On Thu, 2015-02-26 at 14:58 +0000, Richard Hughes wrote:
On 26 February 2015 at 14:35, Josh Boyer jwboyer@fedoraproject.org wrote:
These are the latest designs from Allan that I've implemented in GNOME Software in F22 and rawhide: https://raw.githubusercontent.com/gnome-design-team/gnome-mockups/master/sof...
This may be nitpicking, but what about the cases for things that ARE free and open-source, but may still be illegal in certain jurisdictions? (Such as patent-encumbered codecs).
"The board believes that shipping repository metadata that points at non-free software is incompatible with Fedora's foundations" and "The board believes that reducing technical barriers to explicit user choice to install third-party software (non-free or otherwise) is compatible with Fedora's foundations."
I had trouble interpreting those two statements, given that the only technical barrier for finding non-free or not-yet-in-fedora software *is* repo metadata itself. I assumed the first statement actually meant "shipping enabled repository metadata" so we don't show it by default without some other important step.
(The following statement is my interpretation, not the official position of the Council): I think that what this means is that they did not want us shipping /etc/yum.repos.d/google-chrome.repo (enabled *or* disabled), but that it's acceptable for GNOME Software to make it easier to acquire that repo file and enable/disable it.
For example, installing a default MIME-type handler for files ending in .repo that allows GNOME Software to be launched and prompt you to load it if you click on such a path in a web browser. I think that would be in line with both statements.
The latter statement led to some of the disabled repo work that Richard did, IIRC. It leaves a lot open to interpretation.
Right, as a simple proposal, would it be acceptable for a package to install something like this into /etc/yum.repos.d:
[google-chrome] name=google-chrome baseurl=http://dl.google.com/linux/chrome/rpm/stable/x86_64 enabled=0 gpgcheck=1 repo_gpgcheck=1 enabled_metadata=1 gpgkey=https://dl-ssl.google.com/linux/linux_signing_key.pub
So the only time we'd access that repo is with PackageKit when searching with gnome-software, and we'd only prompt to enable the repo if it matched a search keyword like "chrome", and then did that with a big dialog like the mockups warning about the perils and morality of using nonfree software. Using dnf or yum it would be completely invisible due to the enabled=0 line. This was basically my proposal here: http://blogs.gnome.org/hughsie/2015/01/09/finding-hidden-applications-with-g... which didn't seem too controversial at the time.
I imagined that we'd ship a fedora-repos-extra package which we could pull onto just the workstation product using comps, but I'm open for ideas.
I'd say that this is probably directly against the intent of the first statement above, but it may be worth bringing that to the new Council directly. It may have a different result this time around.