Bonum Certa Men Certa

Free Software Contributions and Real Threats

By Marcia Wilbur

To build or not to build!



Recently, there has been some discussion about “open source freeloaders”. It’s completely laughable for companies calling others freeloaders, when in fact, we are the contributors, developers, laborers of love and take ownership volunteering our time to projects these companies use.

Often corporations use our projects without giving anything back to the community.

This is true of many companies with “open source” projects. Often, there will be use of projects in ways one might not even imagine such as curling Windows repos, creating in-house projects based on all open source projects with no redistribution, no sharing and resistance to share.

In one corporate case, the original developers shared with an open license to GitHub. When confronted with this fact, I recommended placing the updated project files to the original repo and was met with strong objection to the point the product owner stated I was “stirring the pot” and demanded management “remove that github project”. Management would not as this is not one of “our company project repos” and we have no control over this public-facing project abandoned several years prior.

"It’s not a violation of license to build new software based on different packages and projects in-house and not share, but not in the spirit of our community."The original developers seemed to have best intentions but were let go and the project developed internally from their original.

It’s not a violation of license to build new software based on different packages and projects in-house and not share, but not in the spirit of our community. Some development, testing or any contribution is appreciated but not required. There is no monetary donation more often than not. Little to no consulting opportunities are available to project developers who have an eye toward community, at least from my perspective and experience.

From Red Hat’s commitment to open source: A response to the git.centos.org changes

June 26, 2023, by Mike McGrath

“Finally, I’d like to address every open source company out there, whether your code is open today or you’re considering moving to an open source model. By any measure, Red Hat has “made it” and I hope many open source companies can succeed as we have. You can decide for yourself whether downstream rebuilds are valuable for you and it’s your call to make it easy, or not.

Simply rebuilding code, without adding value or changing it in any way, represents a real threat to open source companies everywhere. This is a real threat to open source, and one that has the potential to revert open source back into a hobbyist- and hackers-only activity.

We don’t want that and I know our community members, customers and partners don’t want that. Innovation happens in the upstream. Building on the shoulders of others is what open source is about. Let’s continue to drive innovation, support one another and keep moving forward.”


Granted, most of us want the ability to modify and distribute and we do just this.

There are a few use cases for simply building without adding features.



Companies are not likely to pick up abandonware and include this as a dependency, even when they have the resources to do so. Instead, they will search out an alternative.

Take for example an open source project I worked on recently using pandoc. Rather than use @latest pandoc with xelatex for new features, the project used wkhtml2pdf. The company hired an in-house dev to work on the features we wanted when these were already available using @latest pandoc with xelatex!

"Again, while completely legal, this culture of selfish dependence without give back is more common in company culture than not. Freeloaders?!"The packages included in this in-house “solution” included unsupported and deprecated versions with of course, high security risk. The company created what I like to refer to as a “frankenapp”. There was no effort to work with any of the open source projects the company used, no effort to contribute to development. Some of the projects included: ImageMagick, Graphviz, batik, pandoc, wkhtml2pdf

Again, while completely legal, this culture of selfish dependence without give back is more common in company culture than not. Freeloaders?!

Ubuntu – fully supported example:

The packages for Edubuntu were divided and are currently divided by education level.

Packages include:

ubuntu-edu-preschool ubuntu-edu-primary ubuntu-edu-secondary ubuntu-edu-tertiary

The task at Kids on Computers was to evaluate which education projects or packages were used in a previous distro, Ubermix, used by schools in Mexico implemented by KOC.

The purpose of this was to sunset any Ubermix machine, but still offer the same tools, utilities and applications to students. Ubermix was hosting the ISO on the then Google plus platform.

"Does Canonical contribute to Scribus? So, what exactly is meant by “fully support”?"“Who does that?!”

While there were some beneficial features to Ubermix, Kids on Computers wanted to see if we could simply use the packages in a custom respin.

While evaluating the list of packages (dpkg –get-selections | grep install), I noted the packages from Ubuntu.

The interesting thing about these packages was what was inside. There was no indication *buntu had done anything but packaging.

This became more clear upon the realization a couple packages were no longer maintained projects.

So, take for example, ubuntu-edu-tertiary with many recommended packages. The packages listed include Scribus.

