perl-license
+Severity: important
+Certainty: possible
+Ref: policy 12.5
+Info: If your package is released under the same terms as Perl itself,
+ it should refer to the Artistic and GPL license files in the
+ <tt>/usr/share/common-licenses</tt> directory.
+
+Tag: copyright-should-refer-to-common-license-file-for-gpl
+Severity: important
+Certainty: possible
+Ref: policy 12.5
+Info: The strings "GNU General Public License" or "GPL" appear in the
+ copyright file for this package, but the copyright file does not
+ reference <tt>/usr/share/common-licenses</tt> as the location of the GPL
+ on Debian systems.
+ .
+ If the package uses some other license that just mentions the GPL and
+ that Maemian should detect as an exception, please file a Maemian bug.
+ If the copyright file must mention the GPL for reasons other than stating
+ the license of the package, please add a Maemian override.
+
+Tag: copyright-should-refer-to-common-license-file-for-gfdl
+Severity: important
+Certainty: possible
+Ref: policy 12.5
+Info: The strings "GNU Free Documentation License" or "GFDL" appear in the
+ copyright file for this package, but the copyright file does not
+ reference <tt>/usr/share/common-licenses</tt> as the location of the GFDL
+ on Debian systems.
+ .
+ If the package uses some other license that just mentions the GFDL and
+ that Maemian should detect as an exception, please file a Maemian bug.
+ If the copyright file must mention the GFDL for reasons other than stating
+ the license of the package, please add a Maemian override.
+
+Tag: copyright-should-refer-to-common-license-file-for-lgpl
+Severity: important
+Certainty: possible
+Ref: policy 12.5
+Info: The strings "GNU Lesser General Public License", "GNU Library
+ General Public License", or "LGPL" appear in the copyright file for this
+ package, but the copyright file does not reference
+ <tt>/usr/share/common-licenses</tt> as the location of the LGPL on Debian
+ systems.
+ .
+ If the package uses some other license that just mentions the LGPL and
+ that Maemian should detect as an exception, please file a Maemian bug.
+ If the copyright file must mention the LGPL for reasons other than stating
+ the license of the package, please add a Maemian override.
+
+Tag: copyright-lists-upstream-authors-with-dh_make-boilerplate
+Severity: normal
+Certainty: certain
+Info: There is "Upstream Author(s)" in your copyright file. This was most
+ likely a remnant from the dh_make template.
+ .
+ There's either one upstream author, in which case you should remove the
+ "(s)", or there are several upstream authors, in which case you should
+ remove the "(" and ")".
+ .
+ o/~ join us now and carefully edit debian/copyright files! o/~
+
+Tag: copyright-has-url-from-dh_make-boilerplate
+Severity: normal
+Certainty: certain
+Ref: policy 12.5
+Info: There is "url://example.com" in your copyright file. This was most
+ likely a remnant from the dh_make template.
+ .
+ Make sure you include the real location where you obtained the
+ upstream sources (if any).
+
+Tag: debian-copyright-file-uses-obsolete-national-encoding
+Severity: normal
+Certainty: certain
+Info: The Debian copyright file should be valid UTF-8, an encoding of
+ the Unicode character set.
+ .
+ There are many ways to convert a copyright file from an obsoleted encoding
+ like ISO-8859-1; you may for example use "iconv" like:
+ .
+ $ iconv -f ISO-8859-1 -t UTF-8 copyright > copyright.new
+ $ mv copyright.new copyright
+
+Tag: copyright-contains-dh_make-todo-boilerplate
+Severity: normal
+Certainty: certain
+Ref: policy 12.5
+Info: The string "Please also look if..." appears in the copyright
+ file, which indicates that you either didn't check the whole source
+ to find additional copyright/license, or that you didn't remove that
+ paragraph after having done so.
+
+Tag: copyright-contains-dh-make-perl-boilerplate
+Severity: normal
+Certainty: certain
+Ref: policy 12.5
+Info: The string "This copyright info was automatically extracted..."
+ appears in the copyright file, which indicates that you either didn't
+ check the whole source to find additional copyright/license, or that
+ you didn't remove that paragraph after having done so.
+
+Tag: copyright-with-old-dh-make-debian-copyright
+Severity: wishlist
+Certainty: certain
+Info: The copyright file contains the incomplete Debian packaging
+ copyright boilerplate from older versions of <tt>dh_make</tt>.
+ <tt>(C)</tt> is not considered as a valid way to express the copyright
+ ownership. The word <tt>Copyright</tt> or the © symbol should be used
+ instead or in addition to <tt>(C)</tt>.
