[aur-general] Notification of GPL violation

Tue May 25 17:57:54 UTC 2021

On Tue, 25 May 2021 at 19:27, Manhong Dai via aur-general <
aur-general at lists.archlinux.org> wrote:

> On Tue, 2021-05-25 at 19:04 +0200, alad via aur-general wrote:
> > On 25/05/2021 18:58, Antoine Viallon via aur-general wrote:
> > > 25 mai 2021 16:42 "Genes Lists via aur-general" <
> > > aur-general at lists.archlinux.org> a écrit:
> > >
> > > > As an outside observer of this thread, it seems like the time for
> > > > discussion is over. This talk
> > > > appears to center largely about opinions on civil litigation.
> > >
> > > Actually, this discussion could be important if the responsability
> > > of Arch could potentially be involved.
> > > Nobody wants the Arch project to be sued or to be liable in some
> > > way or another.
> >
> > ...and, as I said already, it was long established that Arch is not
> > liable or involved in any way.
> >
> > https://lists.archlinux.org/pipermail/aur-general/2021-May/036236.html
> >
> > But sure, let's keep talking about ways to obscure trivial patches to
> > mitigate phantom copyright claims. I mean, really?
> >
> > Alad
>
> I beg to differ, as 'trivial' is subjective.
>
> As long as a patch file includes a significant portion or essential
> part of the upstream code, it constitutes software redistribution, and
> subjects to Section 4 and 5 of GPLV3. The package maintainer/submitter
> is responsible.
>
> Then, if AUR or even a TU is involved in anything related to the patch
> file, such as modifying the patch file, AUR will become liable too.
>
> Filipe Laíns's opinion in your link is actually conforming to the GPL
> requirement, because he suggested to provide a notice, which should
> include copyright and warranty at a minimum.
>
> On another note, I often notice that people in this list say a PKGBUILD
> file doesn't have copyright. IMHO, this opinion is wrong unless AUR'd
> Term of Services says that the user agrees to assign the PKGBUILD file
> copyright to AUR while using the service.
>
> Just my two cents. Again, I am not lawyer and never made a cent with
> law. Instead, law made me lose quite some money.....
>
>
Just adding in my 2 cents.
The lines of code in the patch file is not actual code, but markers.

To explain this to lawyer types that like splitting hairs but don't
necessarily understand programming:

The patch program assumes you have the source that needs to be patched
handy. This means that you must have obtained the source code to be patched
before it can work, and is bound by the license of that software.

The lines in the patch file, while it LOOKS like source code, is actually
never executed, and only serves as a marker as to where the changes are to
be made.
It is completely useless otherwise. The patch program would very happily
edit plain text documents that are not code at all, and it does not even
understand any programming language in itself.

In short, if you do not have the source code already, the patch won't make
it for you. If you do have it, it obviously was distributed to you, and the
lines in the patch only refers to a section of code you already have. So,
the lines in the patch file are explicitly covered by the copyright of the
source that is getting patched.

No one is pulling a fast one, and no source is being distributed without
it's original licences.

I may not be a lawyer, but many highly paid lawyers have looked at patch
files in great detail for decades, and could not find any reason to sue
anyone that has made patch files, ever.

So, my unqualified position is that we are OK to distribute patches to make
software work.

Kind regards,
-Evert Vorster-