[Dev] [Votation] Package freedom guidelines, what to do next

Nicolás Reynolds fauno at kiwwwi.com.ar
Mon Dec 24 22:01:51 GMT 2012


Michał Masłowski <mtjm at mtjm.eu> writes:

> Hello.  We have discussed some changes in the thread of [0], this
> message lists what we could do to implement them.
>
> Please vote and comment on the draft guidelines, they need some
> improvements.
>
> [0] https://lists.parabolagnulinux.org/pipermail/dev/2012-November/000974.html
>
> Package freedom guidelines wiki page draft
> ==========================================
>
> These guidelines document our interpretation of what software should not
> be included in the distribution according to the
> [[Parabola/GNU_Linux_Social_Contract]] and how the included software
> should be provided.
>
> Not all software that complies with these guidelines should be included
> in Parabola.  Good reasons for inclusion are the package being included
> in Arch or being useful for you.

i don't understand the wording, not all the software that complies with
*our guidelines* should be included? is something wrong with our
guidelines then? :P

> == All nontrivial works in binary packages are free software, free
> cultural works or GNU FDL-licensed documentation ==
>
> All nontrivial non-license works should be
> [https://www.gnu.org/philosophy/free-sw.html free software] or
> [http://freedomdefined.org/Definition free cultural works] unless they
> are correctly GNU FDL-licensed documentation ("correctly" implies that
> e.g. a manual that consists only of invariant sections isn't accepted).
>
> == PKGBUILDs do not fetch nonfree sources ==
>
> Use SRCBUILDs to make free source archives.  Do not remove nonfree files
> in <code>build()</code>, removing recommendation of nonfree software is
> acceptable.
>
> == PKGBUILD repositories are free ==
>
> Do not include patches containing nontrivial nonfree files (use
> <code>rm</code> in SRCBUILDs to remove them).
>
> == Incompatible PKGBUILDs/source packages are blacklisted ==
>
> No included PKGBUILD should provide a package incompatible with these
> guidelines.  Some in non-current revisions of the repositories might do
> this, these revisions are known to be unsupported and not recommended
> for use.
>
> All blacklist changes are discussed on the
> dev at lists.parabolagnulinux.org list before being committed.  Unless it's
> obvious (not only for the original reporter) that the package won't be
> free, an issue report should be left open for it until the problem is
> fixed and the package is unblacklisted or it's known that no useful free
> work can be based on parts of the package.

i think we should include "discuss on gnu-linux-libre" and "contact
upstream" provisions here too.

> == Sources for all packages are provided by the repo server ==
>
> Having only the PKGBUILD repositories, all binary packages, a source
> archive downloaded from the server and no network access it should be
> possible to build practically the same binary package as provided by
> us.
>
> Issues to decide
> ================
>
> - building packages from sources
>
>   I don't want to change this in TeXLive-related packages, they often
>   just provide binaries and difficult to build sources for
>   non-arch-specific things.

so the texlive distribution is non reproducible? i think we should
consider this a bug then... how do other distros build texlive?

> - the FDL exception
>
>   Is there a better way to express our support for free culture without
>   including too many nonfree works?
>
>   Are there non-FDL-licensed nonfree works that we want to include?
>
>   Or maybe instead we should have an exception for GNU packages?  GNU
>   Emacs includes many separate nonfree works of opinion.  Most nonfree
>   FDL manuals that I know about are of GNU packages with GNU cover texts
>   making them nonfree.

i can hear some troll calling us hyppocrites here :P

i think fdl-licensed manuals and such can be problematic but it's not
the same as, for instance, cc-licensed works that are all or nothing.

> - recommend SRCBUILDs or another similar solution?
>
> - rewrite histories of our PKGBUILD repositories to not include nonfree files

rewriting history makes me feel in 1984. i consider all commits previous
to HEAD as bugs.

> Blacklist of source packages
> ============================
>
> The aim is to rewrite blacklist.txt to list source packages and have the
> binary packages to remove automatically found by dbscripts.

db-sync does this automatically with a simple "fetch everything free
From arch, remove the rest" (that also makes it self-healing, it's been
more than a year without repo breakages), is there a problem with the
current approach?

> - write scripts for two-side conversion; should PKGBUILDs be sourced on
>   repo (potential security issues)?
>
> - verify that bin-to-source < blacklist.txt | source-to-bin gives the
>   same file: blacklist more packages, write more replacements
>
> - run bin-to-source on the blacklist and commit it
>
> - change all wiki pages mentioning it
>
> - close relevant bugs if there are any
>
> We could do the recfile blacklist rewrite after this change is done.
>
> Deprecate rePKGBUILD
> ====================
>
> Remove their mentions from the wiki, remove the scripts from libretools
> if no one has non-Parabola uses for them.

what's the reason for this?

>
> Check all libre packages for nonfree software in abslibre or sources
> ====================================================================
>
> They already remove it from binary packages, so this should be easy to
> check.

i don't understand this part

>
> Make sources of all packages available
> ======================================
>
> - have a script fetching them with errors posted to the list

there's one such script on dbscripts

>
> - check the completeness of sources listed on repo
>
> - have scripts to fetch these sources from repo instead of ones listed
>   in PKGBUILDs
>
> Report and fix related bugs
> ===========================
>
> I'll report and implement some of features needed for these changes
> if you support it.
>
> I'll consider the voting and discussion finished not before 2013/01/07.

i'm ok with the rest, but please tell us in which way we can help

-- 
.oO)
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 489 bytes
Desc: not available
URL: <https://lists.parabola.nu/pipermail/dev/attachments/20121224/b7d4742e/attachment.sig>


More information about the Dev mailing list