Language Selection

English French German Italian Portuguese Spanish

Open-Source Referees Change the Rules

Filed under
OSS

The Open Source Initiative board on Wednesday adopted a new way of approving open-source licenses, as well as a new classification system for existing licensees, at its meeting at the Open Source Business Conference in San Francisco.

The OSI (Open Source Initiative) is the organization that approves open-source licenses. While its blessing is not necessary in any legalistic way, few if any companies or developers would use a so-called open-source license without the OSI's blessing.

"License proliferation has become a significant barrier to open-source deployment," the group declares in its "License Proliferation" document, a copy of which was obtained by eWEEK.com prior to its publication.

From now on, the group says, "Approved licenses must meet three new criteria of being a) nonduplicative, Cool clear and understandable, and c) reusable."

Additionally, the Open Source Initiative says it "will be moving to a three-tier system in which licenses are classified as preferred, approved or deprecated."

"The class of asymmetrical, corporate licenses that began with Mozilla was a worthy experiment that has failed. The new policy will discourage them," the group says.

Many companies, such as Sun Microsystems Inc. with its controversial CDDL (Common Development and Distribution License), have used the Mozilla license to create their own. Critics have pointed out, and Sun admits, that the CDDL is not compatible with the GPL (GNU General Public License), which is the legal foundation of Linux and many other major open-source projects.

To prevent this kind of conflict between licenses, the group is explicitly stating that one of the new policy's goals "will be to promote unrestricted reusability of code."

But the OSI board will not be making the call on its own on which new licenses will be approved. The group "has designed a public-comment process to include community stakeholders in grading licenses."

The organization is still working on the details of exactly how this process will work, according to sources close to the board.

The board is also now publicly agreeing with what many of its members-as well as the software development community-have charged for some time: that there are already too many open-source licenses.

Full Story.

More in Tux Machines

Security: Uber Sued, Intel ‘Damage Control’, ZDNet FUD, and XFRM Privilege Escalation

  • Uber hit with 2 lawsuits over gigantic 2016 data breach
    In the 48 hours since the explosive revelations that Uber sustained a massive data breach in 2016, two separate proposed class-action lawsuits have been filed in different federal courts across California. The cases allege substantial negligence on Uber’s part: plaintiffs say the company failed to keep safe the data of the affected 50 million customers and 7 million drivers. Uber reportedly paid $100,000 to delete the stolen data and keep news of the breach quiet. On Tuesday, CEO Dara Khosrowshahi wrote: “None of this should have happened, and I will not make excuses for it.”
  • Intel Releases Linux-Compatible Tool For Confirming ME Vulnerabilities [Ed: ‘Damage control’ strategy is to make it look like just a bug.]
    While Intel ME security issues have been talked about for months, confirming fears that have been present about it for years, this week Intel published the SA-00086 security advisory following their own internal review of ME/TXE/SPS components. The impact is someone could crash or cause instability issues, load and execute arbitrary code outside the visibility of the user and operating system, and other possible issues.
  • Open source's big weak spot? Flawed libraries lurking in key apps [Ed: Linux basher Liam Tung entertains FUD firm Snyk and Microsoft because it suits the employer's agenda]
  • SSD Advisory – Linux Kernel XFRM Privilege Escalation

gThumb 3.6 GNOME Image Viewer Released with Better Wayland and HiDPI Support

gThumb, the open-source image viewer for the GNOME desktop environment, has been updated this week to version 3.6, a new stable branch that introduces numerous new features and improvements. gThumb 3.6 comes with better support for the next-generation Wayland display server as the built-in video player, color profiles, and application icon received Wayland support. The video player component received a "Loop" button to allow you to loop videos, and there's now support for HiDPI displays. The app also ships with a color picker, a new option to open files in full-screen, a zoom popover that offers different zoom commands and a zoom slider, support for double-click activation, faster image loading, aspect ratio filtering, and the ability to display the description of the color profile in the property view. Read more Also: Many Broadway HTML5 Backend Improvements Land In GTK4

ExTiX 18.0, 64bit, with Deepin Desktop 15.5 (made in China!) and Refracta Tools – Create your own ExTiX/Ubuntu/Deepin system in minutes!

I’ve made a new extra version of ExTiX with Deepin 15.5 Desktop (made in China!). Deepin is devoted to providing a beautiful, easy to use, safe and reliable system for global users. Only a minimum of packages are installed in ExTiX Deepin. You can of course install all packages you want. Even while running ExTiX Deepin live. I.e. from a DVD or USB stick. Study all installed packages in ExTiX Deepin. Read more Also: ExTiX, the Ultimate Linux System, Now Has a Deepin Edition Based on Ubuntu 17.10 Kali Linux 2017.3 Brings New Hacking Tools — Download ISO And Torrent Files Here

Graphics: Greenfield, Polaris, Ryzen

  • Greenfield: An In-Browser HTML5 Wayland Compositor
    Earlier this year we covered the Westfield project as Wayland for HTML5/JavaScript by providing a Wayland protocol parser and generator for JavaScript. Now that code has morphed into Greenfield to provide a working, in-browser HTML5 Wayland compositor.
  • New Polaris Firmware Blobs Hit Linux-Firmware.Git
    Updated firmware files for the command processor (CP) on AMD Polaris graphics cards have landed in linux-firmware.git. These updated firmware files for Polaris GPUs are light on details besides being for the CP and from their internal 577de7b1 Git state.
  • Report: Ryzen "Raven Ridge" APU Not Using HBM2 Memory
    Instead of the Vega graphics on Raven Ridge using HBM2 memory, it appears at least for some models they are just using onboard DDR4 memory. FUDZilla is reporting today that there is just 256MB of onboard DDR4 memory being used by the new APU, at least for the Ryzen 5 APU found on the HP Envy x360 that was the first Raven APU system to market.