[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [GNU-linux-libre] Good practices for removing nonfree code found in
|
From: |
bill-auger |
|
Subject: |
Re: [GNU-linux-libre] Good practices for removing nonfree code found in source code. |
|
Date: |
Sat, 2 Oct 2021 11:15:01 -0400 |
On Sat, 2 Oct 2021 00:50:50 +0200 Denis wrote:
> - Can I simply do some rm -rf inside the package definition to remove
> these files? In that case the nonfree code might still be present in
> the source code shipped alongside the package.
>
> - What about git repositories, like with Replicant? Is it OK if I just
> add commits to remove the nonfree code that has been found? Or should
> the full history be rewritten somehow?
there is surely no doubt what the short answer is to either of
those questions - FSDG distros must not distribute non-free
software, period - if the distro publishes VCS sources which
contain non-free software, in any usable form, the non-free bits
should be purged
parabola handles the first scenario with the mksource mechanism
- the second scenario, i consider to be rather contrived, and
need not affect conventional distros - it is rather
peculiar/unconventional for all distro sources to exist only in
the form of VCS - the upstream VCS history has no significance to
users, nor to the distro's packagers - so i would consider that
dilemma/chore (purging the VCS history), as artificial, and
self-imposed unnecessarily - users should never need to see "how
the sausage is made", unless they choose to "get their hands
dirty"; and the FSDG requires neither
it seems like a flawed design decision to entangle the VCS with
the build process, or to store them at all - source-balls can be
generated easily and consume much less disk space - its kinda a
"no-brainer" IMHO - the only reason i can imagine why to store
some upstream VCS, would be if it requires very intrusive
librefication treatments - doing so, is essentially maintaining
a soft-fork of every such upstream project - in that case, it
would be perfectly reasonable to re-write the VCS history by
splitting the libre changes, and squashing them down as far as
necessary, until they cancel the introduction of the non-free
bits - if not done in that way, it is equivalent to maintaining a
patch-set; but keeping the upstream sources ("warts and all")
anyways - of course, those patches (or VCS commits) may actually
represent the non-free bits which they remove, in the form of the
red (minus '-') diff lines; so it seems to me, that the only
solution is to publish pre-cleaned sources exclusively
luckily, this relates to only a relatively small subset of
a distro's software - maybe it is more imperative for replicant,
to maintain a soft-fork of _every_ upstream project; but as i
noted in the mksource discussions, for parabola and other
traditional *nix distros, it is, in practice, only a tiny
percentage of upstream sources which actually contain _any_
non-free code - the overwhelming majority of changes which
parabola makes, are FSDG treatments (beyond the four freedoms)
to otherwise completely libre sources
On Sat, 2 Oct 2021 00:50:50 +0200 Denis wrote:
> - What do various distribution do for former releases when nonfree code
> has been found? Do they archive it somewhere else (like on
> archive.org) and stop distributing these releases?
it a very good question - i can not recall anyone discussing
this in the past, and i am not aware of any instance where this
has occurred for parabola; so i do not have a general response
ready - it is possible though, that some examples could be found
in every distro, if someone were to dig deep enough to identify
them
unfortunately, the question opens a "can of worms" WRT the GPL -
distributors of GPL software are required to offer complete
corresponding source code for _any_ distributed binaries - if
one of those distributed binaries were later found to be built
from sources which contained non-free bits, wouldn't the
distributor still be obligated to keep and offer the sources? -
its a tricky question, because its not obvious if the GPL was
ever legit for that program in the first place - it is further
complicated by the vagueness of the FSDG in that regard - i
think this question boils down to:
* is it acceptable for source to contain non-free bits,
as long as a liberation recipe is provided? (or if the
non-free bits are buried under a stack of VCS commits)
* is it acceptable for source to satisfy all four freedoms, but
contain bits which are not FWSDG-fit?
* or, should all sources be strictly and entirely FSDG-fit?
as with the first two questions, i think the FSDG is
sufficiently clear (at least in essence) that any sources, which
are noticed to be non-free, should be deleted from the
public-facing repos; and perhaps retained privately, in case
anyone requests them
- [GNU-linux-libre] Good practices for removing nonfree code found in source code., Denis 'GNUtoo' Carikli, 2021/10/01
- Re: [GNU-linux-libre] Good practices for removing nonfree code found in source code.,
bill-auger <=
- Re: [GNU-linux-libre] Good practices for removing nonfree code found in source code., Jean Louis, 2021/10/02
- Re: [GNU-linux-libre] Good practices for removing nonfree code found in source code., Denis 'GNUtoo' Carikli, 2021/10/03
- Re: [GNU-linux-libre] Good practices for removing nonfree code found in source code., bill-auger, 2021/10/04
- Re: [GNU-linux-libre] Good practices for removing nonfree code found in source code., Jean Louis, 2021/10/05
- Re: [GNU-linux-libre] Good practices for removing nonfree code found in source code., Denis 'GNUtoo' Carikli, 2021/10/05
- Re: [GNU-linux-libre] Good practices for removing nonfree code found in source code., Jean Louis, 2021/10/05
- Re: [GNU-linux-libre] Good practices for removing nonfree code found in source code., Denis 'GNUtoo' Carikli, 2021/10/06
- Re: [GNU-linux-libre] Good practices for removing nonfree code found in source code., Jean Louis, 2021/10/06
- Re: [GNU-linux-libre] Good practices for removing nonfree code found in source code., Denis 'GNUtoo' Carikli, 2021/10/06