Le Sun, Dec 04, 2022 at 08:25:09AM +0100, Petter Reinholdtsen a écrit :
It is clear that there is no concensus on this issue. It is not a technical problem with the code, but a question of opinions. Because of this, I set severity to wishlist.
Hi Petter, I came to this bug through the discussion on [email protected]. The homepage of bs1770gain is clearly an outlier. I have downloaded the text contents of 35,760 homepages listed on my apt's cache and screened for the kind of keywords found in bs1770gain's homepage or related to discriminated communities, and found: - bs1770gain, - a second package that clearly dehumanises a whole category of people, on which I will open a bug, - a SF game package with clear bad taste in the vocabulary ("The ultimate goal is to genocide the enemy race"), but no association with any existing or past human group. (I will probably do nothing.) - A homepage with a typo in it that leads to a porn site (just offered to NMU it). That's all. I have been considering the use of a LLM for more extended screening (in a pilot test on bs1770gain and the other package, both are caught), but I am not sure it is necessary. I think that we should not lead our end users to one-click exposure to contents that we deeply disapprove on our communication channels. Given the screen I made above, this is a promise that seems easy to make: there are very few packages to change. Would you consider to update the bs1770gain package so that its Homepage field does not link to the official homepage? Our tech-savy users know that debian/copyright will lead them to the upstream sources. (And of course they know how to use search engines too.) Obviously, removing the homepage will trigger signals that may attract more people to the homepage, thus defeating our point. For instance new contributors who may propose their help help fix the no-homepage-field lintian tag. On debian-project I suggested to either add a lintian override or to use a Homepage placeholder such as https://www.debian.org/intro/diversity, but there may be better solutions. Maybe https://tracker.debian.org/media/packages/b/bs1770gain/copyright-0.9.8-1 or equivalents for instance? I hope that the points I make feel valuable, especially the demonstration that bs1770gain is a total outlier among more than 30,000 packages, and that you will consider taking action. Have a nice week-end, Charles -- Charles Plessy Nagahama, Yomitan, Okinawa, Japan Debian Med packaging team http://www.debian.org/devel/debian-med Tooting from work, https://fediscience.org/@charles_plessy Tooting from home, https://framapiaf.org/@charles_plessy
