Gentoo Archives: gentoo-project

From: Kristian Fiskerstrand <k_f@g.o>
To: gentoo-project <gentoo-project@l.g.o>
Subject: [gentoo-project] Re: What should the default acceptable licenses be?
Date: Tue, 05 Feb 2019 23:49:50
Message-Id: 18f615b4-dfd4-f0db-a5c4-93c97e7dcbb6@gentoo.org
In Reply to: [gentoo-project] What should the default acceptable licenses be? by Kristian Fiskerstrand
On 1/26/19 10:04 PM, Kristian Fiskerstrand wrote:
> I would like to point the community at the following bug > https://bugs.gentoo.org/676248: > Bug 676248 - non-free licenses are accepted without user prompt > > In summary the question is whether non-free licenses should be accepted > by default in Gentoo. today only licenses requiring EULA are not > accepted by default. So this is a good opportunity to discuss whether we > should deviate substantially from other distros like Debian. > > My personal opinion is we should have a default accepting FSF and OSI > approved free/libre licenses and require acceptance for anything else > though package.license / ACCEPT_LICENSE. Since we have this model > already we don't need a separate repository like debian does for its > binary packages, so any change has relatively minor impact on our users > as long as it is presented properly and with a proper timeline. >
This topic has been discussed from time to time, including in 2013 in https://archives.gentoo.org/gentoo-project/message/b36af97cdf6172217974a3afb30475bd . However, context change and 6 years is likely enough time to permit a new discussion. What constitute free software is a broad discussion, so for the context of these discussions I recommend we keep to the FSF and OSI definitions. These definitions protects the user's rights to copy/modify/use the application without repercussions, and that is exactly why it should be the default license. As soon as a user start using a non-free license the user needs to make judgments on how it will impact on further choice, and likely need to consult a lawyer for practicality if using it in any commercial context. In particular in a scenario where the license change unexpectedly this can be an interesting twist, as seen with MongoDB. To quote http://lists.opensource.org/pipermail/license-review_lists.opensource.org/2018-October/003739.html : "Developers don’t always pay attention and given they have stated any updates to older versions moving forward are SSPL a developer just grabbing a security update suddenly means you’re not under AGPL anymore but SSPL." The consequences for a user arise when using non-free licenses, so the default should be to allow free licenses by default. A more puritan approach could be to not provide any approved license at all, but the Gentoo Social contract says "Gentoo is and will remain free software", which makes @FREE the natural choice. Most of the issues from the previous discussions have been solved by now, increasing the value of re-opening the discussion, and the user-impact is minimal for setting a default of @FREE given proper documentation in the handbook. -- Kristian Fiskerstrand OpenPGP keyblock reachable at hkp://pool.sks-keyservers.net fpr:94CB AFDD 3034 5109 5618 35AA 0B7F 8B60 E3ED FAE3

Attachments

File name MIME type
signature.asc application/pgp-signature

Replies