Dear colleagues,
I recently informed an associate of the GNU ethical repository criteria
evaluations. I relay his critiques.
1. It is good that we have a summary of the reason for a repository
failing to move up the next grade. For example, it is good that we
say this:
Things that prevent github.com from moving up to the next grade, C:
* Important site functionality does not work without running nonfree
JavaScript. (C0)
However, he would like to have link to the detailed evaluation
of the relevant criterion. He explains, if I am the one running
the repository, I want instructions of how I can improve the score.
2. The evaluations are inconsistent among different repositories.
For example, we say that "[t]he worst thing that github.com does is
to encourage bad licensing practice: failure to include a license,
failure to state the license on each source file, and failure
to specify 'version 3 or later' when using the GNU GPL. (B2)"
But we don't say this about, e.g., GitLab, which has the same issue.
And now I add my comments on how we could address his concerns.
1. In the above example of GitHub getting grade F for important
site functionality requiring nonfree JavaScript, for example,
we could perhaps link to an email list discussion where we refer
to a particular instance of important functionality breaking
when we don't run a particular nonfree JavaScript.
I believe we do in fact provide these details to the
repository management as directions on how to improve their scores,
but we don't mention them in repo-criteria-evaluation.html.
By not mentioning them, we apparently create the impression that
we don't try to assist services in improving their scores.
2. I suspect that the inconsistencies stem from the evaluations
having happened at different times, maybe by different people.
Finally, I remarked during our conversation that it is inconvenient
to have only criteria for GNU projects, not also for non-GNU projects.
The ethical criteria for GNU projects it is the best guide I have
for non-GNU projects, so I abuse it for that purpose, and this is
confusing for the people I tell about it, even though I tell them
to ignore the criteria are specific to GNU projects.
I believe we could assist non-GNU projects in exercising their freedom
if we would publish criteria and evaluations of ethical repository services.
I don't really care how we come up with them, but I provide a suggestion
to demonstrate that I believe this is an easy task. I believe we could
create such a criterion by adjusting the present criteria as follows.
1. Clarify that the criteria apply only to source code hosting websites;
some projects may want to use non-website source code hosting.
2. Create a new grade "C-" with the full title
"C- -- Acceptable hosting for a non-GNU package".
3. Assuming we consider it is acceptable for non-GNU packages that their
code hosting repository does not permit access by Tor (C3) and has
non-GNU licensing recommendations (C5), move criteria C0, C1, C2, C4,
and C6 from grade "C" to grade "C-".
With great honor,
Fritz
