On 2009-12-08 16:04 PM, Ben Finney wrote:
VanL<[email protected]> writes:
The irrevocability is there to protect the PSF. It is so that no one
can claim later that they got mad at the PSF and revoked the PSF's
ability to redistribute something that they previously uploaded.
I think the best way to ensure this is to constrain PyPI users to only
upload free-software works. (Any license terms that can restroactively
revoke the license without violating its specific terms, necessarily
make a non-free work and would thus be excluded from PyPI.)
Who determines the freeness of the software? The OSI? That would exclude
licenses like the CeCILL license which appears to be close enough to free
(certainly in the respects that concerns redistribution by PyPI) but it has not
been submitted to the OSI and might not pass every point of the Open Source
Definition (I'm pretty sure that it is not DFSG-free).
Attempting to get an *additional*, broader, license from the uploader
strikes me as over-reaching.
Who would audit the packages to make sure that the uploaded code actually has an
acceptable license? While I hope that the language can be narrowed or at least
clarified, I definitely think that the PyPI needs a separate usage agreement
such that uploading packages to PyPI grants specific permission for PyPI to
redistribute the package. At the very least, uploading a package to PyPI would
have to "represent and warrant" that the package complies with some definition
of freeness, but that's even more vague than the current language.
--
Robert Kern
"I have come to believe that the whole world is an enigma, a harmless enigma
that is made terrible by our own mad attempt to interpret it as though it had
an underlying truth."
-- Umberto Eco
_______________________________________________
Catalog-SIG mailing list
[email protected]
http://mail.python.org/mailman/listinfo/catalog-sig
