[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Do we need embargoes for GPL compliance issues?

Paul Wise <pabs@debian.org> writes:
> On Thu, Sep 13, 2018 at 12:36 PM, Russ Allbery wrote:

>> I may just be hopelessly naive or out of touch, but I feel like the
>> termination of rights clauses under the GPLv2 and GPLv3 are widely
>> ignored for good-faith violations (such as those Debian would make) and
>> basically never enforced that way.  Hell, they're barely ever enforced
>> against blatant violations by large commercial companies like VMware.

> Agreed re good-faith violations by FLOSS community projects. That said
> there are also a lot of potential long-term violations in projects
> surrounding the FLOSS community, for eg check the Debian derivatives
> census for the phrase "no source packages".

Would an embargo help for that kind of thing, though?  If a Linux
distribution isn't publishing source at all, they're seem to be into far
more dangerous waters than an embargo could possibly help with.

I guess what I'm looking for is a concrete example of something that
happened to a Linux distribution for which an embargo would have been
helpful and productive.  Without such an example, I think we should
default to being opposed to participating in embargoes per point three of
the social contract.

I don't think the social contract means we should *never* participate in
embargoes.  For security, for example, the priorities of our users
conflict to some extent with not hiding problems, and we have the current
compromise.  But there has to be some reason to compromise that furthers
some other point of the social contract; otherwise, we should default to

Russ Allbery (rra@debian.org)               <http://www.eyrie.org/~eagle/>

Reply to: