On Mon, 2016-04-11 at 21:44 -0400, Tyler Romeo wrote: > > * Ask the people that run those repositories to stop recommending > > nonfree software. > > I think one additional feature I would like to see (not so much for the > repositories themselves but for the underlying software), is a means of > placing license restrictions on your projects or libraries. > > Most of the repositories listed are based on manifest files that contain > license metadata about the package, but none of the underlying package > managers contain means of: > > * disallowing non-FLOSS-licensed packages; or even so much as > * ensuring the licenses of all libraries are compatible with each other. > > This alone would be a large step to encouraging more FLOSS solutions. > A next step would then be to try and encourage projects to enable the > restriction. >
I have been thinking along similar lines, namely adding something like a disallow-non-free. or gpl-compatible option to the package manager (which would have the side-effect of placing a license restriction on a project if the developer uses it but also ensures that end-users can avoid accidentally installing things as a dependency they legally can't). I looked into licensing on PyPi (the Python package repository). I believe it was intended to be open-source but I didn't see anything requiring this. What I did see in a quick survey was a few packages that were marked as things like 'for educational use only'. This is certainly a problem. Even if I can legally use these packages if I distribute software that has them as a dependency I am creating a legal burden on my end-users especially as pip does not list the license of packages it installs. Paul M
