Bonum Certa Men Certa

Free Software Contributions and Real Threats

By Marcia Wilbur

To build or not to build!



Recently, there has been some discussion about “open source freeloaders”. It’s completely laughable for companies calling others freeloaders, when in fact, we are the contributors, developers, laborers of love and take ownership volunteering our time to projects these companies use.

Often corporations use our projects without giving anything back to the community.

This is true of many companies with “open source” projects. Often, there will be use of projects in ways one might not even imagine such as curling Windows repos, creating in-house projects based on all open source projects with no redistribution, no sharing and resistance to share.

In one corporate case, the original developers shared with an open license to GitHub. When confronted with this fact, I recommended placing the updated project files to the original repo and was met with strong objection to the point the product owner stated I was “stirring the pot” and demanded management “remove that github project”. Management would not as this is not one of “our company project repos” and we have no control over this public-facing project abandoned several years prior.

"It’s not a violation of license to build new software based on different packages and projects in-house and not share, but not in the spirit of our community."The original developers seemed to have best intentions but were let go and the project developed internally from their original.

It’s not a violation of license to build new software based on different packages and projects in-house and not share, but not in the spirit of our community. Some development, testing or any contribution is appreciated but not required. There is no monetary donation more often than not. Little to no consulting opportunities are available to project developers who have an eye toward community, at least from my perspective and experience.

From Red Hat’s commitment to open source: A response to the git.centos.org changes

June 26, 2023, by Mike McGrath

“Finally, I’d like to address every open source company out there, whether your code is open today or you’re considering moving to an open source model. By any measure, Red Hat has “made it” and I hope many open source companies can succeed as we have. You can decide for yourself whether downstream rebuilds are valuable for you and it’s your call to make it easy, or not.

Simply rebuilding code, without adding value or changing it in any way, represents a real threat to open source companies everywhere. This is a real threat to open source, and one that has the potential to revert open source back into a hobbyist- and hackers-only activity.

We don’t want that and I know our community members, customers and partners don’t want that. Innovation happens in the upstream. Building on the shoulders of others is what open source is about. Let’s continue to drive innovation, support one another and keep moving forward.”


Granted, most of us want the ability to modify and distribute and we do just this.

There are a few use cases for simply building without adding features.



Companies are not likely to pick up abandonware and include this as a dependency, even when they have the resources to do so. Instead, they will search out an alternative.

Take for example an open source project I worked on recently using pandoc. Rather than use @latest pandoc with xelatex for new features, the project used wkhtml2pdf. The company hired an in-house dev to work on the features we wanted when these were already available using @latest pandoc with xelatex!

"Again, while completely legal, this culture of selfish dependence without give back is more common in company culture than not. Freeloaders?!"The packages included in this in-house “solution” included unsupported and deprecated versions with of course, high security risk. The company created what I like to refer to as a “frankenapp”. There was no effort to work with any of the open source projects the company used, no effort to contribute to development. Some of the projects included: ImageMagick, Graphviz, batik, pandoc, wkhtml2pdf

Again, while completely legal, this culture of selfish dependence without give back is more common in company culture than not. Freeloaders?!

Ubuntu – fully supported example:

The packages for Edubuntu were divided and are currently divided by education level.

Packages include:

ubuntu-edu-preschool ubuntu-edu-primary ubuntu-edu-secondary ubuntu-edu-tertiary

The task at Kids on Computers was to evaluate which education projects or packages were used in a previous distro, Ubermix, used by schools in Mexico implemented by KOC.

The purpose of this was to sunset any Ubermix machine, but still offer the same tools, utilities and applications to students. Ubermix was hosting the ISO on the then Google plus platform.

"Does Canonical contribute to Scribus? So, what exactly is meant by “fully support”?"“Who does that?!”

While there were some beneficial features to Ubermix, Kids on Computers wanted to see if we could simply use the packages in a custom respin.

While evaluating the list of packages (dpkg –get-selections | grep install), I noted the packages from Ubuntu.

The interesting thing about these packages was what was inside. There was no indication *buntu had done anything but packaging.

This became more clear upon the realization a couple packages were no longer maintained projects.

So, take for example, ubuntu-edu-tertiary with many recommended packages. The packages listed include Scribus.

The control file for tertiary states:

Package: ubuntu-edu-tertiary Source: edubuntu-meta Version: 23.04.12 Architecture: amd64 Maintainer: Edubuntu Developers edubuntu-devel@lists.ubuntu.com Installed-Size: 10 Recommends: bijiben, calibre, cantor, chemtool, dia, drawing, fritzing, gbrainy, gramps, inkscape, kalzium, klavaro, kmplot, ktouch, librecad, libreoffice, lightspeed, arble-qt, melting, pdfmod, rocs, scribus, stellarium, step, yorick Section: metapackages Priority: optional Description: Tertiary Educational Application Bundle This package depends on all of the educational software for Tertiary grade level education that is fully supported by Canonical and the Edubuntu community.

