Re: What to do when DD considers policy to be optional? [kubernetes]
On Thu, 26 Mar 2020 at 12:40, Christian Kastner <email@example.com> wrote:
> There's this expression in German for when one takes a policy too far:
> "Don't try to be holier than the Pope".
> But that's how maintaining debian/copyright has come to feel to me. We
> still apply a level of detail that seems out of place in today's world.
> It's such an odd position to be in to sit between upstream and
> contributor and discuss with them the legalities of one contribution
> you've hunted down, when it is evident that it was just "a
> contribution", and neither could understand why I have to make such a
> big deal out of it. 
> So, I ask: what for? Policy for policy's sake?
I beg to disagree. We do this for our users. They, believe it or not,
often need it.
An example: commercial users. They need to know *exactly* what they
are running and under which licenses. They often want to be holier not
only than the Pope, but holier than the whole population of Poland,
Italy and Spanish-speaking countries altogether (I hope I don’t offend
anyone with this comparison, it’s meant as a joke). They are often
bound by regulations with heavy fines for violating them, and not only
fines, but a threat of your product being banned, and that often means
they want only specific licenses in their products.
And then there are Debian derivatives that cater to such commercial
users. And guess what? The users tell the makers of the derivatives
debian/copyright data that comes from Debian is not sufficiently
strict or precise, and for that they need to set up their own
processes to double-check and review the Debian copyright data.
So if anything, we need to pay *more* attention to copyrights, not less.