GPLed software with no true source. Was: Bug#402650: ITP: mozilla-foxyproxy
I've ran into a problem: given firefox extension released under GPL as shipped (.xpi files) has obscured .js files -- all formatting was removed. I've asked the upstream to provide proper source code, but so far he effectively refused to do that, although it seems to be a very simple operation to perform. For our discussion see http://z9.invisionfree.com/foxyproxy/index.php?showtopic=250 If I understood GPL license correctly, upstream author simply can't release anything under GPL if he doesn't provide sources. Whenever I've asked on mozilla's addons IRC I've got reply as afaik he codes himself, and so if he writes on his page / in the package that it is gpl, you can use it under the gpl license but I think that he/she is incorrect in his/her understanding of GPL. Could anyone correct/confirm me? Is there anything I could do to gently force upstream to either provide the sources or rerelease his probably-full-of-spyware software under some non-FOSS license, so I don't even bother thinking about packaging/using it? ;-) P.S. Please CC me since I am not on debian-legal list -- .-. =-- /v\ = Keep in touch// \\ (yoh@|www.)onerussian.com Yaroslav Halchenko /( )\ ICQ#: 60653192 Linux User^^-^^[17] -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: GPLed software with no true source. Was: Bug#402650: ITP: mozilla-foxyproxy
Yaroslav Halchenko writes: I've ran into a problem: given firefox extension released under GPL as shipped (.xpi files) has obscured .js files -- all formatting was removed. I've asked the upstream to provide proper source code, but so far he effectively refused to do that, although it seems to be a very simple operation to perform. For our discussion see http://z9.invisionfree.com/foxyproxy/index.php?showtopic=250 If I understood GPL license correctly, upstream author simply can't release anything under GPL if he doesn't provide sources. Whenever I've asked on mozilla's addons IRC I've got reply as afaik he codes himself, and so if he writes on his page / in the package that it is gpl, you can use it under the gpl license but I think that he/she is incorrect in his/her understanding of GPL. Could anyone correct/confirm me? Is there anything I could do to gently force upstream to either provide the sources or rerelease his probably-full-of-spyware software under some non-FOSS license, so I don't even bother thinking about packaging/using it? ;-) A copyright owner can distribute his software under a license that is impossible to fulfill. The problem -- especially with copyleft -- is when anyone else wants to exercise the rights that the license is supposed to grant. Courts would have to interpret how the license should be construed when the copyright owners' terms are impossible to satisfy. The safe thing is to not distribute or modify any work like that. Michael Poole -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: GPLed software with no true source. Was: Bug#402650: ITP: mozilla-foxyproxy
On Mon, 2007-29-01 at 14:06 -0500, Yaroslav Halchenko wrote: I've ran into a problem: given firefox extension released under GPL as shipped (.xpi files) has obscured .js files -- all formatting was removed. So, if I read your comments correctly, the .js files aren't intentionally obfuscated. Whitespace has just been removed in order to speed up download. It may be misguided, but it's also pretty common among JavaScript programmers. I was able to run the JavaScript code through GNU indent (http://www.gnu.org/software/indent/ ) and get readable and modifiable output. I think there are some special-purpose JavaScript beautifiers out there that could give even better formatting. I don't think that this is a case where the user gets unmodifiable source. ~Evan -- Evan Prodromou [EMAIL PROTECTED] The Debian Project (http://www.debian.org/) signature.asc Description: This is a digitally signed message part
Re: GPLed software with no true source. Was: Bug#402650: ITP: mozilla-foxyproxy
On Mon, Jan 29, 2007 at 04:25:56PM -0500, Evan Prodromou [EMAIL PROTECTED] wrote: On Mon, 2007-29-01 at 14:06 -0500, Yaroslav Halchenko wrote: I've ran into a problem: given firefox extension released under GPL as shipped (.xpi files) has obscured .js files -- all formatting was removed. So, if I read your comments correctly, the .js files aren't intentionally obfuscated. Whitespace has just been removed in order to speed up download. It may be misguided, but it's also pretty common among JavaScript programmers. Except the javascript file is zipped in a .xpi file, making the space removing argument moot. I was able to run the JavaScript code through GNU indent (http://www.gnu.org/software/indent/ ) and get readable and modifiable output. I think there are some special-purpose JavaScript beautifiers out there that could give even better formatting. I don't think that this is a case where the user gets unmodifiable source. However, the GPL requires the prefered form for modification to be provided. And what the author uses to modify is definitely not the whitespace-free version. Mike -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: GPLed software with no true source. Was: Bug#402650: ITP: mozilla-foxyproxy
This one time, at band camp, Mike Hommey said: I was able to run the JavaScript code through GNU indent (http://www.gnu.org/software/indent/ ) and get readable and modifiable output. I think there are some special-purpose JavaScript beautifiers out there that could give even better formatting. I don't think that this is a case where the user gets unmodifiable source. However, the GPL requires the prefered form for modification to be provided. And what the author uses to modify is definitely not the whitespace-free version. Given that the only difference between the version you see and the version the author modifies is whitespace, I don't think there's a real 'freedom' issue. It might be nice if the author built this into the build system so it was something you didn't have to worry about this, but I really don't see this as a violation of the preferred form for modification clause, sorry. I've always read that as being intended for people that want to ship only an .o or other intermediate, compiled version of the program. In this case, you have a pretty lossless converter. -- - | ,''`.Stephen Gran | | : :' :[EMAIL PROTECTED] | | `. `'Debian user, admin, and developer | |`- http://www.debian.org | - signature.asc Description: Digital signature
