programming language package manager

14 Antworten [Letzter Beitrag]
alimiracle
Offline
Beigetreten: 01/18/2014

Most of us use Package manager to install Programs
in trisquel all the repositorys is free software
But wait
There is programming language package manager like pip, go, rubygems and much
more.
Most of them contain free software, but some are non-free.

Calinou
Offline
Beigetreten: 03/08/2014

Yes, we know. What do you want us to say about it?

Thankfully, the amount of non-free software in those is very low, and the vast majority of people doesn't install any using them (unlike Debian/Ubuntu).

If we're removing those package managers, it's going to make installing some software much harder.

alimiracle
Offline
Beigetreten: 01/18/2014

> Yes, we know. What do you want us to say about it?
We need free version of them to improve the quality of works from the
> If we're removing those package managers, it's going to make installing some software much harder.
yes but will make trisquel mor free

moxalt
Offline
Beigetreten: 06/19/2015

> Most of us use Package manager to install Programs

All of use the package manager to install programs.

> in trisquel all the repositorys is free software

There is only one repository. It is composed of entirely free software.

> There is programming language package manager

What?

> Most of them contain free software

A package manager contains no software.

I did not understand a word of that. Someone, enlighten me.

Calinou
Offline
Beigetreten: 03/08/2014

Many programming languages come with their own package managers to ease installation of new software as well as libraries. You can install those packages globally (system-wide) or locally (in a folder). Examples of those packages managers: npm (CSS/JavaScript), Bower (Web), pip (Python), Ruby Gems (Ruby), CPAN (Perl), Cargo (Rust), ...

Nearly all of those package managers accept non-free licenses. At least, most of those package managers show the license of the program, but it doesn't even warn you when installing a non-free package.

The two possible solutions to stay FSDG-compliant are:

1. Remove those package managers. It comes at a great convenience loss, and will make installing some software much harder (as you usually install the dependencies through the package manager).

2. Create a separate repository. In this case, I hope you have the manpower to mirror all the free packages and remove only the non-free ones, else you'll land in a situation similar to 1. You'll also need a pretty Web interface in order to attract users.

hnasiet
Offline
Beigetreten: 02/10/2015

If they show the license of the package is it possible to modify them so that they warn you that you are trying to download a non-free package?

Calinou
Offline
Beigetreten: 03/08/2014

Yes, it is likely that you can perform some kind of check. You could even reject installation entirely, if you find a reliable way to detect the package license.

jxself
Offline
Beigetreten: 09/13/2010

"If they show the license of the package is it possible to modify them so that they warn you that you are trying to download a non-free package?"

Since Trisquel is endorsed by the FSF, mere warning is not enough.

One of the criteria for keeping the endorsed status is that Trisquel:

"...must not steer users towards obtaining any nonfree information for practical use, or encourage them to do so. The system should have no repositories for nonfree software and no specific recipes for installation of particular nonfree programs. Nor should the distribution refer to third-party repositories that are not committed to only including free software; even if they only have free software today, that may not be true tomorrow. Programs in the system should not suggest installing nonfree plugins, documentation, and so on."

This should probably be discussed with the other FSF-endorsed distros on the gnu-linux-libre mailing list as Trisquel is not likely to be the only one that this impacts.

hnasiet
Offline
Beigetreten: 02/10/2015

What if the distribuition refers to third-party repositories but only downloads the free software in them(using a whitelist) isn't that the same? There should be an exception for this case.

jxself
Offline
Beigetreten: 09/13/2010

"What if the distribuition refers to third-party repositories but only downloads the free software in them(using a whitelist) isn't that the same?"

As I understand it, that's not the case right now.

"There should be an exception for this case."

This is why I'm suggesting this be raised on the gnu-linux-libre mailing list. In this way we can be discussed with other FSF-endorsed distros. FSF staff are also on there.

moxalt
Offline
Beigetreten: 06/19/2015

What's the point of these? I mean, if you want new libraries, couldn't you just
install them from the repo? The same is true for software written in that
language.

hnasiet
Offline
Beigetreten: 02/10/2015

those package managers are available in the repos and they have many packages that are not in Trisquel repos.

lembas
Offline
Beigetreten: 05/13/2010

We have a related bug filed here

https://trisquel.info/en/issues/3741

BCG
BCG
Offline
Beigetreten: 07/07/2015

It is my understanding that many debian packages which rely on such mechanisms have their own debian packages for their dependencies, even when those dependencies are in other repositories. I suppose however that if software packaged in Trisquel downloads dependencies from external repos that is an issue.

Of course, I'm not trying to minimize the importance of what you are pointing out... just saying that I think from the standpoint of the distribution it probably does not work exactly the same as just using gem, maven, cpan, or whatever