1 |
On Tue, 07 Apr 2020 14:44:04 +0100 |
2 |
Roy Bamford <neddyseagoon@g.o> wrote: |
3 |
|
4 |
> Gentoo must not single out any package for special treatment. |
5 |
|
6 |
Indeed. Cases like this just demonstrate that something about the way |
7 |
we do things is somehow inadequate. |
8 |
|
9 |
The idea that "what we have works" is something we get away with, |
10 |
because people just exclude the things that would break things. |
11 |
|
12 |
Sometimes you just need some case like this to make an example of us. |
13 |
|
14 |
Like happened with Rust: |
15 |
|
16 |
- It took a while and a bunch of legal threats for them to publish a |
17 |
GDPR compliance privacy notice. |
18 |
- They (crates.io) still haven't made a clear definition of what legal |
19 |
conditions apply and what may or may not be uploaded (Some people are |
20 |
presently testing those waters by publishing code with copyright |
21 |
notices and "no distribution" clauses, in the hope they can get their |
22 |
ass into gear and make it clear ) |
23 |
|
24 |
And I've seen people "test the system" for CPAN too. |
25 |
|
26 |
Its clear we need *something* in place, but I doubt that "something" is |
27 |
something that can be achieved in an appropriate way with the way our |
28 |
tooling currently works. |
29 |
|
30 |
( In that, its basically an all-or-nothing scenario for the most part, |
31 |
where finer grained and policy-based exlusions, like ACCEPT_LICENSE, |
32 |
make sense to employ ) |