| 1 |
On 1/26/19 10:04 PM, Kristian Fiskerstrand wrote: |
| 2 |
> I would like to point the community at the following bug |
| 3 |
> https://bugs.gentoo.org/676248: |
| 4 |
> Bug 676248 - non-free licenses are accepted without user prompt |
| 5 |
> |
| 6 |
> In summary the question is whether non-free licenses should be accepted |
| 7 |
> by default in Gentoo. today only licenses requiring EULA are not |
| 8 |
> accepted by default. So this is a good opportunity to discuss whether we |
| 9 |
> should deviate substantially from other distros like Debian. |
| 10 |
> |
| 11 |
> My personal opinion is we should have a default accepting FSF and OSI |
| 12 |
> approved free/libre licenses and require acceptance for anything else |
| 13 |
> though package.license / ACCEPT_LICENSE. Since we have this model |
| 14 |
> already we don't need a separate repository like debian does for its |
| 15 |
> binary packages, so any change has relatively minor impact on our users |
| 16 |
> as long as it is presented properly and with a proper timeline. |
| 17 |
> |
| 18 |
|
| 19 |
This topic has been discussed from time to time, including in 2013 in |
| 20 |
https://archives.gentoo.org/gentoo-project/message/b36af97cdf6172217974a3afb30475bd |
| 21 |
. However, context change and 6 years is likely enough time to permit a |
| 22 |
new discussion. |
| 23 |
|
| 24 |
What constitute free software is a broad discussion, so for the context |
| 25 |
of these discussions I recommend we keep to the FSF and OSI definitions. |
| 26 |
These definitions protects the user's rights to copy/modify/use the |
| 27 |
application without repercussions, and that is exactly why it should be |
| 28 |
the default license. |
| 29 |
|
| 30 |
As soon as a user start using a non-free license the user needs to |
| 31 |
make judgments on how it will impact on further choice, and likely need |
| 32 |
to consult a lawyer for practicality if using it in any commercial context. |
| 33 |
|
| 34 |
In particular in a scenario where the license change unexpectedly this |
| 35 |
can be an interesting twist, as seen with MongoDB. To quote |
| 36 |
|
| 37 |
http://lists.opensource.org/pipermail/license-review_lists.opensource.org/2018-October/003739.html |
| 38 |
: |
| 39 |
"Developers don’t always pay attention and given they have stated any |
| 40 |
updates to older versions moving forward are SSPL a developer just |
| 41 |
grabbing a security update suddenly means you’re not under AGPL anymore |
| 42 |
but SSPL." |
| 43 |
|
| 44 |
The consequences for a user arise when using non-free licenses, so the |
| 45 |
default should be to allow free licenses by default. |
| 46 |
|
| 47 |
A more puritan approach could be to not provide any approved license at |
| 48 |
all, but the Gentoo Social contract says "Gentoo is and will remain free |
| 49 |
software", which makes @FREE the natural choice. |
| 50 |
|
| 51 |
Most of the issues from the previous discussions have been solved by |
| 52 |
now, increasing the value of re-opening the discussion, and the |
| 53 |
user-impact is minimal for setting a default of @FREE given proper |
| 54 |
documentation in the handbook. |
| 55 |
|
| 56 |
|
| 57 |
-- |
| 58 |
Kristian Fiskerstrand |
| 59 |
OpenPGP keyblock reachable at hkp://pool.sks-keyservers.net |
| 60 |
fpr:94CB AFDD 3034 5109 5618 35AA 0B7F 8B60 E3ED FAE3 |
Archives