How do they “FULLY” support?

So, I had questions.

I joined the Edubuntu devel mailing list and asked for the definition of "fully supported".

I went to the Scribus IRC and asked the question whether canonical contributed to the project.

Does Canonical contribute to Scribus? So, what exactly is meant by “fully support”?

Documentation, training, development or testing contribution? Forum, IRC?

Or, do they simply support the ubuntu-edu-tertiary package itself and separate themselves from the projects/packages they “recommend”?

This was Sunday August 13 at approx 9pm EST when I went to Libera IRC. I received a response of no from Scribus with regard to any spending cash contributions. There may have been a few development contributions but no forum support, no chat support for the project by Canonical.

I’m not saying what Canonical does is violating any license – these are dependencies in a package, right.

The new package is theirs: ubuntu-edu-tertiary

As devs, of course, we have dependencies. For example, I use rsync for respin. Nothing needs to be edited or changed, and my software depends on an existing project. However, it does seem as these packages such as ubuntu-edu-tertiary are just dependencies with no original education applications provided by Canonical at all. There is no deliverable application depending on these other projects. Honestly, these are just projects and software included in an education flavor.

So, if the idea is to provide education software to the “masses”, why are there no features added, user experience considerations developed, or well, any development at all?

While not a violation of license – because nothing was forked, just included as dependencies, the non-contributing development is definitely not community minded and a real threat to hobbyists and hackers everywhere!

Unfortunately, having to support your primary project is key. However, small projects are not a company with financial resources based on the packages or projects developed for the community. Many projects run with just a few contributors working on a labor of love.

We are not companies that charges in the six figures for licensing the Operating System on an industrial IOT machine because the manufacturer is in a certain country.

One company literally informed us of their intention to pay out half a million dollars to Ubuntu for using the Operating system on 2 machine product lines.

The reason, the machines were manufactured in China.

“But we can just make a respin! Trust me, I know how! We don’t need to pay”.

"Some projects have had great contributions and have moved forward in progression. Perhaps there is a benefit in companies using our projects."There was nothing I could do.

So, with that kind of payment from corporations, just how much does Ubuntu have in their coffers to contribute? How much do they contribute or pay to projects?

I received messages from the Edubuntu dev mailing list.

Edubuntu is a “labor of love” for the 3 or 4 people involved in the “resurrection” of the packages. Erich and his wife work on the product with input from family members and evaluation of what packages may be useful for educational purposes.

The job is to evaluate and include packages within the educational package that are mostly stable or have longevity. While I applaud any educational effort, the fully supported question needed to be answered!

“That control file was revived and largely unedited from its original form from 9+ years ago, and when it was originally written, all of the software may very well have been fully supported by Canonical. Unfortunately, I wasn’t around at that time, so I can’t speak to that. However, I can speak to where it is at currently.”

“Edubuntu, however is not its own project as it is a flavor of Ubuntu and doesn’t exist as a separate distribution from Ubuntu.”

“I’m sorry if the descriptions were confusing, we can definitely get that cleared-up before 23-10.”

So, in conclusion, rather than to “fully support”, partially support or offer any contributions whatsoever to the community projects used by Ubuntu, at least in the case of ubuntu-edu-* packages, the solution here is to – change the control file description.

Some projects have had great contributions and have moved forward in progression. Perhaps there is a benefit in companies using our projects. While contribution is not required, encouraging contributions to our projects, especially by those companies using and depending on the tools/utilities/apps for their project is definitely appreciated and considered at the very least, good manners. The tools/utilities/apps these companies use can progress for their benefit as well by contributing back to the project and community. There are various ways to do so.



Recent Techrights' Posts

Microsoft XBox Layoffs: Almost 2,000 Layoffs Became "Over 2,000"? (Over 20% of the Staff)
over 20% of staff will be let go, not counting staff that leaves voluntarily
Summer Plans in Techrights and Elsewhere
massive layoffs at Microsoft
Our Desktops Are Not Your Experiments, X is Not an Experiment
Breaking what already worked
Microsoft's Big Lies Regarding This Week's Mass Layoffs Have Already Begun (and They're Already Being Spread by Slopfarms)
Microsoft is the "market leader" in slop
 
