Bug#809705: general: let people use non-free software but opt-out of non-open software

[Bas Wijnen <wijnen@debian.org>]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On Mon, Jan 04, 2016 at 07:45:37AM +0000, Niels Thykier wrote:
> Philippe Cerfon:
> > On Sun, Jan 3, 2016 at 7:35 AM, Christian PERRIER <bubulle@debian.org> wrote:
> >> Discussing infrastructure changes like what you're proposing (which I
> >> have no advice about) should usually be done through our mailing
> >> lists,
> > Which one would be the appropriate list?

debian-project, or hopefully debian-devel.  -project for talking about the
idea, -devel for discussing an implementation.  Having an implementation ready
hugely improves chances of it being done.  But of course probing the community
to see if there are any protests (as you are doing now) is a good idea.

> Your second item has been brought up before with different
> focus/rationale/purpose.  At least I remember there being an interest in
> splitting "non-free" into "non-free/firmware" vs. various other non-free
> sub components.
> 
> Mind you, its primary goal was not to address "source vs. no-source",
> but it is the closest related idea I could think of.  Sadly, I don't
> have a reference ready to backup my memory.

Yes; I think the conclusion of that discussion was two things:
1. Different people want different splits.  Using something like debtags may be
   more useful, so users can block their own tag selection.
2. The firmware category is special in that pretty much everyone needs it, so
   we may want to make that its own section the old way.  This allows people to
   use their hardware without enabling any (other) non-free sections and
   without worrying about debtags filters (once implemented).

Note that it was just my impression that there was consensus on this; I may be
mistaken.

Note also that nothing has happened (AFAIK) since that discussion.  Someone
implementing things would be very welcome as far as I'm concerned.

> On your first item, I would have to agree with Christian.  It is not
> actionable and much less by Debian.  At best we could stop packaging
> such software or disabling such features, but both have their disadvantages:
> 
>  * Even if we stop shipping them, people will still download them.
>    Except your average user will probably be worse off because most of
>    them do not verify their downloads.

I agree that not shipping things (that we are allowed to ship) is a bad idea
most of the time (except if it's because nobody considers it a priority; giving
upstream an incentive to release their software under a free license is good).
The exception is software that actively hurts the user (malware, spyware).
Which we can only block if we know about it, of course.

>  * If we disable the functionality, we would "cripple" the software to
>    many people.  If this annoys people, we will end up in a situation
>    where people will advise /against/ using the Debian package because
>    it is "crippled", which leads to the situation above.  Or we could
>    get badly unpopular with upstream (see the "Debian vs. Ruby" issue
>    from a couple of years ago).

This is a valid concern, but it shouldn't always be the deciding factor.  Many
people (including me) use Debian because it easily allows installing a 100%
free system with a huge choice of packages.  If the choice is "move a thing to
non-free, or keep it in main and disable the functionality", those people will
lose the software completely if it's moved to non-free.

Disabling functionality is work, and when it's done, it's done for this group.
It leads to "crippled" packages and the complaints you mention, but the
alternative is moving it to non-free, which leads to the software missing from
Debian main entirely.  Either option may be better, depending on the situation.
Perhaps it's best to do both, like unrar does (AFAIK): package a "crippled"
version in main, and the original version in non-free.  But this is even more
work, and the maintainer has to decide if it's worth their time.

Personally, I don't care much for non-free, so I would choose between disabling
the functionality and not packaging the software at all.  But that doesn't mean
everyone has to work that way; if others want to spend their time on non-free
packages, I'm not stopping them.

Thanks,
Bas
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1

iQIcBAEBAgAGBQJWijfHAAoJEJzRfVgHwHE6J7gP/izcwZPCJ9YvtpDf9FNtDKmA
7Vop3e1wZD2h7G93FY/YvQkufkFQhW9KJp3cIZ2UkCDq6EBt5Of6xtoDEtSWmedV
Hi4djop7nIXJxFnzB2/5wMYVLa+DIeRUUhtR8/HkQu2/GCbf1SIbOH3ZjH2SW0Kj
BozkqzyQQkFv7t/GK9y34goW6l4oc0CF+vINlRV+iV886C0166Kim1rOBWM8Ctfq
JrP9JcfwVBFIVzznK2+6E4/0bCLT1AeRORyfpwIW/QI0+3wmjoECdmA2PRrtTxgD
vy1ZNEfAY+BxYIo4XJsSQpE4VTgtYMmnYDuP4IWx9NUlYKVA3jWwjdn4FSim5fRl
BqWk9tdY4zmM62WGkqLexwSgeyx2Ozh+zh9Cf4TIVRK5OXmUK3E2VUCA9CvE87pw
Dayw3F7ZJX0N5Tpal55DDcBEVHOFFmLgfqHHy80HEM1rgQnwbQE9Z0CrRckhDjIK
jQkCaZynCSknB/5iG7eL1U4UiLySmrxNYqCbuU7T5gEY6SABghwCdcFyCwtRttXC
Q/4H5bXDw7E/PszsSvaUDe39NsDS9xBDbpgSZ/OhylkhimhwUhtixWaNBCDzC9Tw
SLgQaW8TYrAClRzKM+JRBSJM8hTX1R3+CsnS1wVy3em6BRohFO/I8uq+kZZ5007S
HnieFjcna9ri4H0UxCwU
=tnlV
-----END PGP SIGNATURE-----