[Debian-med-packaging] Bug#874880: FreeMedForms projet

Michael Lustfield michael at lustfield.net
Sat Jan 11 01:28:06 GMT 2020 

It looks like this bug went from "Qt4->Qt5" to "no longer DFSG-free."

On Fri, 10 Jan 2020 17:34:35 +0100
Eric Maeker <eric.maeker at gmail.com> wrote:

> Oh! There is a misunderstanding here!
> Let me correct my words:
> -> full code of each stable released version is packaged and freely  
> available (but undocumented since v1.0.0).

From: https://freemedforms.com/en/downloads/root

    "Downloads are 100% compatible with the Debian social contract."

From: https://freemedforms.com/fr/downloads/root (translated)

    "Since v1.1.0, some files are available under a license incompatible with
    the social contract of Debian . If you are looking for software 100%
    compatible with this contract, please refer to v1.0.0."

Without digging in too deep...
- You mentioned documentation removal in 1.0.0
- This page mentions DFSG-freeness was broken in 1.1.0

If these were two distinct periods of time, that would lead me to suspect
additional files were added that broke compatibility with the DFSG.

> We know that at least two forks exists (this is what our private data
> server's log tells us). We do not receive any patch, invitation to git
> repos, or any kind of official informations or queries.

This could definitely be a language barrier problem, but I don't follow. Why
are you concerned about forks? If you have quality open source software, then
people will fork it. Sometimes patches will be sent back upstream, other times
they won't be.

Take a look here: https://people.debian.org/~bap/dfsg-faq.html
Particularly at 9a (The Desert Island Test)

Demanding that all modifications be shared with you very clearly fails this
test, and is not actually part of the license you applied to the software.

> In consequence, we decide that our git repository will not be freely
> accessible. Approval does only concern the FreeMedForms' git and the
> ability to join the project as member (coder, tester, communication
> manager...).

It's probably worth noting, a public repository is recommended, but not
required for inclusion in Debian repositories. However, inclusion of source is
an absolute requirement.

This "documentation" that was removed seems to be much more than just developer
docs; I'm unable to find any non-header comments in any file.

If you look at how javascript is handled, any minified version is considered
compiled source. You are essentially doing the exact same to your source when
you release it. It's not the actual source... it's just some partial version of
it. In this case, with intentional obfuscation.



This could still make it into non-free, however, I'd urge you to reconsider
your motivations for releasing obfuscated source and refusing to share. Is it
really your desire to make software that's (per DFSG) not free?


-- 
Michael Lustfield

More information about the Debian-med-packaging mailing list