On Tue, Feb 25, 2020 14:41:34 -0500, Matthew Miller wrote: > On Mon, Feb 24, 2020 at 10:35:08AM +0000, Ankur Sinha wrote: > > > One thing that comes to my mind with this proposal is that we still need > > > some way to vet licenses. Today, this is done via the package review > > > process, and in my mind is the primary purpose of package review. If we > > > started having upstream compatible registries, I suppose we could introduce > > > a review process for adding packages to the registries to solve this > > > concern. > > Vetting of licenses is only one aspect of the review but not its sole > > purpose. Apart from all the other checks to ensure that the software > > follows current best practices in software development, we also verify > > the correctness of the software during the review. > > That's true, but I think fundamentally I agree with Randy: if the software > is terrible in some way but still useful to users (hello, Chromium!), we > probably want to find some room for it in Fedora somehow. Sure, but only if it works (correctness). > But we absolutely need to be sure about licenses. Yes, the legal requirement merely sets the lowest bar for inclusion of software: it must be legally allowed to be even considered for inclusion. So, it is a compulsory part of the review process, but so are other checks. I give correctness as an example because it's easiest to understand: if the software is legally acceptable, but doesn't build or work properly, then it doesn't pass the review either. Basically, packages do not pass review merely because they use good licenses. -- Thanks, Regards, Ankur Sinha "FranciscoD" (He / Him / His) | https://fedoraproject.org/wiki/User:Ankursinha Time zone: Europe/London
Attachment:
signature.asc
Description: PGP signature
_______________________________________________ devel mailing list -- devel@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe send an email to devel-leave@xxxxxxxxxxxxxxxxxxxxxxx Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/devel@xxxxxxxxxxxxxxxxxxxxxxx