The control file for tertiary states:

Package: ubuntu-edu-tertiary Source: edubuntu-meta Version: 23.04.12 Architecture: amd64 Maintainer: Edubuntu Developers edubuntu-devel@lists.ubuntu.com Installed-Size: 10 Recommends: bijiben, calibre, cantor, chemtool, dia, drawing, fritzing, gbrainy, gramps, inkscape, kalzium, klavaro, kmplot, ktouch, librecad, libreoffice, lightspeed, arble-qt, melting, pdfmod, rocs, scribus, stellarium, step, yorick Section: metapackages Priority: optional Description: Tertiary Educational Application Bundle This package depends on all of the educational software for Tertiary grade level education that is fully supported by Canonical and the Edubuntu community.

How do they “FULLY” support?

So, I had questions.

I joined the Edubuntu devel mailing list and asked for the definition of "fully supported".

I went to the Scribus IRC and asked the question whether canonical contributed to the project.

Does Canonical contribute to Scribus? So, what exactly is meant by “fully support”?

Documentation, training, development or testing contribution? Forum, IRC?

Or, do they simply support the ubuntu-edu-tertiary package itself and separate themselves from the projects/packages they “recommend”?

This was Sunday August 13 at approx 9pm EST when I went to Libera IRC. I received a response of no from Scribus with regard to any spending cash contributions. There may have been a few development contributions but no forum support, no chat support for the project by Canonical.

I’m not saying what Canonical does is violating any license – these are dependencies in a package, right.

The new package is theirs: ubuntu-edu-tertiary

As devs, of course, we have dependencies. For example, I use rsync for respin. Nothing needs to be edited or changed, and my software depends on an existing project. However, it does seem as these packages such as ubuntu-edu-tertiary are just dependencies with no original education applications provided by Canonical at all. There is no deliverable application depending on these other projects. Honestly, these are just projects and software included in an education flavor.

So, if the idea is to provide education software to the “masses”, why are there no features added, user experience considerations developed, or well, any development at all?

While not a violation of license – because nothing was forked, just included as dependencies, the non-contributing development is definitely not community minded and a real threat to hobbyists and hackers everywhere!

Unfortunately, having to support your primary project is key. However, small projects are not a company with financial resources based on the packages or projects developed for the community. Many projects run with just a few contributors working on a labor of love.

We are not companies that charges in the six figures for licensing the Operating System on an industrial IOT machine because the manufacturer is in a certain country.

One company literally informed us of their intention to pay out half a million dollars to Ubuntu for using the Operating system on 2 machine product lines.

The reason, the machines were manufactured in China.

“But we can just make a respin! Trust me, I know how! We don’t need to pay”.

"Some projects have had great contributions and have moved forward in progression. Perhaps there is a benefit in companies using our projects."There was nothing I could do.

So, with that kind of payment from corporations, just how much does Ubuntu have in their coffers to contribute? How much do they contribute or pay to projects?

I received messages from the Edubuntu dev mailing list.

Edubuntu is a “labor of love” for the 3 or 4 people involved in the “resurrection” of the packages. Erich and his wife work on the product with input from family members and evaluation of what packages may be useful for educational purposes.

The job is to evaluate and include packages within the educational package that are mostly stable or have longevity. While I applaud any educational effort, the fully supported question needed to be answered!

“That control file was revived and largely unedited from its original form from 9+ years ago, and when it was originally written, all of the software may very well have been fully supported by Canonical. Unfortunately, I wasn’t around at that time, so I can’t speak to that. However, I can speak to where it is at currently.”

“Edubuntu, however is not its own project as it is a flavor of Ubuntu and doesn’t exist as a separate distribution from Ubuntu.”

“I’m sorry if the descriptions were confusing, we can definitely get that cleared-up before 23-10.”

So, in conclusion, rather than to “fully support”, partially support or offer any contributions whatsoever to the community projects used by Ubuntu, at least in the case of ubuntu-edu-* packages, the solution here is to – change the control file description.

Some projects have had great contributions and have moved forward in progression. Perhaps there is a benefit in companies using our projects. While contribution is not required, encouraging contributions to our projects, especially by those companies using and depending on the tools/utilities/apps for their project is definitely appreciated and considered at the very least, good manners. The tools/utilities/apps these companies use can progress for their benefit as well by contributing back to the project and community. There are various ways to do so.



Recent Techrights' Posts

BetaNews Appears to Have Fired All Of Its Staff
Even serial sloppers
Gemini Protocol Turns 6 on Friday
Active (online) Gemini capsules are estimated by Lupa at over 3,000
Microsoft's "FUD-as-a-Service" (Against Linux) Not Functioning Well
This is the kind of contribution companies like Microsoft and Google have to offer to society
Betanews Becoming a Slopfarm is "Betanews Growing Alongside You", According to Betanews
Their first 'article' in over two weeks is 52% "AI-generated" (slop), 33% mixed (edited slop), 18% human-written, says an advanced scanner.
 
