Il 13/03/2015 19:29, Pine W ha scritto:
Question: are there heightened security or privacy risks posed by
having non-open-source code running in Labs?
Is anyone proactively auditing Labs software for open source
compliance, and if not, should this be done?
FYI, http://tools.wmflabs.org uses the toolinfo.json 'standard' to show
a useful link to the source. Although probably most tools with a
toolinfo have already been published as open source.
Pine
On Mar 13, 2015 10:52 AM, "Ryan Lane" <[email protected]
<mailto:[email protected]>> wrote:
On Fri, Mar 13, 2015 at 8:42 AM, Ricordisamoa
<[email protected]
<mailto:[email protected]>> wrote:
From
https://wikitech.wikimedia.org/wiki/Wikitech:Labs_Terms_of_use
(verbatim): "Do not use or install any software unless the
software is licensed under an Open Source license".
What about tools and services made up of software themselves?
Do they have to be Open Source?
Strictly speaking, do the Terms of use require that all code
be made available to the public?
Thanks in advance.
As the person who wrote the initial terms and included this I can
speak to the spirit of the term (I'm not a lawyer, so I won't try
to go into any legal issues).
I created Labs with the intent that it could be used as a
mechanism to fork the projects as a whole, if necessary. A means
to this end was including non-WMF employees in the process of
infrastructure operations (which is outside the goals of the tools
project in Labs). Tools/services that are can't be distributed
publicly harm that goal. Tools/services that aren't open source
completely break that goal. It's fine if you wish to not maintain
the code in a public git repo, but if another tool maintainer
wishes to publish your code, there should be nothing blocking that.
Depending on external closed source services is a debatable topic.
I know in the past we've decided to allow it. It goes against the
spirit of the project, but it doesn't require us to distribute
close sourced software in the case of a fork.
My personal opinion is that your code should be in a public
repository to encourage collaboration. As the terms are written,
though, your code is required to be open source, and any libraries
it depends on must be as well.
- Ryan
_______________________________________________
Labs-l mailing list
[email protected] <mailto:[email protected]>
https://lists.wikimedia.org/mailman/listinfo/labs-l
_______________________________________________
Labs-l mailing list
[email protected]
https://lists.wikimedia.org/mailman/listinfo/labs-l
_______________________________________________
Labs-l mailing list
[email protected]
https://lists.wikimedia.org/mailman/listinfo/labs-l
