[aur-general] Notification of GPL violation

Manhong Dai daimh at umich.edu
Tue May 25 18:18:20 UTC 2021 

On Tue, 2021-05-25 at 19:57 +0200, Evert Vorster wrote:
> 
> 
> On Tue, 25 May 2021 at 19:27, Manhong Dai via aur-general <    
> aur-general at lists.archlinux.org> wrote:
> > On Tue, 2021-05-25 at 19:04 +0200, alad via aur-general wrote:
> > > On 25/05/2021 18:58, Antoine Viallon via aur-general wrote:
> > > > 25 mai 2021 16:42 "Genes Lists via aur-general" < 
> > > > aur-general at lists.archlinux.org> a écrit:
> > > > 
> > > > > As an outside observer of this thread, it seems like the time
> > for
> > > > > discussion is over. This talk
> > > > > appears to center largely about opinions on civil litigation.
> > > > 
> > > > Actually, this discussion could be important if the
> > responsability
> > > > of Arch could potentially be involved.
> > > > Nobody wants the Arch project to be sued or to be liable in
> > > > some
> > > > way or another.
> > > 
> > > ...and, as I said already, it was long established that Arch is
> > > not
> > > liable or involved in any way.
> > > 
> > > 
> > https://lists.archlinux.org/pipermail/aur-general/2021-May/036236.html
> > > 
> > > But sure, let's keep talking about ways to obscure trivial
> > > patches
> > to
> > > mitigate phantom copyright claims. I mean, really?
> > > 
> > > Alad
> > 
> > I beg to differ, as 'trivial' is subjective.
> > 
> > As long as a patch file includes a significant portion or essential
> > part of the upstream code, it constitutes software redistribution,
> > and
> > subjects to Section 4 and 5 of GPLV3. The package
> > maintainer/submitter
> > is responsible.
> > 
> > Then, if AUR or even a TU is involved in anything related to the
> > patch
> > file, such as modifying the patch file, AUR will become liable too.
> > 
> > Filipe Laíns's opinion in your link is actually conforming to the
> > GPL
> > requirement, because he suggested to provide a notice, which should
> > include copyright and warranty at a minimum.
> > 
> > On another note, I often notice that people in this list say a
> > PKGBUILD
> > file doesn't have copyright. IMHO, this opinion is wrong unless
> > AUR'd
> > Term of Services says that the user agrees to assign the PKGBUILD
> > file
> > copyright to AUR while using the service. 
> > 
> > Just my two cents. Again, I am not lawyer and never made a cent
> > with
> > law. Instead, law made me lose quite some money.....
> > 
> > 
> 
> 
> Just adding in my 2 cents. 
> The lines of code in the patch file is not actual code, but markers. 
> 
> To explain this to lawyer types that like splitting hairs but don't
> necessarily understand programming:
> 
> The patch program assumes you have the source that needs to be
> patched handy. This means that you must have obtained the source code
> to be patched before it can work, and is bound by the license of that
> software. 
> 
> The lines in the patch file, while it LOOKS like source code, is
> actually never executed, and only serves as a marker as to where the
> changes are to be made. 
> It is completely useless otherwise. The patch program would very
> happily edit plain text documents that are not code at all, and it
> does not even understand any programming language in itself. 
> 
> In short, if you do not have the source code already, the patch won't
> make it for you. If you do have it, it obviously was distributed to
> you, and the lines in the patch only refers to a section of code you
> already have. So, the lines in the patch file are explicitly covered
> by the copyright of the source that is getting patched.
> 
> No one is pulling a fast one, and no source is being distributed
> without it's original licences.
> 
> I may not be a lawyer, but many highly paid lawyers have looked at
> patch files in great detail for decades, and could not find any
> reason to sue anyone that has made patch files, ever. 
> 
> So, my unqualified position is that we are OK to distribute patches
> to make software work.
> 
> Kind regards,
> -Evert Vorster-

With all due respect, while the case quoted below says otherwise, it is
very possible that your opinion is confirmed in other
nations/courts/cases.

'A patch is nearly an exact copy of the main file of the computer
program that contains the part of the code that interacts with the
security device.'

https://law.justia.com/cases/federal/district-courts/FSupp2/128/1027/2298546/


Best,
Manhong

More information about the aur-general mailing list