Re: GPLed software with no true source. Was: Bug#402650: ITP: mozilla-foxyproxy
So, if I read your comments correctly, the .js files aren't intentionally obfuscated. Whitespace has just been removed in order to speed up download. It may be misguided, but it's also pretty common among JavaScript programmers. Except the javascript file is zipped in a .xpi file, making the space removing argument moot. That is exactly what I thought and stated in our discussion with the author on the support forum. .xpi is compressed, then chrome file is shipped within .jar which is also zip compressed. I don't think that spaces is of any concern for the size. They might contribute to few %s of the size. Also VC available from mozilla.org [1] got only space-stripped versions of the code -- no originals as well... I was able to run the JavaScript code through GNU indent (http://www.gnu.org/software/indent/ ) and get readable and modifiable I've done that (with astyle) but it still was really hard to comprehend the source. I don't think that this is a case where the user gets unmodifiable source. However, the GPL requires the prefered form for modification to be provided. And what the author uses to modify is definitely not the whitespace-free version. seconded. For now I just tagged ITP bug with wontfix and provided a description why not... [1] http://www.mozdev.org/source/browse/foxyproxy/ -- .-. =-- /v\ = Keep in touch// \\ (yoh@|www.)onerussian.com Yaroslav Halchenko /( )\ ICQ#: 60653192 Linux User^^-^^[17] -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: GPLed software with no true source. Was: Bug#402650: ITP: mozilla-foxyproxy
Stephen Gran [EMAIL PROTECTED] writes: This one time, at band camp, Mike Hommey said: However, the GPL requires the prefered form for modification to be provided. And what the author uses to modify is definitely not the whitespace-free version. Given that the only difference between the version you see and the version the author modifies is whitespace, I don't think there's a real 'freedom' issue. We know of *one* difference between what the author modifies and what is distributed as source. I don't necessarily believe that's the only difference. There could be additional differences, e.g. stripping comments, that are impossible to restore. The point is that the recipient isn't getting the preferred form of the work for making modifications to it and can't therefore fulfil the terms of the GPL when distributing the work. -- \ It's a good thing we have gravity or else when birds died | `\ they'd just stay right up there. Hunters would be all | _o__) confused. -- Steven Wright | Ben Finney -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: GPLed software with no true source. Was: Bug#402650: ITP: mozilla-foxyproxy
Mike Hommey wrote: However, the GPL requires the prefered form for modification to be provided. And what the author uses to modify is definitely not the whitespace-free version. The same could be true of any secret modifications to any program made by its upstream author. Perhaps the debhelper that I actually develop is written in a very high level language or templating system that compiles it down to the dh_* files that you get in the source package. They do all look somewhat similar, don't they? If I made such a claim, would you consider that debhelper needs to be removed from Debian now? -- see shy jo signature.asc Description: Digital signature
Re: GPLed software with no true source. Was: Bug#402650: ITP: mozilla-foxyproxy
On Tue, 2007-30-01 at 08:59 +1100, Ben Finney wrote: The point is that the recipient isn't getting the preferred form of the work for making modifications to it and can't therefore fulfil the terms of the GPL when distributing the work. It's obvious that some transformations are acceptable for distributing source code. I assume that lossless compression like zip or gzip is OK, right? As well as conversion of character codes (ASCII - Unicode)? DOS line endings to Mac- or Unix-style line endings? I know that stripping whitespace from the source code is a step beyond this -- it _is_ lossy -- but it's not _too_ far off. The re-indented code isn't fun to edit, but it's definitely possible to do. I think if someone was being extra-careful, they'd avoid re-distributing, but if it were me I'd avoid loaded statements like no true source or accusations that upstream was distributing spyware. ~Evan -- Evan Prodromou [EMAIL PROTECTED] The Debian Project (http://www.debian.org/) signature.asc Description: This is a digitally signed message part
Re: Python Software Foundation trademark policy
