Reviews for tree-sitter
All reviews for this package from team members (across all versions).
| Reviewer | Version | Allocated | Started | Status | Completed | Comment | |
|---|---|---|---|---|---|---|---|
| siretart | 0.26.8-3 | 1 month, 10 days ago | 1 month, 10 days ago | accepted | 1 month, 10 days ago | View | |
| siretart | 0.26.8-2 | 1 month, 10 days ago | 1 month, 10 days ago | rejected | 1 month, 10 days ago | Thank you for the updates regarding Mathias Panzenböck and Amaan Qureshi. I have reviewed the feedback regarding the ICU subset licensing and the 2016 re-licensing event. I recognize that as a maintainer, you are correctly following upstream's lead and should not be expected to modify upstream source code or headers to satisfy archival preferences. However, debian/copyright must serve as a complete and transparent documentation of the source tree as-is. While the 2016 re-licensing by IBM under Unicode terms is the clear legal intent, the headers in lib/src/unicode/ (umachine.h, utf16.h, utf8.h) still carry historical IBM copyright notices and your bundled LICENSE file preserves the IBM/ICU license in Section 1. To satisfy the "document what you find" principle of DFSG reviews without modifying upstream code, please update debian/copyright as follows: 1. Add a standalone 'License: ICU' stanza containing the text of the IBM/ICU License (Section 1 of your bundled LICENSE file). 2. Update the 'Files: lib/src/unicode/*' stanza to explicitly clarify the situation. A comment such as "In 2016, IBM re-licensed the ICU codebase to the Unicode Consortium. While headers still carry historical IBM notices referenced by the ICU License (v1.8.1-57.1), the new terms (Unicode-DFS-2016) are now in effect for the entire subset" is encouraged. This approach provides full traceability for the IBM-copyrighted files and aligns with the documentation style of the main 'icu' package in Debian, without requiring any changes to the upstream source code. | View |
| siretart | 0.26.8-1 | 1 month, 16 days ago | 1 month, 16 days ago | rejected | 1 month, 15 days ago | Thanks for your diligence while working on this package. I've had a look through the source, and while it's mostly there, I have to reject it for now because of several omissions in debian/copyright. Specifically, the file lib/src/portable/endian.h is not covered. It carries a copyright notice for Mathias Panzenböck and is released into the public domain, with a fallback dual-license under BSD, MIT, and Apache terms. Since this is a distinct author and license from the rest of the project, it needs its own stanza. The ICU subset in lib/src/unicode/ requires much more granular coverage. While you have listed Unicode, Inc. and IBM, the "License: Unicode" stanza in your copyright file only matches the "Unicode License Agreement - Data Files and Software (2016)". However, the actual header blocks in lib/src/unicode/umachine.h, lib/src/unicode/utf16.h, and lib/src/unicode/utf8.h all reference an older "ICU License - ICU 1.8.1 to ICU 57.1" from IBM, which has different wording and should be explicitly included. Furthermore, the bundled lib/src/unicode/LICENSE file lists several other third-party contributors whose licenses are not reflected in debian/copyright: - Google Inc. (BSD-3-clause, used in Chrome) - TaBE Project and Pai-Hsiang Hsiao (BSD-like) - Nara Institute of Science and Technology (BSD-like) - Brian Eugene Wilson and Robert Martin Campbell (Lao-Dictionary, BSD-2-clause) I also noticed that Amaan Qureshi is listed as a primary author in the workspace Cargo.toml and other package metadata, but is currently missing from the upstream copyright stanzas in debian/copyright. This contributor should be credited alongside Max Brunsfeld in the main Files: * stanza. -rt | View |