[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [GNU-linux-libre] review of uruk
|
From: |
Denis 'GNUtoo' Carikli |
|
Subject: |
Re: [GNU-linux-libre] review of uruk |
|
Date: |
Tue, 11 Apr 2023 03:48:58 +0200 |
On Mon, 3 Apr 2023 00:28:28 -0400
bill-auger <bill-auger@peers.community> wrote:
> On Mon, 3 Apr 2023 04:26:54 +0200 Denis wrote:
> > And as you pointed in another mail, that's already covered as in an
> > "actively maintained" criteria.
>
> a bit too vaguely though, to capture this "action-ability"
> concern - uruk would pass most of the criteria transitively
> via pureos, including "actively maintained"; but it is
> maintained by another distro, so not "actionable" by the uruk
> maintainers
If the goal is to respect the FSDG, users can also report to PureOS
directly.
> the FSDG only requires that distros are willing to address
> freedom bugs - it does not explicitly say that they must be
> _able_ to - presumably, that "action-ability" was taken for
> granted (not specified, because it was assumed to always be the
> case); but in the case of a supplemental spin-off, it is not the
> case - such distros can only manage the supplemental packages
I think that the section about that is here:
> Most distribution development teams don't have the resources to
> exhaustively check that their distribution meet all these criteria.
> Neither do we. So we expect distros to occasionally contain mistakes:
> nonfree software that slipped through, etc. We don't reject a
> distribution over mistakes. Our requirement is for the distribution
> developers to have a firm commitment to promptly correct any mistakes
> that are reported to them.
But distributions probably cannot have firm commitment to correct
mistakes if they are knowingly setup specifically to not be able to
correct these mistakes.
Though they could also make mistake about their infrastructure, setup,
dependencies and so on and accidentally get in a situation where they
cannot easily fix things.
Parabola is in this situation with the licenses of the packages
definition that isn't very clear. So depending on the authors, the
specific packages definitions, and maybe the licenses of the packages
depending on how you interpret the GPL(v2/3?), it could be considered
nonfree, non-copyrightable or under free licenses (a minority of
packages definitions have licenses).
Replicant also got in a situation like that because at some point it
depended on Debian main instead of FSDG approved distributions (I've
spent a lot of time trying various approaches to fix that but it's not
easy, so help would be welcome there). We'd also need help to review
the repositories licenses as some nonfree source code can more easily
slip in Replicant than in distributions that have package definitions.
This text also seems to work with the situation where there is just too
much packages to fix (for instance with third party package managers
that slip in everywhere): the "firm commitment" can work if the
distribution start addressing the problem.
Denis.
pgp3CbRPCt7u2.pgp
Description: OpenPGP digital signature