On 05/07/15 01:39 PM, Hugo Osvaldo Barrera wrote:
There's a PKGBUILD[1] on the AUR that downloads a binary that is illegal to distribute (due to licensing, it may only be distributed in source form).
IMHO, it's a bit of a grey area if the PKGBUILD is legal or not (I believe it is not in some jurisdictions), but anyone running it is receiving illegal content, so I don't think we should keep it around.
I put up a deletion request[2] for this, and the response was "The AUR does not distribute binaries.".
While this is true, it does distribute the PKGBUILD for downloading the ilegal binary. This is not a case of "the package can be used to do something possibly illegal", this is a case of "this script was tailored exclusively and with the sole objective of distributing something illegal, and can only be used for that".
[1]: https://aur4.archlinux.org/pkgbase/telegram-desktop/ [2]: https://lists.archlinux.org/pipermail/aur-requests/2015-July/007698.html
The AUR doesn't redistribute it. A better complaint would be that the package should have a -bin suffix. It's open source so the unsuffixed version should be built from the sources. The legal issues are upstream's problem as they're the ones choosing to keep illegally distributing it. It's not going to be much of a problem for them because it's unlikely that any of the contributors to the GPL code actually cares. It's a technicality, not something that's actually causing damages or that's ethically wrong. I don't see a good reason to remove it, either from a legal or ethical standpoint. It would only be a problem if Arch was actually distributing it.