svn commit: r479263 - in head/science: . namd namd/files
Adam Weinberger
adamw at adamw.org
Sun Sep 9 01:12:10 UTC 2018
On Sat, Sep 8, 2018 at 6:56 PM Yuri <yuri at freebsd.org> wrote:
>
> On 9/8/18 5:15 PM, Adam Weinberger wrote:
> > Upstream requires that people register to download the software, and
> > the license seems to forbid any distribution on our part:
> >
> > "Licensee may redistribute without restriction works with up to 1/2 of
> > their non-comment source code derived from at most 1/10 of the
> > non-comment source code developed by Illinois and contained in the
> > Software"
> > "Licensee agrees to provide the Software only to any other person or
> > entity who has registered with Illinois"
> > "Commercial use of the Software, or derivative works based thereon,
> > REQUIRES A COMMERCIAL LICENSE."
> >
> > I don't think it's a good idea for this port to remain in the tree.
>
>
> Hi Adam,
>
>
> Thanks for pointing this out.
>
>
> Their license says that redistribution is allowed only to entities who
> have registered with Illinois.
>
> But their website also directs people to the source code without
> registration.
>
> Their git server is open, and build instructions are provided in open
> access:
>
> https://www.ks.uiuc.edu/Research/namd/2.12/notes.html#compiling (no need
> to register or click "Ok").
>
>
> The existence of a port doesn't imply redistribution.
>
>
> The appropriate remedy may be to change license for local build only:
>
> LICENSE_PERMS=no-auto-accept no-dist-mirror no-pkg-mirror
>
> If people build locally, this isn't technically a redistribution. Such
> port is a mere reinterpretation of their instructions that are in open
> access and don't require registration or accepting a license.
I'm not sure that that's sufficient, because if they require
registration to download the release versions of code as a bundle,
then circumventing it from a public git server might not be
sufficiently different.
If you'd like to reach out to upstream and ask them whether it's
permissible for FreeBSD to distribute a script to recreate released
source code bundles without registration, then that would probably be
the best way to protect ourselves. In the meantime though, the ports
need to be removed until we're sure it's safe for us to have it.
It's clear you put a lot of work into making those ports work, but we
have to take the conservative path here, which unfortunately means
removing the ports until we know it's safe.
# Adam
--
Adam Weinberger
adamw at adamw.org
https://www.adamw.org
More information about the svn-ports-head
mailing list