diff mbox series

[bug#42473] gnu: zrythm: Update to 0.8.694.

Message ID db4aa86c1499e0c191777694e9986612ebfd9162.camel@zrythm.org
State Accepted
Headers show
Series [bug#42473] gnu: zrythm: Update to 0.8.694. | expand

Checks

Context Check Description
cbaines/comparison success View comparision
cbaines/git branch success View Git branch
cbaines/applying patch fail View Laminar job

Commit Message

Alexandros Theodotou July 26, 2020, 10:16 a.m. UTC 
Hi,

Thanks for the feedback!

Attaching the updated patch.

Thanks,
Alex

On Wed, 2020-07-22 at 23:06 -0400, Maxim Cournoyer wrote:
> Hello,
> 
> Ludovic Courtès <ludo@gnu.org> writes:
> 
> > Hi Alexandros,
> > 
> > Alexandros Theodotou <alex@zrythm.org> skribis:
> > 
> > > This is actually 2 patches. The first updates libcyaml and the
> > > 2nd
> > > Zrythm. Note that I (Zrythm author) have added a trademark policy
> > > to
> > > Zrythm that says modified versions that include the trademarks
> > > require
> > > permission (as discussed on IRC with a few people):
> > > https://www.zrythm.org/en/trademarks.html
> > > 
> > > I am not 100% sure if patching the xdg-open path counts as a
> > > modified
> > > version, but in any case this email is signed using the same key
> > > used
> > > to sign the release, so it can be interpreted as "written
> > > permission"
> > > to redistribute this.
> > 
> > OK.  Perhaps right above the ‘name’ field of the package, you could
> > add
> > a link to the trademark policy above and state that Guix has a
> > written
> > permission to use it, with a link to your message?  That way we’ll
> > have
> > an audit trail.
> 
> That's a good idea.
> 
> > > The FSDG allows trademarks from what I understand:
> > 
> > Your interpretation seems correct to me.
> 
> To me as well.
> 
> > > So it is up to the maintainers to decide if they want to keep
> > > Zrythm as
> > > it is or rename it. Either way, I am happy with either decision,
> > > although I would prefer if you were OK with keeping the "Zrythm"
> > > name
> > > (as long as there's no patches to remove/add functionality or
> > > links to
> > > the Zrythm website or things like that).
> > 
> > I don’t see any reason not to keep “Zrythm” as things stand.
> > 
> > Thoughts anyone?  (Cc: maintainers.)
> 
> I wish the trademark restrictions were relaxed to include the right
> for
> modifications made solely with the goal of
> building/packaging/integrating the software with a free software
> distribution.  This would make things hassle free and extra clear.
> 
> That said, I'm not opposed to include Zrythm as things stands, if
> other
> maintainers are OK with it.
> 
> Maxim

Comments

vasilii.smirnov--- via Guix-patches" via July 26, 2020, 5:08 p.m. UTC | #1 
Alexandros,

Thanks for discussing this!

+ ;; Zrythm contains trademarks and comes with a trademark policy 
found in
+ ;; TRADMARKS.md inside the release distribution.
     ^^^^^^^^^

Typo.

                                                    Guix has 
                                                    written
+ ;; permission to use the Zrythm trademarks:
+ ;; https://debbugs.gnu.org/cgi/bugreport.cgi?bug=42473

So does everyone else.

This implies that Guix has some special right but AFAICT the 
linked URL does not grant a single exception to ‘unmodified 
copies’.  What's the intention behind this hunk?

Does the permission to ‘use the […] trademarks’ mean that we can 
now use them however we want?  Presumably not, but then Guix 
doesn't need any ‘written permission’ at all.  Your policy applies 
to everyone.

