"To control people" is principle that many corporations have. We do not even know what human atrocities have been prevented in last 2-3 decades would not be awareness about the free software.
Do we really want to have chips implanted in our bodies changing our proteins and doing what they want by means of central control and software? There are today plans for that. Yet resistance is there due to awareness that is widespread. Would be same resistance in the world without free software? I doubt it. Awareness comes from promoting free software principles. > Besides that, the free/libre system distributions generally also remove > those for NodeJS's npm, Rust's cargo and other package management > facilities that by default point to repositories not committed to de GNU > FSDG I have not verified each system distribution and I do not think that the approach to simply remove packages that could go to non-free repositories is the best approach. I do not say it is not right, I say it is not best approach. Best approach would be to bundle or prepare package repositories or packages of let us say npm in the distribution itself. Better is providing one's own repository which software have been verified. This is expensive approach as it asks for more effort. But it also helps users. Repositories that do not have principles: - NOT to include proprietary - NOT to verify if software is proprietary or not - TO INCLUDE anonymous dubious software - TO INCLUDE software with UNKNOWN licenses (pip) - TO INCLUDE software that is meant to use exclusively other non-free software Then such shall not be promoted in free software system distributions. But there are fine differences. > guidelines which require exactly that, or a change in the default > repository configuration to either remove all of such (leaving only > the package manager there, but with no repository information) That is one of fine differences, if one leaves package manager at the system is it not also guiding the user to non-free? We have to have well defined position on that. Leaving package managers in the system is good idea and removing non-free repositories is good idea. > point to a repository that is committed to the GNU FSDG In my opinion OS distributions that are FSF endorsed could or should bundle a lot of popular free software from repositories that may bundle non-free to satisfy users. Maybe bunch of software from some repositories should be in one bundle so that user can download like 500 packages at a time. I would prefer that approach For GNU Emacs, I would prefer approach that full GNU ELPA is bundled in one big package so that one can download it on system and install for every user on a multi user system. Then to avoid MELPA that distributes packages wrapping non-free software or packages that are meant to run exclusively non-free software, free system distribution shall make a choice of packages and bundled it as a package and make it in similar way available. I think that Debian is doing it like that. Maybe in Debian they provide pip, but they also package many Python software in distribution itself. Goal shall be seeked that all dependencies in one OS distribution are satisfied. More important is teaching of free software. Articles that are available on www.gnu.org should be bundled in packages for offline reading and to become accessible to new users who install free software but do not mind or do not care or do not know about free software. Recently I have installed Dragonfly BSD and in the root directory / there I can see COPYRIGHT file with the free software license. Same can be done for other OS-es especially for GNU based OS-es that should promote freedom. The file could give enough pointers to people how and where to read about free software on their own system. Greater effort should be made to teach users about free software rather then only not transparently removing repositories for npm or pip or removing those package managers and having surprised users. We have to tell why those package managers have been removed. $ pip could be a wrapper that tells to user: - it is a wrapper, and how to change it not to be the wrapper - that many packages on their repository are non-free, as license UNKNOWN means non-free. Even if one would know that package is normally distributed with free license, when receiving another copy of a package without license that package is legally not free, as one did not verify relation between the author and repository. Author could have distribute package by different terms. - that users are disadvised using non-free software and for which reasons - pointers on where and how to configure repository should be given as well - pointers how to make their own repository and advise how to license their software and maybe even bounties for free software That is better than removing pip from system. > for which there are rare ones since most JavaScript, Python, Rust > folks don't seem to care until it bites them in some other way. Rust I heard is changing policies, watch out their news. There shall be legal care about software received and published or distributed. Many do not understand the danger. youtube-dl was taken down by DMCA notice from Github. But DMCA notices can be given to any organization. Thousands of DMCA notices are are on Github and many related to GPL enforcements: https://github.com/github/dmca This can happen to any OS, including to Hyperbola. If distribution is let us say in country X, distribution manager shall consult attorney on how to accept software by which principles and