1 |
On Thu, 2020-04-30 at 23:11 -0700, Alec Warner wrote: |
2 |
> Consider a case where we have a piece of software and its open source. The |
3 |
> open source software has various plugins, some of which look useful and we |
4 |
> may wish to deploy them for Gentoo. However, we must consider the social |
5 |
> contract, hence this discussion. |
6 |
|
7 |
First of all, I don't think this should be really about whether we can |
8 |
bend the social contract to find X acceptable but whether the particular |
9 |
case meets the rationale behind using FLOSS. |
10 |
|
11 |
> Can we use the plugins if: |
12 |
> (1) They are closed source (e.g. upstream provides binaries only with a |
13 |
> restricted non-free license.) |
14 |
|
15 |
No. That would mean we're fully dependent on upstream providing up-to- |
16 |
date and working binaries. If upstream decides to cease providing them |
17 |
or simply disappears, we're stuck with software that can become broken |
18 |
at any point and we couldn't fix it. |
19 |
|
20 |
> (2) They are free software (e.g. FSF / OSI approved license) but they cost |
21 |
> money. |
22 |
|
23 |
Presuming they're really free software, i.e. unlike grsecurity upstream |
24 |
does actually permit redistributing it, I suppose that's acceptable. |
25 |
However, I'd find it a bit weird to pay for something if it can be |
26 |
redistributed for free. |
27 |
|
28 |
Of course, if we're talking about making donation to upstream or funding |
29 |
a bounty for software we need, that's another thing. |
30 |
|
31 |
> (b) A subset, its free software and it costs money but it is free for |
32 |
> open source communities to use. |
33 |
|
34 |
Same as above. Though I can't imagine why anyone would create such |
35 |
a thing as it basically means the first 'open source community' to get |
36 |
it would be able to redistribute it without limitations. |
37 |
|
38 |
> (3) They are open source, but not free (e.g. they have some kind of open |
39 |
> license but are not FSF / OSI approved.) |
40 |
|
41 |
If the license permits us to use, modify and redistribute it without |
42 |
limitations, I don't see a problem with it. |
43 |
|
44 |
> (4) They are open source (and free), but we have chosen to use the built |
45 |
> plugins (rather than building from source) for the sake of time and |
46 |
> convenience. |
47 |
> |
48 |
|
49 |
I think it's acceptable but not preferable. The key point here would be |
50 |
that if we ever had to patch it, we'd suddenly have to jump through |
51 |
a bunch of hoops. |
52 |
|
53 |
|
54 |
Overall, I think the key point is maintainability here. Whenever we use |
55 |
proprietary software, we're on upstream's mercy. On the other hand, |
56 |
if we use free software, we can tailor it to our needs and maintain it |
57 |
with help of our community if upstream ceases to do so. |
58 |
|
59 |
However, I suppose this discussion could bring better answers if you |
60 |
were more specific. Otherwise, one wonders whether you have some |
61 |
disagreeable idea in mind and are asking generic questions to justify it |
62 |
without having people get emotional about specifics. |
63 |
|
64 |
There's of course the part about 'needed' vs 'used without needing' |
65 |
but I don't think we ought to use it without good justification |
66 |
and some reasonable FLOSS alternative. |
67 |
|
68 |
Finally, there are edge cases like WordPress. It's apparently open |
69 |
source but it's completely unusable without a proprietary anti-spam |
70 |
plugin that sends your data to a third party. |
71 |
|
72 |
-- |
73 |
Best regards, |
74 |
Michał Górny |