xulrunner 2.0 in rawhide (F15) bundles several system libs

Tue Oct 5 17:14:52 UTC 2010

On Tue, Oct 05, 2010 at 08:22:57AM -0700, Adam Williamson wrote:
> On Tue, 2010-10-05 at 08:34 -0400, Brandon Lozza wrote:
> > On Mon, Oct 4, 2010 at 6:37 PM, Adam Williamson <awilliam at redhat.com> wrote:
> > > that's the entire point of having trademarks. Free software projects are
> > > obliged to allow you to access and modify their code. They are not
> > > obliged to allow you to benefit from their reputation. It doesn't make
> > > any sense to say 'I think this product needs to be modified but I wish
> > > to be able to represent my modified product as being the same thing as
> > > the original product in order to benefit from the reputation attached to
> > > the original product'.
> > > --
> > 
> > Trademarks defeat the purpose of it being "free software". They impose
> > restrictions. 
> 
> The purpose of "free software" is not to have no restrictions.
> 
> > You have to remove MoFo's artwork and perform a name
> > change or you're required to get permission from Mozilla to
> > redistribute a modified binary. That's not free. 
> 
> Yes, it is.
> 
> > At the same time does
> > that logically effect the produced binary if we don't use the Firefox
> > branding? I don't think the artwork and branding makes it any faster
> > or more standards compliant or compatible with plugins. It would
> > instantly remove the restrictions that make it unmaintainable.
> 
> Practically speaking, it would add an extra burden to the maintainers,
> who already do not have enough resources to deal with all the issues.
> Again, the reason we don't carry non-upstream patches in Firefox has
> nothing to do with the branding issue. It's because we don't have the
> resources to maintain non-upstream patches in Firefox.
> 
I wish people would stop repeating this particular bit of justification for
the issue of bundling libraries.  I can see it for other suggested patches
for firefox but in the case of bundled libraries, this is work that we
require of all packages because there's security ramifications for our
product, the Fedora distribution by not unbundling.

We require other packages to come up with the maintainership resources to
unbundle the included libraries if this is found at review otherwise they
don't get into Fedora.  If this is found post-review, we don't require the
maintainer to fix this immediately but we do require them to apply a patch
to fix the issue if someone else provides one and we strongly encourage them
to fix it themselves if they have the know-how.

-Toshio
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 198 bytes
Desc: not available
Url : http://lists.fedoraproject.org/pipermail/devel/attachments/20101005/b5e990ef/attachment.bin 