which legal verification. I do not think it is just enough to say "I got the license" and "therefore I am fine and free". As that is obviously not true. DMCA notices on Github are proving it that it is not enough to say "I got the license and we are fine", as they are not fine. Github just has enough money to handle all those problems. We all assume we run free software. But how much of it inside is really free, we cannot know easily. DMCA notices are clearly a warning that probability is high that we have a lot of non-free software in OS distributions for which we assume to be free but may not be free. People reuse the code. They will reuse proprietary code in free software as well. If some package is dependency for many other packages that can break all OS distribution. DMCA notice for Github can now be as well given to all OS distributions having youtube-dl as a package. They would all need to comply with it. Distributions that do not have frequent distribution cycles would need to remove the DVD from their website and would face difficulties making new DVD or USB images. In general we make too many assumptions that we run free software. Just like I was believing that Debian never delivered to me non-free software, but they did in the form of firmwares for devices. And they do have non-free repository. I was believing Linux kernel is free but it was not. I got surprised. We make too many assumptions without good verifications. We better make a central repository of problems or freedom issues so that fully free OS-es can better collaborate with each other. When including Python, it will have many references to pip, and users will realize they do not have pip and sooner or later they will get it. I see there fine differences on guiding users to non-free software. It is better having free software Python repository. We remove pip from Hyperbola but we do not remove Epiphany that cannot even turn off Javascript. Probability that I am guided with Epiphany to non-free software is so much bigger than by using pip. I want to browse, but I do not necessarily need special installations of Python software. Users are mostly users not necessarily administrators and not necessarily developers. Users will mostly browse, not develop. I do not vouch to remove Epiphany from system but I say there lacks sense of logic and good set of principles well defined. What about the package docker-machine in Hyperbole? It is for docker, so even if there is no local tool to access remote docker packages by having docker-machine in the system users are to find remote dockers, including non-free docker packages. It is inevitable What about emulators? While software could be useful to make new software for other machines, in practice it is 99.9% used for playing non-free games. Emulators are included in Hyperbola but pip is not included. Solution to above problems is communication to users, to teach more about free software by including documentations, articles, free software philosophy. For example why I do not find not even one package that includes free software philosophy articles? I find that surprising. What is really "guiding user to non-free software" shall be well formulated and defined with reason and without contradictions. Without looking into popular proprietary games on emulators and without study we would not get free similar games, clones of proprietary games. That is the argument for emulators. But reality is that 99.9% people will use it for non-free games. Browsers like epiphany in Hyperbola do not even have the option to turn off the javascript. It drives me and guides me straight to run Javascript on many websites, including by clicking on references to links that I may find in the packages of distribution itself. Isn't that guiding me as user to non-free software? Yes, it is. Did I get any warning? No. I should have get it. We need better defined set of policies for free system distributions. I am mostly running Icecat browser with LibreJS turned on and other protective plugins. By doing so one becomes more aware on what is going on Internet. That websites wish to control users it becomes more obvious. I can turn off Javascript in Icecat with easiness. But Icecat is not in Hyperbola. I get Iceweasel-UXP in Hyperbola, it works well and has LibreJS built-in but I cannot turn off easily Javascript. I can use hidden options. That is not easy for users to find out about that. It does not teach users about freedom like Icecat teaches. My opinion is that every browser on free software distribution shall have option to easily turn off Javascript, and I do not speak of hidden options. There shall be even command line options like Surf browser has it. When I open IceCat, the first option on screen at upper left corner is to turn off Javascript. It has links to Javascript trap. Javascript trap is good way to increase awareness at society. I am surprised to see that years later people are less aware of Javascript problems. And I remember entering for demonstration purposes into file systems of my friends in the same room, just by offering them website to visit. Every browser with Javascript initially had the option to turn it off. Today we can see Epiphany browser in Gnome not even having that option. New versions maybe have it. But I do not have the option in Hyperbola GNU/Linux-libre. I need to use gsettings but there is no such option. Jean _______________________________________________ libreplanet-discuss mailing list [email protected] https://lists.libreplanet.org/mailman/listinfo/libreplanet-discuss
