Re: GPL violations [was Re: Suggestion: Skip Slink!]
On 06-Jan-99 Avery Pennarun wrote:
> To clarify the problem: we never have packages without source, only
> packages without the _exact_ source that an old binary might have used, and
> then only if one architecture uses a different package than another. I
> consider that a problem (it's nice to know _exactly_ what source your binary
> came from) but not a serious one (if you really care, you can rebuild a
> binary from the latest source). This is non-ideal, but IMHO not critical.
> Even as a security concerned sysadmin (which I am) it doesn't bother me.
So you're saying there are binary packages without the "corresponding source
code" being distributed? Herm... Seems pretty critical to me, as this is
exactly what the GPL requires.
You don't get it. We don't distribute patched sources. We distribute
pristine source and a patch file. The only time we are technically in
violation is when the patch file is slightly different for a different
architecture. This is a problem, admittedly. However, it is a minor
nit since the patches are normally only slightly different (i.e.,
endianness fixes) and normally they get merged eventually.