I'd love to see a trademark policy that doesn't mention Guix (or 
*anyone*) by name but gives us (and *anyone*) the freedom to do 
what we want to do: responsibly but independently maintain & 
redistribute a well-integrated, CVE-free ZRythm package.  I'm 
aware that I might be hoping for too much :-)

Kind regards,

T G-R
Alexandros Theodotou July 26, 2020, 7:26 p.m. UTC | #2 
Hi,

On Sun, 2020-07-26 at 19:08 +0200, Tobias Geerinckx-Rice wrote:

> So does everyone else.
> 
> This implies that Guix has some special right but AFAICT the 
> linked URL does not grant a single exception to ‘unmodified 
> copies’.  What's the intention behind this hunk? 
>  
> Does the permission to ‘use the […] trademarks’ mean that we can 
> now use them however we want?  Presumably not, but then Guix 
> doesn't need any ‘written permission’ at all.  Your policy applies 
> to everyone.

Let me propose this instead, which is much clearer and gives a lot of
freedom to Guix for further modifications:

```
Guix, as released by the GNU project on 
http://git.savannah.gnu.org/cgit/guix.git, has permission to include
this Zrythm release (cryptographically signed by Alexandros Theodotou)
in its package repositories with any modifications necessary to
integrate Zrythm into Guix, provided that those modifications do not
change any of the intended functionalities of Zrythm or any text or
media presented to the user by the Zrythm user interface (including,
but not limited to URLs, images and message prompts). Alexandros
Theodotou reserves the right to revoke this trademark permission if the
current guidelines are not met, subject to Alexandros Theodotou's sole
discretion.
```

I can add this to the TRADEMARKS.md file (along with permissions for
other distros in the future) and re-release in a couple of days, and as
long as this permission notice is present in future releases, Guix will
have permission to make any of the above changes. The last sentence is
just a failsafe/safeguard for me and seems like it's standard in all
trademark permissions.

What do you think?

> 
> I'd love to see a trademark policy that doesn't mention Guix (or 
> *anyone*) by name but gives us (and *anyone*) the freedom to do 
> what we want to do: responsibly but independently maintain & 
> redistribute a well-integrated, CVE-free ZRythm package.  I'm 
> aware that I might be hoping for too much :-)

While I wish I could do that as well, there are no other similar
examples to follow afaik and IANAL so I don't know how to put that
wording in legal terms that cannot be abused (giving permission to
*anyone* to do things with a trademark beyond what basic trademark law
allows does not sound like a good idea), besides giving specific
permission to trusted projects like GNU Guix, so I try to stay on the
safe side.

Thanks,
Alex
Leo Prikler July 26, 2020, 10:51 p.m. UTC | #3 
Am Sonntag, den 26.07.2020, 20:26 +0100 schrieb Alexandros Theodotou:
> > I'd love to see a trademark policy that doesn't mention Guix (or 
> > *anyone*) by name but gives us (and *anyone*) the freedom to do 
> > what we want to do: responsibly but independently maintain & 
> > redistribute a well-integrated, CVE-free ZRythm package.  I'm 
> > aware that I might be hoping for too much :-)
> 
> While I wish I could do that as well, there are no other similar
> examples to follow afaik and IANAL so I don't know how to put that
> wording in legal terms that cannot be abused (giving permission to
> *anyone* to do things with a trademark beyond what basic trademark
> law
> allows does not sound like a good idea), besides giving specific
> permission to trusted projects like GNU Guix, so I try to stay on the
> safe side.
IANAL either, but instead of
```
You may distribute unaltered copies of Zrythm that include the Zrythm
trademarks without express permission from Alexandros Theodotou.
```
and
```
However, if you make any changes to Zrythm, you may not redistribute
that product using any Zrythm trademark without Alexandros Theodotou’s
prior written consent.
```
you should write something like
```
You may distribute unaltered copies of Zrythm that include the Zrythm
trademarks without express permission from Alexandros Theodotou.
You may further distribute altered copies of Zrythm that include the
Zrythm trademarks, provided that alterations solely serve the purposes
of:
- porting Zrythm to a platform or free software distribution not
already supported by Zrythm as-is, OR
- fixing a bug in Zrythm, that has already been acknowledged by
Alexandros Theodotou or [a bigger authority, e.g. there's a CVE], OR
- ...
In any case, you must preserve [bla bla bla], also you must provide (a
link to)? the original sources.  If you make any other changes, you may
not redistribute that product...
```

Roughly meaning: If it already works on Ubuntu, you shan't patch it to
make it work on Ubuntu.  If it doesn't work on Gentoo, you can patch it
until it works on Gentoo and no further.  If Alexandros Theodotou has a
bugfix for something already published in Git, but you need to backport
that fix, you can do it.  If there's a CVE you can patch it.  If any of
those patches goes beyond integration/bugfixing, that's a violation.  I
personally believe, that this should be clear enough in most cases, but
it needs slightly better legalese.