Links 30/06/2025: Kyrgyzstan vs Media Freedom, Dalai Lama Succession
Links for the day
Gemini Links 30/06/2025: Backend Programs in Gemini and Dynamic Content Without The Scripting
Links for the day
Links 30/06/2025: Zuckerberg’s Tax-Evading Scheme Harms Kids, US Copyright Office Lacks Leadership
Links for the day
Microsoft Isn't Laying Off Tens of Thousands to 'Invest' in Slop ('Hey Hi'), It's Laying Off Tens of Thousands Because It's Running Out of Money (and Willing Lenders)
the layoffs are a sign of the business failing, not "hey hi" (whatever that is) replacing staff
Intel Lays Off 20% of Its Workforce, Microsoft is Doing the Same This Year
Like a yoyo, whatever goes up will come back down
GNU/Linux Rises to New Highs in Angola, Africa in General is Abandoning Windows
Western media barely covers Microsoft layoffs in Africa, but in recent years Microsoft culled the workforce and even shut down entire operations
Destination Geminispace (in the Age of LLM Slop and Slop Images That Infest the Web and Social Control Media)
Geminispace isn't vast, but at least it is - on average - a lot "cleaner"
GNU/Linux Growing in Sierra Leone This Year
Based on what statCounter is seeing, this year there are more and more people there who adopt GNU/Linux
Serial Sloppers Gonna Slop
More sites out there ought to call out the cheaters
Quartz (qz.com) is Spam and a Slopfarm
It used to be OK. Then they fired the staff.
Links 30/06/2025: US Economic Woes, Extreme Heat
Links for the day
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Sunday, June 29, 2025
IRC logs for Sunday, June 29, 2025
Gemini Links 30/06/2025: "The AI Hype" and New AuraGem Ask
Links for the day
Explaining the Full Story of SLAPPs From Microsoft Staff
For every action there is a reaction, for every attack there will be proportionate consequences
The Openwashing Shills Initiative (OSI) - Part III: IRS and Status of OSI
"They lied to the US IRS and there’s a paper trail"
IBM Red Hat's Dogmatic Fanaticism Under a Thin Veil of "Modernism"
IBM now has the audacity to paint people who don't agree as "nazis"
Microsoft's Share in Guatemala Fell From 97% to 14%
Eventually Microsoft will get stuck in a loop of layoffs, layoffs, and more layoffs
They Made Technology Scary and Taught Us That It's Innocent, Friendly, Even "Social"
Rejection of all this "apps" and "gadgets" and "Smart" (whatever that means!) status quo isn't a rejection of society
The Media is Under Attacks Partly Because There's Little Other (Remaining) Press to Speak in Its Defence
The biggest danger here is that when there's very little press or no "opposition media" left it becomes even easier to crush critics because there aren't many people left to speak about the matter
If Your Web Site is Run by Bots, Eventually Nobody Will 'Read' It Except Bots (People Don't Want to Read Slop)
Eventually people learn from mistakes
Links 29/06/2025: Microsoft Releases False/Fake Benchmarks, "Google Wants You to Watch Ads or Take Surveys to Read Articles"
Links for the day
Links 29/06/2025: Data Breaches and Online Censorship
Links for the day
Gemini Links 29/06/2025: "The Price Of Eggs" and Gemini 3D Tic Tac Toe
Links for the day
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Saturday, June 28, 2025
IRC logs for Saturday, June 28, 2025
The "News" You Saw About Canonical is Misleading, It Made Only 18 Million Dollars Last Year and Barely Paid Any Taxes
Lies are the norm these days...
Pushing Wayland Using Straw Man Arguments
phoronix.com has long promoted the talking point of "Wayland people" (for at least a decade already)
Australia: Windows Fell to All-Time Low, Even Lower Than iOS
There's a good reason why next week there will be so many Microsoft layoffs
Slopwatch: Linuxsecurity, WebProNews, and Google News Boosting Slopfarms as 'News'
People who don't recognise the slopfarms and don't know which sites are fake would struggle to understand what's really going on
Links 28/06/2025: Hardware/GPU Wars, GAFAM Throws Money (Borrowed Cash) at Hopeless Slop Pipe Dream
Links for the day
Gemini Links 28/06/2025: Shellshock and Network UPS Tools
Links for the day
Links 28/06/2025: The Age of Integrity and FreeBSD Foundation Added John Baldwin as Board Member
Links for the day
Fedora 44
IBM now does to Fedora what it did to RHEL
Microsoft Already Shaved Off Costs Anywhere It Could. It Was Not Enough.
Office and Windows aren't "selling" (licences) like they used to
Scheduled Maintenance Next Week
Our community is alive and well
BetaNews: We're Publishing LLM Slop About LLM Slop
Beta version of a slopfarm?
3-Month Updates on Our Complaint to the Solicitors Regulation Authority (SRA)
In short, the complaint remains open, updated, and is advancing
IBM Red States Hat (Project 2025): Our "New Thing" Replaces This "Old Thing"
The new replaces the old. That's how IBM frames it.
Start X
Just because something is old does not mean it is bad
Slopwatch: Linuxsecurity, Google News Slopfarms, and Linux Journal (LJ)
Today we take a quick look at 3 slopfarms
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Friday, June 27, 2025
IRC logs for Friday, June 27, 2025
Links 28/06/2025: "CC Signals" Virtue-Signals to Slop Ponzi Schemes, North Korea Aims for Tourism
Links for the day