libreplanet-discuss
[Top][All Lists]
Advanced

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [libreplanet-discuss] Libre Quarantine Policy


From: Ian Kelling
Subject: Re: [libreplanet-discuss] Libre Quarantine Policy
Date: Tue, 09 May 2017 13:01:10 -0700
User-agent: mu4e 0.9.19; emacs 26.0.50

Nicolás A. Ortega <address@hidden> writes:

> I've had this discussion in the Parabola Dev mailing list before,
> however it did not gain much attention (due to a bunch of factors that
> were going on at the time) and I also believe this is something that
> would be more effective if done by a larger community such as this one,
> where many of us are the same people involved in these Libre GNU/Linux
> distros.
>
> During the huge debate there was over Chromium and whether or not it is
> free, and Qt5 Webengine falling along with it, I was disturbed to see a
> few issues with the entire ordeal. Firstly: information was not being
> concentrated in a central location where everyone could see it, instead
> you had to read through tens of e-mails from the mailing lists (Parabola
> ones alone, I bet it would be hundreds if we're talking about other
> communities as well) just to start to find what people are talking
> about; secondly: there was hardly anyone looking into the validity of
> these claims, but rather people immediately started to think about how
> to deal with programs that depended on Chromium (like qt5-webengine)
> despite there being no concrete evidence of any sort; thirdly: the
> entire process has been going on for *way* too long, and certain
> essential packages (like qt5-webengine) are still on blacklists with no
> evidence incriminating them. Therefore, some time ago, on the Parabola
> Dev mailing list, I proposed a Quarantine Policy that could be put in
> place to make sure this kind of thing doesn't happen. It would be nice
> to see this done by all libre projects together collectively. So I will
> post in this e-mail a draft I came up with way back when:
>
> 1. When a package is suspected of being non-free in any way or form some
> superficial evidence should be provided, if not then the suspicion
> should be lifted as there is not even the most minimal amount of
> evidence. If there is, then we continue.
>
> 2. The packages in question should be put under quarantine. That is,
> temporarily removed from the repos of our libre distros. At this point
> an entry on some wiki (or even an etherpad) should be made where
> *absolutely all evidence* should be posted. What's more, only evidence
> posted in this place should be considered in order to encourage its use.
>
> 3. If after X amount of time (I think a month should do) no concrete
> evidence has been found (that is, pointing to the actual files/code or
> part of the project that is non-free where absolutely everyone can see
> it for themselves without a need to rely on other people's judgement)
> then the package should be removed from quarantine. If concrete evidence
> has at any point been found then it should be kept blacklisted and
> upstream should be notified of the problem *immediately*.
>
> 4. If the package has been released from quarantine and new evidence
> arises then we move back to step 1. If this reoccurs several times then
> it may be necessary to increase the amount of time in quarantine.
>
> Changes to this process are welcome, but I don't like seeing things
> being blacklisted for absolutely no reason, and I don't like that we're
> all running around like headless chickens on this kind of issue. We need
> to be organized, and organization among large groups will require some
> kind of policy.


I think is up to each distro to decide if they want a policy like this
and what it is. I wouldn't choose this one; fsf affords the free distros
the leeway to make mistakes with respect to licensing as long as they
promptly correct them and I think the distros can afford the same leeway
to upstream developers if the circumstance calls for it.

It sounds like a comprehensive summary needs to be made for
qt5-webengine. Again, it's up to the distros on whether to mandate a
place for this or not. Some people will be more comfortable using a
mailing list. If you want to use a wiki, the talk page of an entry on
the free software directory is a good place I have used it in the past
to document licensing issues.

--
Ian Kelling
https://iankelling.org



reply via email to

[Prev in Thread] Current Thread [Next in Thread]