[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [libreplanet-discuss] Libre Quarantine Policy
|
From: |
Nicolás Ortega Froysa |
|
Subject: |
Re: [libreplanet-discuss] Libre Quarantine Policy |
|
Date: |
Wed, 10 May 2017 10:56:05 +0200 |
|
User-agent: |
Mutt |
On Tue, May 09, 2017 at 01:01:10PM -0700, Ian Kelling wrote:
>
> Nicolás A. Ortega <deathsbreed@themusicinnoise.net> writes:
>
> > I've had this discussion in the Parabola Dev mailing list before,
> > however it did not gain much attention (due to a bunch of factors that
> > were going on at the time) and I also believe this is something that
> > would be more effective if done by a larger community such as this one,
> > where many of us are the same people involved in these Libre GNU/Linux
> > distros.
> >
> > During the huge debate there was over Chromium and whether or not it is
> > free, and Qt5 Webengine falling along with it, I was disturbed to see a
> > few issues with the entire ordeal. Firstly: information was not being
> > concentrated in a central location where everyone could see it, instead
> > you had to read through tens of e-mails from the mailing lists (Parabola
> > ones alone, I bet it would be hundreds if we're talking about other
> > communities as well) just to start to find what people are talking
> > about; secondly: there was hardly anyone looking into the validity of
> > these claims, but rather people immediately started to think about how
> > to deal with programs that depended on Chromium (like qt5-webengine)
> > despite there being no concrete evidence of any sort; thirdly: the
> > entire process has been going on for *way* too long, and certain
> > essential packages (like qt5-webengine) are still on blacklists with no
> > evidence incriminating them. Therefore, some time ago, on the Parabola
> > Dev mailing list, I proposed a Quarantine Policy that could be put in
> > place to make sure this kind of thing doesn't happen. It would be nice
> > to see this done by all libre projects together collectively. So I will
> > post in this e-mail a draft I came up with way back when:
> >
> > 1. When a package is suspected of being non-free in any way or form some
> > superficial evidence should be provided, if not then the suspicion
> > should be lifted as there is not even the most minimal amount of
> > evidence. If there is, then we continue.
> >
> > 2. The packages in question should be put under quarantine. That is,
> > temporarily removed from the repos of our libre distros. At this point
> > an entry on some wiki (or even an etherpad) should be made where
> > *absolutely all evidence* should be posted. What's more, only evidence
> > posted in this place should be considered in order to encourage its use.
> >
> > 3. If after X amount of time (I think a month should do) no concrete
> > evidence has been found (that is, pointing to the actual files/code or
> > part of the project that is non-free where absolutely everyone can see
> > it for themselves without a need to rely on other people's judgement)
> > then the package should be removed from quarantine. If concrete evidence
> > has at any point been found then it should be kept blacklisted and
> > upstream should be notified of the problem *immediately*.
> >
> > 4. If the package has been released from quarantine and new evidence
> > arises then we move back to step 1. If this reoccurs several times then
> > it may be necessary to increase the amount of time in quarantine.
> >
> > Changes to this process are welcome, but I don't like seeing things
> > being blacklisted for absolutely no reason, and I don't like that we're
> > all running around like headless chickens on this kind of issue. We need
> > to be organized, and organization among large groups will require some
> > kind of policy.
>
>
> I think is up to each distro to decide if they want a policy like this
> and what it is. I wouldn't choose this one; fsf affords the free distros
> the leeway to make mistakes with respect to licensing as long as they
> promptly correct them and I think the distros can afford the same leeway
> to upstream developers if the circumstance calls for it.
>
> It sounds like a comprehensive summary needs to be made for
> qt5-webengine. Again, it's up to the distros on whether to mandate a
> place for this or not. Some people will be more comfortable using a
> mailing list. If you want to use a wiki, the talk page of an entry on
> the free software directory is a good place I have used it in the past
> to document licensing issues.
>
I suppose the 'Quarantine' part of it is a bit more Parabola specific,
probably should've set that aside. In general what I thought would be
more important as a collaborative effort is actually looking into these
licensing issues. All libre distros are affected when a package is
labelled as non-free, and although you are right that it should be up to
each one how they handle the package itself, I would say that the
situation it creates is much larger, and having more eyes from multiple
distros would most definitely help than each of us redoing the same
work. It's a question of efficiency, in my opinion.
--
Nicolás Ortega Froysa (Deathsbreed)
https://themusicinnoise.net/
http://uk7ewohr7xpjuaca.onion/
Public PGP Key:
https://themusicinnoise.net/deathsbreed@themusicinnoise.net_pub.asc
http://uk7ewohr7xpjuaca.onion/deathsbreed@themusicinnoise.net_pub.asc
signature.asc
Description: PGP signature