On 13Jan2017 1050, Lukasz Langa wrote:
Thanks for review, Steve!
On Jan 13, 2017, at 10:35 AM, Steve Dower <steve.do...@python.org> wrote:
An *abandoned* project can be transferred to a new owner for purposes
of reusing the name when ALL of the following are met:
...
The list here is nearly identical to the previous section
The "skin in the game" behavior is different.
Fair enough. Perhaps we should avoid using the idiom though (as
suggested earlier) to avoid any potential loss in translation.
I would actually like to be able to name-squat for a period between a project
being started and being released (particularly in my own context, I often need
to keep a project private until it has been internally tested/reviewed/scanned
and the lawyers have signed off, at which point it may require a new review if
the name has to change).
Presumably for a reachable uploader who can give an explanation, this won't result in the
immediate loss of the name. But suggesting a time limit may help reduce support requests
("project is name squatting for at least 6 months" feels okay to me, but not
wedded to it).
I don't want to suggest arbitrary limits on acceptable name squatting because
this can be abused. As long as you squat and nobody calls you out on it before
your first functional release, that's okay. If you squat on a great name and
somebody comes along with an existing notable project wanting that name, the
case it rather clear though.
So perhaps name-squatting belongs in the "this project is abandoned and
I want the name" section rather than the "this project is invalid and
I'm flagging it via support channels" section? (Or maybe I misunderstood
the intent of the separate sections, which I'm sure is also useful
feedback :) )
(As a semi-related aside, I'm currently squatting on the 'microsoft' and
'windows' packages for trademark protection reasons. They may never get any
functionality, but that's better than someone else having the name. This sort
of squatting doesn't necessarily need to be explicitly called out in policy,
but maybe it's worth a mention?)
I wanted to avoid touching on trademark issues because IANAL.
Very good point. Since nobody directly involved in this policy is a
lawyer, it might be worth clearly stating what the index maintainers are
responsible for in the case of a potential legal dispute with an
unreachable package owner, or one who is deliberately/maliciously making
themselves unreachable.
Or maybe it's a rare enough case that it doesn't matter? We certainly
resolved our last issue easily enough, though it did require the index
maintainers to put us in direct contact with the package owner. Maybe
stating that "the index maintainers are not responsible for evaluating
the legal status of intellectual property, and may only establish direct
contact between the complainant and a reachable package owner with
mutual consent" is the way to go? (And get VanL to sign off on the
wording, just in case there's some oddity here I'm not aware of.)
Cheers,
Steve
_______________________________________________
Distutils-SIG maillist - Distutils-SIG@python.org
https://mail.python.org/mailman/listinfo/distutils-sig