The Right to Know and the Freedom to Report on Crime (at the Higher Echelons)
I'd like to do the same thing for the next 20 years
After the Web Becomes Slopped to Death
A lot of people are rightly fed up with the "modern" Web
Microsoft's Windows is a Niche Operating System in Africa
African nations aren't a large contributor to Microsoft's income, but if many African nations move away from Windows, then the monopoly is at risk
Like Most Social Control Media, Microsoft LinkedIn is Collapsing
One reason for Microsoft acquisitions is debt-loading, i.e. offloading and burying its debt
Microsoft is Losing Its Richest Clients
Unlike some very poor countries, Germany and the EU are a considerable source of income to Microsoft
Proprietary Means Not Secure
Proprietary software tends to rely on secrecy, not good design
Slop in 'AI' Clothing is a Passing Fad, We'll Get Past It (Like Blockchain Before That)
Many people cheat in exams using slop and there are professionals that try using slop as a "shortcut"
GNOME Does Not Campaign Against Microsoft, KDE Does
It's good to see that KDE is still active in promotion of Free software - a term that it uses
Slopwatch: BetaNews, Linuxsecurity, and Other Prolific Slopfarms
name and shame the sites that establish such proliferation of slop
Gemini Links 18/06/2025: Birch Lake and Loon Pond
Links for the day
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Tuesday, June 17, 2025
IRC logs for Tuesday, June 17, 2025
Links 17/06/2025: "The Grift Economy" and Kubernetes Does Proprietary
Links for the day
Coffee Day and LLM Sloppers
The LLM slop "bros" are a lot like fake-money bros; they lie to people, they boast that they lie to people, and they're generally bad people, BS artists in colloquial terms
Double-Dipping the Docket for Microsoft Glory and Censorship of Microsoft Critics
same lawyer, same barrister, all US, all Microsoft
TheLayoff Censorship of IBM Threads Has Gone Truly Ludicrous
we do not argue that TheLayoff should not cull LLM slop
More Stallmanites Added to FSF Board and Summer Fundraiser Commences
There's some good news from the FSF
Gemini Links 17/06/2025: Consistency and Notes About NixOS
Links for the day
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Monday, June 16, 2025
IRC logs for Monday, June 16, 2025
July 2 2025 Would Not be First Big Wave of Microsoft Layoffs Before Major National Holiday
July 2 or 3 mark the start of a very long weekend in the US
IDG's NetworkWorld Seems to Have Just Become LLM Slop
If IDG (now controlled by China) does that in at least one site, why not the rest? Only a matter of time?
Gemini Links 16/06/2025: Free Lunches and Bookmarklet for Mastodon
Links for the day
IBM: Less Than a Month's Severance for Each Decade of Service
Yes, decade!
Taking a Lesson From Denmark and Greenland? Iceland Shows New Lows for Windows, All-Time Highs for GNU/Linux
If Microsoft sabotages systems of judges at the Hague (in order to appease the insane man who wanted to invade Greenland), why won't its neighbour Iceland take note?
BetaNews Has Just Deleted Its Latest 'Article' or Got Cracked Again and Restored From Outdated Backup Again
BetaNews seems to be in some serious trouble right now
Software Freedom is "Activism" Because the Corporate Agenda Revolves Around Bribery, Deceit, and Betrayal
At the end Software Freedom will win because it's on the same side as truth and lawfulness
The EPO, Europe's Largest Patent Office, Admits Outsourcing to Microsoft Slop
Their sole goal is to make more money
Links 16/06/2025: EchoLeak and NASA Teaming up With India
Links for the day
The Better the Understanding or the More Nations Understand the Threat Posed by Microsoft, the Faster It'll be Eradicated
We believe that the thing to advocate is self-hosting and Free software... A lack of simplicity or absence of alternatives is a form of vendor lock-in
A Week of Sunlight
They say transparency is like sunlight to a vampire
"Linux" Sites That Went Astray
there are even worse things than shutdowns
Links 16/06/2025: Climate, Wildfires, Breaches, and Monopolies
Links for the day
Links 16/06/2025: Summer in Finland and Misunderstandings
Links for the day
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Sunday, June 15, 2025
IRC logs for Sunday, June 15, 2025