On 2015-07-06 13:16, Daniel Micay wrote:
On 05/07/15 01:39 PM, Hugo Osvaldo Barrera wrote:
There's a PKGBUILD[1] on the AUR that downloads a binary that is illegal to distribute (due to licensing, it may only be distributed in source form).
IMHO, it's a bit of a grey area if the PKGBUILD is legal or not (I believe it is not in some jurisdictions), but anyone running it is receiving illegal content, so I don't think we should keep it around.
I put up a deletion request[2] for this, and the response was "The AUR does not distribute binaries.".
While this is true, it does distribute the PKGBUILD for downloading the ilegal binary. This is not a case of "the package can be used to do something possibly illegal", this is a case of "this script was tailored exclusively and with the sole objective of distributing something illegal, and can only be used for that".
[1]: https://aur4.archlinux.org/pkgbase/telegram-desktop/ [2]: https://lists.archlinux.org/pipermail/aur-requests/2015-July/007698.html
The AUR doesn't redistribute it. A better complaint would be that the package should have a -bin suffix. It's open source so the unsuffixed version should be built from the sources.
I noticed this too, but it didn't worry me as much.
The legal issues are upstream's problem as they're the ones choosing to keep illegally distributing it. It's not going to be much of a problem for them because it's unlikely that any of the contributors to the GPL code actually cares. It's a technicality, not something that's actually causing damages or that's ethically wrong. I don't see a good reason to remove it, either from a legal or ethical standpoint. It would only be a problem if Arch was actually distributing it.
Arch is giving users a tool which has the sole purpose in helping distribute those binaries, and that's a really dark-grey area that might be dangerous to step into, IMHO. -- Hugo Osvaldo Barrera A: Because we read from top to bottom, left to right. Q: Why should I start my reply below the quoted text?