Review: mstpd 0.2.0-1
New Package Report
.changes
| Version | 0.2.0-1 |
|---|---|
| Changed-By | Nadzeya Hutsko |
| Architecture | source amd64 |
| Distribution | experimental |
| Date | Thu, 07 May 2026 17:28:22 +0200 |
| Source | mstpd |
Changelog
mstpd (0.2.0-1) experimental; urgency=medium . * Initial release. (Closes: #767013)
.dsc
| Priority | optional |
|---|---|
| Component | main |
| Package-List | mstpd deb net optional arch=linux-any |
| Section | net |
debian/copyright
Format: https://www.debian.org/doc/packaging-manuals/copyright-format/1.0/ Upstream-Name: mstpd Upstream-Contact: https://github.com/mstpd/mstpd/issues Source: https://github.com/mstpd/mstpd Files: * Copyright: 2006 EMC Corporation 2011 Factor-SPE 2011-2017 Vitalii Demianets <dvitasgs@gmail.com> 2015-2026 mstpd contributors License: GPL-2+ Files: brmon.c Copyright: 2006-2015 Stephen Hemminger <shemminger@osdl.org> 2006-2015 Srinivas Aji <Aji_Srinivas@emc.com> 2011-2015 Vitalii Demianets <dvitasgs@gmail.com> License: GPL-2+ Files: packet.c Copyright: 2006 EMC Corporation Stephen Hemminger <shemminger@linux-foundation.org> Srinivas Aji <Aji_Srinivas@emc.com> License: GPL-2+ Files: libnetlink.* Copyright: Alexey Kuznetsov <kuznet@ms2.inr.ac.ru> License: GPL-2+ Files: list.h Copyright: kazutomo@mcs.anl.gov License: GPL-2+ Files: broadcom_xstrata/* Copyright: 2011-2015 Vitalii Demianets <dvitasgs@gmail.com> 2012 Vladimir Cotfas <unix_router@yahoo.com> 2012 Phybridge Inc License: GPL-2+ Files: hmac_md5.c Copyright: 1991-1992 RSA Data Security, Inc. License: RSA-MD5 Files: debian/* Copyright: 2026 Nadzeya Hutsko <nadzya.info@gmail.com> License: GPL-2+ License: GPL-2+ This package is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation; either version 2 of the License, or (at your option) any later version. . This package is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details. . You should have received a copy of the GNU General Public License along with this program. If not, see <https://www.gnu.org/licenses/>. . On Debian systems, the complete text of the GNU General Public License version 2 can be found in "/usr/share/common-licenses/GPL-2". License: RSA-MD5 License to copy and use this software is granted provided that it is identified as the "RSA Data Security, Inc. MD5 Message-Digest Algorithm" in all material mentioning or referencing this software or this function. . License is also granted to make and use derivative works provided that such works are identified as "derived from the RSA Data Security, Inc. MD5 Message-Digest Algorithm" in all material mentioning or referencing the derived work. . RSA Data Security, Inc. makes no representations concerning either the merchantability of this software or the suitability of this software for any particular purpose. It is provided "as is" without express or implied warranty of any kind. . These notices must be retained in any copies of any part of this documentation and/or software.
Review Information
rejected — allocated to siretart 17 days ago, started 17 days ago, completed 17 days ago.
Final Comment
Thanks for your diligence while working on this package. I've had a
look through the source, and while it's mostly there, I have to reject
it for now because there are several discrepancies between the file
headers and the claims in debian/copyright.
Specifically, several files are licensed under the GPL-2 only, but are
currently documented as GPL-2+ (version 2 or later). For example:
- broadcom_xstrata/bcmexp.c: L7 says "Released under GPLv2"
- broadcom_xstrata/stp.soc: L2 says "Released under GPLv2"
- broadcom_xstrata/knet.soc: L2 says "Released under GPLv2"
This also applies to broadcom_xstrata/etc-init.d-stp.sh, which lacks an
explicit license grant but is presumably intended to be GPL-2 like its
neighbors. You'll need to ensure Phybridge Inc is correctly credited for
this file under the appropriate GPL-2 stanza.
Additionally, list.h contains a note stating it was "grubbed from linux
kernel source code". Since the Linux kernel is licensed under GPL-2
only, this header should also be treated as GPL-2 only rather than the
GPL-2+ listed in debian/copyright.
The broadcom_xstrata/* stanza in debian/copyright is also a bit too
broad, as it includes broadcom_xstrata/driver_deps.c, which actually is
licensed as GPL-2+ (L7: "version 2 of the License, or (at your option)
any later version"). You'll need to split these out into separate
stanzas to accurately reflect the "or later" status of each file.
Please update debian/copyright to match these findings and re-upload.
-rt
Other Reviews of this Package
| Version | Hash | Allocated | Completed | Reviewer | Status | Details |
|---|---|---|---|---|---|---|
| 0.2.0-1 | dc443a41… | 2026-05-14 21:57 | 2026-05-15 12:58 | siretart | rejected | VIEW |
| 0.2.0-1 | 25d5b3cc… | 2026-05-25 23:54 | 2026-05-26 00:28 | siretart | accepted | VIEW |
Public Notes
Search for authors
Command: ag -i 'copyright .* (by|rights|reserved)[. ]' | sed -e 's/^.*Copyright //i' -e 's/\(20\|19\)[0-9][0-9][, -]*//g' -e 's/[., ]*ALL RIGHTS RESERVED.*$//i' | sort -i | uniq -i
Exit code: 0
(C) by Phybridge Inc
(C) by Vladimir Cotfas <unix_router@yahoo.com>
Missed Author Check
Command: dnq author-check -prepare
Exit code: 0
Author check: scanned 56 files.
Result: ALL SOURCE AUTHORS LISTED IN debian/copyright