Christmas came and this thread was dropped... just to tie off: Gervase Markham [EMAIL PROTECTED] wrote: MJ Ray wrote: Passing off is a little different, so I don't want to confuse that with trademarks. That's not something I know much about; a reference on the difference would be appreciated if you have one. As I understand it, registered trademarks are handled by legislation, whereas passing off is handled by case law. Registered trademarks are infringed if a mark is registered as specified, and used in a way described in the act as restricted. Passing off is a vaguer offence that occurs if you impersonate someone else or their product. There are various summaries in civil court decisions: Lord Diplock in Warnink v Townend (1980) RPC 31 at 93 identified, from the cases decided before l980, five characteristics which had to be present. He said: My Lords, Spalding v Gamage and the later cases make it possible to identify five characteristics which must be present in order to create a valid cause of action for passing off: (1) a misrepresentation (2) made by a trader in the course of trade (3) to prospective customers of his or ultimate consumers of goods or services supplied by him, (4) which is calculated to injure the business or goodwill of another trader (in the sense that this is a reasonably foreseeable consequence) and (5) which causes actual damage to a business or goodwill of the trader by whom the action is brought or (in a quia timet action) will probably do so. -- British Telecommunications Plc Ors v One In A Million Ltd Ors [1998] EWCA Civ 1272 (23 July 1998) URL: http://www.bailii.org/ew/cases/EWCA/Civ/1998/1272.html How is Python being used by the distributor to label the shipped version of CPython in any way that you can determine *during* purchase? Let's modify the scenario, then. Let's say I am particularly keen to get a Linux distribution which contains this Python language I've heard so much about. I ask the commercial distributor at the stand: Does this copy of Debian contain Python? Does he say: a) Yes b) No c) It includes a bit of software we call python which is based on the official one from the PSF, and we hope it's fully compatible with it, but we have no connection with them, etc. etc. d) Hang on, I have to call the PSF to get their approval before I can tell you. a) is, I assert, trademark infringement. b) is misleading and unhelpful at best. d) is clearly ridiculous. I suppose c) would be OK, but I doubt that's the answer you would get in practice. If it's the only legal answer, does Debian need to warn its distributors? I suggest that a) may not be trademark infringement because the language is also called Python and Debian contains an implementation of that language. A clueful distributor would say something like c) it contains a python interpreter, but I agree that the standard of distributor responses to these questions is sometimes not great. I don't think Debian needs to warn its distributors - they should already have noticed they are swimming in trademark-infested water, thanks to the bugs about the debian trademark! A bit of y, a bit of something like c and a bit of z. My position is that I do not understand why the distributor would *need* to infringe the Python word trademark. I see no need to use the Python mark in the course of trade to distribute debian. So, as I understand it, the use of the word Python in the Debian docs on the CD is using the mark, but it's not in the course of trade? Does a trade mark exist without trade? Does that mean if I give away my can's of Gerv's Cola labelled as Coca Cola, instead of selling them, then it's not in the course of trade so it's OK? It depends why you are giving them away, but it may not be a trademark offence. (It may still be all other sorts of offence.) Or if I sell boxes labelled Famous Name-Brand Cola inside, and people open them after purchase and see cans of what looks very like Coke, that's OK too? I think that's almost certainly OK - it seems similar to the discount mystery cases of wine that people buy from firms like Laithwaites. http://www.laithwaites.co.uk/xsite~xsite~jan_mystery.xml~otbprefix~HP_JAN_L11_MYSTERY~mscssid~656BF4B532FF41AC849FED6D6219C91F.aspx Sometimes it's the real deal, sometimes it's a near relative or the vineyard next door. I admit this is a bit stretched, but I find it hard to understand how we come to a position where Debian can label anything it likes with any trademarks it likes in its distribution, as long as it doesn't write the trademarks on the outside of the CD. It's not quite that, but I can't figure out how the project would be infringing the Python trademark in this situation. Hope that explains, -- MJR/slef My Opinion Only: see http://people.debian.org/~mjr/ Please follow http://www.uk.debian.org/MailingLists/#codeofconduct -- To UNSUBSCRIBE,
Re: GPLed software with no true source. Was: Bug#402650: ITP: mozilla-foxyproxy
On Mon, 29 Jan 2007, Joey Hess wrote: The same could be true of any secret modifications to any program made by its upstream author. They'd have to be publicly knowable, though, so secret modifications don't really work. Perhaps the debhelper that I actually develop is written in a very high level language or templating system that compiles it down to the dh_* files that you get in the source package. They do all look somewhat similar, don't they? If I made such a claim, would you consider that debhelper needs to be removed from Debian now? Obviously we should try to figure out if the author was lying or making fun of -legal first, but if it was actually true and debhelper was GPLed, then we can't do anything else.[1] Debian should distribute the (digitally distributable) form of the work that the author actually uses to modify the work. We *must* do so in the case of GPLed works. That in both of these cases it's trivial to actually modify the work merely obscures the real problem: the users of the software are second class citizens to the copyright holder. Don Armstrong 1: I know it may be annoying, but it is what the letter of the GPL requires, and definetly what its spirit asks for. -- Quite the contrary; they *love* collateral damage. If they can make you miserable enough, maybe you'll stop using email entirely. Once enough people do that, then there'll be no legitimate reason left for anyone to run an SMTP server, and the spam problem will be solved. -- Craig Dickson in [EMAIL PROTECTED] http://www.donarmstrong.com http://rzlab.ucr.edu -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]