Regards, Leo
Ludovic Courtès Sept. 10, 2020, 10:22 a.m. UTC | #4 
Hi Alexandros!

AIUI, the FSDG-distro exemption at
<https://www.zrythm.org/en/trademarks.html> applies to the latest
release (and presumably foreseeable releases as well):

  You may further distribute altered copies of Zrythm that include the
  Zrythm trademarks, provided that alterations solely serve the purposes
  of:

  • porting Zrythm to a free system distribution currently approved by
    the Free Software Foundation at
    https://www.gnu.org/distros/free-distros.html, OR

  • fixing a bug in Zrythm that has already been acknowledged by
    Alexandros Theodotou or CVE (https://cve.mitre.org/)

(I personally think wording that also includes Debian and Fedora, for
instance, would be welcome, but it’s beyond the scope of this issue.)

There haven’t been further comments on this issue from fellow
co-maintainers so I would suggest that you post a patch updating to the
latest release and I’ll gladly apply it.

Thanks in advance, and apologies for the delay!

Ludo’.
diff mbox series

Patch

From 93189e429e19246c2039630b871eadd9c10cb73f Mon Sep 17 00:00:00 2001
From: Alexandros Theodotou <alex@zrythm.org>
Date: Wed, 22 Jul 2020 09:19:26 +0100
Subject: [PATCH 2/2] gnu: zrythm: Update to 0.8.694.

* gnu/packages/music.scm (zrythm): Update to 0.8.694.
---
 gnu/packages/music.scm | 15 ++++++++++-----
 1 file changed, 10 insertions(+), 5 deletions(-)

diff --git a/gnu/packages/music.scm b/gnu/packages/music.scm
index 3089a22c7c..f1db53ca65 100644
--- a/gnu/packages/music.scm
+++ b/gnu/packages/music.scm
@@ -5203,8 +5203,12 @@  and as an LV2 plugin.")
 
 (define-public zrythm
   (package
+    ;; Zrythm contains trademarks and comes with a trademark policy found in
+    ;; TRADMARKS.md inside the release distribution.  Guix has written
+    ;; permission to use the Zrythm trademarks:
+    ;; https://debbugs.gnu.org/cgi/bugreport.cgi?bug=42473
     (name "zrythm")
-    (version "0.8.333")
+    (version "0.8.694")
     (source
       (origin
         (method url-fetch)
@@ -5212,13 +5216,13 @@  and as an LV2 plugin.")
                             version ".tar.xz"))
         (sha256
           (base32
-            "0x2kxr5zz058jpy6k6ymj0fi2gqfcgrlv4qkwz9443hjy5345iwb"))))
+            "17a2g153cyrx0jjgd2ppyraprlnk2zi4ihzr3f7gn0485crlc2g2"))))
    (build-system meson-build-system)
    (arguments
     `(#:glib-or-gtk? #t
       #:configure-flags
-      `("-Denable_tests=true" "-Dmanpage=true"
-        "-Dinstall_dseg_font=false" "-Denable_ffmpeg=true")
+      `("-Dtests=true" "-Dmanpage=true"
+        "-Ddseg_font=false" "-Dffmpeg=enabled")
       #:phases
       (modify-phases %standard-phases
         (add-after 'unpack 'patch-xdg-open
@@ -5245,8 +5249,9 @@  and as an LV2 plugin.")
       ("libsndfile" ,libsndfile)
       ("libyaml" ,libyaml)
       ("lilv" ,lilv)
+      ("rubberband" ,rubberband)
       ("xdg-utils" ,xdg-utils)
-      ("rubberband" ,rubberband)))
+      ("zstd" ,zstd "lib")))
    (native-inputs
      `(("pkg-config" ,pkg-config)
        ("help2man" ,help2man)
-- 
2.27.0