+
+Tag: copyright-refers-to-bad-php-license
+Severity: serious
+Certainty: possible
+Info: This package appears to be covered by version 2.x of the PHP license,
+ which is not appropriate for anything other than PHP itself.
+Ref: http://ftp-master.debian.org/REJECT-FAQ.html
+
+Tag: copyright-refers-to-problematic-php-license
+Severity: serious
+Certainty: wild-guess
+Info: This package appears to be covered by version 3.0 (exactly) of the
+ PHP license. This license is not applicable to anything that is not PHP
+ and has no contributions from the PHP Group.
+Ref: http://ftp-master.debian.org/REJECT-FAQ.html
+
+Tag: copyright-without-copyright-notice
+Severity: normal
+Certainty: certain
+Ref: http://ftp-master.debian.org/REJECT-FAQ.html
+Info: The copyright file for this package does not appear to contain a
+ copyright notice. You should copy the copyright notice from the upstream
+ source (or add one of your own for a native package). A copyright notice
+ must consist of Copyright, Copr., or the Unicode symbol of C in a circle
+ followed by the years and the copyright holder. A copyright notice is
+ not required for a work to be copyrighted, but Debian requires the
+ copyright file include the authors and years of copyright, and including
+ a valid copyright notice is the best way to do that.
+ .
+ If the package is in the public domain rather than copyrighted, be sure
+ to mention "public domain" in the copyright file. Please be aware that
+ this is very rare and not the same as a DFSG-free license. True public
+ domain software is generally limited to such special cases as a work
+ product of a United States government agency.
+
+Tag: spelling-error-in-copyright
+Severity: normal
+Certainty: possible
+Info: Maemian found a spelling error in the copyright file. Maemian has a
+ list of common misspellings that it looks for. It does not have a
+ dictionary like a spelling checker does.
+
+Tag: possible-gpl-code-linked-with-openssl
+Severity: serious
+Certainty: wild-guess
+Info: This package appears to be covered by the GNU GPL but depends on
+ the OpenSSL libssl package and does not mention a license exemption or
+ exception for OpenSSL in its copyright file. The GPL (including version
+ 3) is incompatible with some terms of the OpenSSL license, and therefore
+ Debian does not allow GPL-licensed code linked with OpenSSL libraries
+ unless there is a license exception explicitly permitting this.
+ .
+ If only the Debian packaging, or some other part of the package not
+ linked with OpenSSL, is covered by the GNU GPL, please add a lintian
+ override for this tag. Maemian currently has no good way of
+ distinguishing between that case and problematic packages.
+
+Tag: copyright-refers-to-symlink-license
+Severity: pedantic
+Certainty: possible
+Info: The copyright file refers to the versionless symlink in
+ <tt>/usr/share/common-licenses</tt> for the full text of the GPL, LGPL,
+ or GFDL license. This symlink is updated to point to the latest version
+ of the license when a new one is released. The package appears to allow
+ relicensing under later versions of its license, so this is legally
+ consistent, but it implies that Debian will relicense the package under
+ later versions of those licenses as they're released. It is normally
+ better to point to the version of the license the package references in
+ its license statement.
+ .
+ For example, if the package says something like "you may redistribute it
+ and/or modify it under the terms of the GNU General Public License as
+ published by the Free Software Foundation; either version 2, or (at your
+ option) any later version", the <tt>debian/copyright</tt> file should
+ refer to <tt>/usr/share/common-licenses/GPL-2</tt>, not <tt>/GPL</tt>.
+
+Tag: copyright-refers-to-versionless-license-file
+Severity: normal
+Certainty: possible
+Info: The copyright file refers to the versionless symlink in
+ <tt>/usr/share/common-licenses</tt> for the full text of the GPL, LGPL,
+ or GFDL license, but the package does not appear to allow distribution
+ under later versions of the license. This symlink will change with each
+ release of a new version of the license and may therefore point to a
+ different version than the package is released under.
+ <tt>debian/copyright</tt> should instead refers to the specific version
+ of the license that the package references.
+ .
+ For example, if the package says something like "you can redistribute it
+ and/or modify it under the terms of the GNU General Public License as
+ published by the Free Software Foundation; version 2 dated June, 1991,"
+ the <tt>debian/copyright</tt> file should refer to
+ <tt>/usr/share/common-licenses/GPL-2</tt>, not <tt>/GPL</tt>.
+
+Tag: copyright-refers-to-nonexistent-license-file
+Severity: normal
+Certainty: certain
+Info: The copyright file refers to a license in
+ <tt>/usr/share/common-licenses</tt> that doesn't exist. Usually this is
+ a typo, such as accidentally omitting the <tt>-</tt> between the license
+ name and the version number.
projects / maemian / blobdiff