[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [GNU-linux-libre] [gnu.org #1927317] Uruk GNU/LINUX
|
From: |
Denis 'GNUtoo' Carikli |
|
Subject: |
Re: [GNU-linux-libre] [gnu.org #1927317] Uruk GNU/LINUX |
|
Date: |
Mon, 13 Mar 2023 01:20:45 +0100 |
On Sun, 12 Mar 2023 11:32:22 -0400
"Therese Godefroy via RT" <webmasters-comment@gnu.org> wrote:
> If the FSF doesn't have the manpower to do the endorsement, I think
> it should change the procedure. The current workflow only serves to
> demotivate the gnu-linux-libre people. They probably know more about
> distros than anybody in the Licensing team, and I don't understand
> why they are not in charge of endorsement as well as evaluation.
There could also be not enough time to do the review, combined with the
requirement to have a high quality review.
In that case the only solution I see would be to make it much much
easier to verify if a distribution is compliant. And in general doing
that would probably accelerate review, empower users and contributors
of FSDG distributions, etc.
For instance if people really want distro A to be certified, if they
work hard to make it super easy and fast to audit that distribution,
and that an FSF employee can verify the information in less than 1
hour of work for instance, then it would probably be easier to somehow
get this situation unblocked.
And in that case anybody could also verify that information, including
for instance the GNU webmaster, people on this mailing list, etc.
This could also help find and fix bugs in existing FSDG compliant
distributions. It could also provide the basis for automatic tests to
find issues in existing distributions for instance.
Right now we have:
- Some information about GNU/Linux FSDG distributions that is parsable
like the Parabola blacklist[1]. It might also be possible to write
scripts for Parabola, Hyperbola, Guix, and probably other
distributions as well to retrieve information from their package
definition. That would be more complicated for Replicant though.
- Some information about the distributions policies is in the
Libreplanet wiki[2], as well as information on third party
repositories[3] and programs that don't respect the FSDG[4] (and that
usually need to be fixed in new distros).
- Some information about licensing in the Free software directory.
Wikidata already has ways to link most of that data together. For
instance we can refer to Guix[5] and Parabola packages[6].
Though what to store in Wikidata and how much would probably need to be
found out. The Wikidata project also has rules on what can and can't be
stored there. There is also the possibility of having the
information in some database that can be packaged instead, like
osinfo-db (which might need fixing in some FSDG distros).
With all that it might be possible to have code that do tedious and
repetitive task of analyzing package data and doing automated
verification for instance.
And if the code is well written, it would be very easy to audit it. And
an auditor would then only do the few things that are left to be done
manually (like maybe checking the website, the documentation, the
installer, etc).
References:
-----------
[1]https://git.parabola.nu/blacklist.git/tree/blacklist.txt
[2]https://libreplanet.org/wiki/Group:Software/FSDG_distributions
[3]https://libreplanet.org/wiki/Group:Software/research/ExternalRepositories
[4]https://libreplanet.org/wiki/List_of_software_that_does_not_respect_the_Free_System_Distribution_Guidelines
[5]https://www.wikidata.org/wiki/Property:P6765
[6]https://www.wikidata.org/wiki/Property:P9065
Denis.
pgpfvhEIX9DFV.pgp
Description: OpenPGP digital signature