From mboxrd@z Thu Jan 1 00:00:00 1970 From: Leo Famulari Subject: bug#34565: ungoogled-chromium contains Widevine DRM Date: Wed, 20 Feb 2019 00:15:36 -0500 Message-ID: <20190220051536.GA7782@jasmine.lan> References: <1550547897.31222.1.camel@jxself.org> <20190219070601.GA8273@jasmine.lan> <1550582906.5431.7.camel@jxself.org> <20190219144342.GA2688@jasmine.lan> <1550623152.12316.5.camel@jxself.org> <1550625137.14138.3.camel@jxself.org> Mime-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha256; protocol="application/pgp-signature"; boundary="liOOAslEiF7prFVr" Return-path: Received: from eggs.gnu.org ([209.51.188.92]:45958) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1gwKJe-00082t-G2 for bug-guix@gnu.org; Wed, 20 Feb 2019 00:21:07 -0500 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1gwKEl-0003Bq-UW for bug-guix@gnu.org; Wed, 20 Feb 2019 00:16:04 -0500 Received: from debbugs.gnu.org ([209.51.188.43]:56292) by eggs.gnu.org with esmtps (TLS1.0:RSA_AES_128_CBC_SHA1:16) (Exim 4.71) (envelope-from ) id 1gwKEk-00039w-3d for bug-guix@gnu.org; Wed, 20 Feb 2019 00:16:03 -0500 Received: from Debian-debbugs by debbugs.gnu.org with local (Exim 4.84_2) (envelope-from ) id 1gwKEj-0004YY-Tq for bug-guix@gnu.org; Wed, 20 Feb 2019 00:16:01 -0500 Sender: "Debbugs-submit" Resent-Message-ID: Content-Disposition: inline In-Reply-To: <1550625137.14138.3.camel@jxself.org> List-Id: Bug reports for GNU Guix List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: bug-guix-bounces+gcggb-bug-guix=m.gmane.org@gnu.org Sender: "bug-Guix" To: Jason Self Cc: 34565@debbugs.gnu.org --liOOAslEiF7prFVr Content-Type: text/plain; charset=us-ascii Content-Disposition: inline On Tue, Feb 19, 2019 at 05:12:17PM -0800, Jason Self wrote: > Taking this and considering Guix's build process: The method of > building seems to involve downloading Chromium, then runnning > ungoogled-chromium over it, and then building. I'm not sure if any > other packages have their freedom problems fixed in this way but this, > just like build flags, should not be sufficient. Freedom problems > should not be hidden/removed after the fact by asking the user to run a > clean-up program after downloading the source, even if that has been > automated by the package manager. What is sent to the end user to > compile should itself be 100% free software and FSDG compliant from the > beginning. If not it still amounts to distributing non-free software to > the user when they want to, for example, do guix build -S chromium. To clarify this general point about Guix for anyone who is reading along, as a matter of policy the end user does not receive non-free source code from Guix. The tools provided by Guix to access source code only return source code that is freely licensed. If the sources have to be modified to ensure this, the unodified source code is not provided to the user. Guix is specifically designed to do it this way. --liOOAslEiF7prFVr Content-Type: application/pgp-signature; name="signature.asc" -----BEGIN PGP SIGNATURE----- iQIzBAABCAAdFiEEsFFZSPHn08G5gDigJkb6MLrKfwgFAlxs4nUACgkQJkb6MLrK fwhsPw//TGH5826MuUVxzsxjlYgNWfcLworp6z7LEQmhq9SjjyX2gCa76bCQTyHi +wAGo2GCnYIGuV/jMAZj/dyTrpsJjd48DQhYeEUdilQPh6ktWN5LOxj/R68mp7eP BVTizKe+vEbJ1iJcK3B4F7UNAlRWp7ur+4gSqmFdGSd3y9EIwPgfVBTMjp0qleVk ddJYhRYpHNmcVPcgVbyb8JewFn7ctOPsBGfpZqieirbDJRq+sjVDs2DsZzE+l+dk C2U86gQfLM6/vGwCV9Ly7yXpxf0XvdVZrowrU8M+iGeBmpvBCBY+RwF/jE8EKg/7 i+I00wMEF8XtzC0eP3JyPxGOjjD/0/PMIhtuOE0DNW4TFkYhKKfy57ZnTA1P+8Co yvZUyl5eJMuGy6QgYUGLbrVERS9ib7CVTWEAUoP4CBuBuj4X+LfnTyrHDRUY76FR 3SAgWQIvGkGQ8Bn+uii2UxgYhZWK6r8wTirGuu5Zjzy1vNcdaxNr5EQDu0jcxfBl QpthGuq1fZX8U8kRyJ/OCSFyUdE2hpcDLYL9xzF4d1/J30s2s6X3LU+CBhy9c86a 05ZJNHY8wTxMtWBkq80r7HSC4jf80R2bHzjc2C0uUzpImhdQXdaFQ+dmmPLuUd5p h9dtxEu2CgEhrDvennldvD6my8ZSA/ig6scVOy+FbjWm56/pnc4= =vUdq -----END PGP SIGNATURE----- --liOOAslEiF7prFVr--