From mboxrd@z Thu Jan  1 00:00:00 1970
Received: from eggs.gnu.org ([2001:4830:134:3::10]:52135)
	by lists.gnu.org with esmtp (Exim 4.71)
	(envelope-from <Debian-debbugs@debbugs.gnu.org>) id 1fF3sb-0007kd-EZ
	for guix-patches@gnu.org; Sat, 05 May 2018 16:34:06 -0400
Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71)
	(envelope-from <Debian-debbugs@debbugs.gnu.org>) id 1fF3sY-0006Et-4h
	for guix-patches@gnu.org; Sat, 05 May 2018 16:34:05 -0400
Received: from debbugs.gnu.org ([208.118.235.43]:42968)
	by eggs.gnu.org with esmtps (TLS1.0:RSA_AES_128_CBC_SHA1:16)
	(Exim 4.71) (envelope-from <Debian-debbugs@debbugs.gnu.org>)
	id 1fF3sY-0006Eg-0c
	for guix-patches@gnu.org; Sat, 05 May 2018 16:34:02 -0400
Received: from Debian-debbugs by debbugs.gnu.org with local (Exim 4.84_2)
	(envelope-from <Debian-debbugs@debbugs.gnu.org>) id 1fF3sX-0002XM-LY
	for guix-patches@gnu.org; Sat, 05 May 2018 16:34:01 -0400
Subject: [bug#31307] [PATCH] Add MAT,
	the Metadata Anonymisation Toolkit from Boum
Resent-Message-ID: <handler.31307.B31307.15255524309733@debbugs.gnu.org>
From: ludo@gnu.org (Ludovic =?UTF-8?Q?Court=C3=A8s?=)
References: <87wowrj9kq.fsf@gmail.com>
Date: Sat, 05 May 2018 22:33:45 +0200
In-Reply-To: <87wowrj9kq.fsf@gmail.com> (Chris Marusich's message of "Sat, 28
	Apr 2018 14:38:13 -0700")
Message-ID: <877eohrgeu.fsf@gnu.org>
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: quoted-printable
List-Id: <guix-patches.gnu.org>
List-Unsubscribe: <https://lists.gnu.org/mailman/options/guix-patches>,
	<mailto:guix-patches-request@gnu.org?subject=unsubscribe>
List-Archive: <http://lists.gnu.org/archive/html/guix-patches/>
List-Post: <mailto:guix-patches@gnu.org>
List-Help: <mailto:guix-patches-request@gnu.org?subject=help>
List-Subscribe: <https://lists.gnu.org/mailman/listinfo/guix-patches>,
	<mailto:guix-patches-request@gnu.org?subject=subscribe>
Errors-To: guix-patches-bounces+kyle=kyleam.com@gnu.org
Sender: "Guix-patches" <guix-patches-bounces+kyle=kyleam.com@gnu.org>
To: Chris Marusich <cmmarusich@gmail.com>
Cc: 31307@debbugs.gnu.org

Hello Chris,

Chris Marusich <cmmarusich@gmail.com> skribis:

> Should we refrain from adding this package simply because the author is
> not maintaining it any more?  I'm inclined to say "no", but one also has
> to consider whether it is a a good idea to encourage people to use an
> unmaintained tool for protecting their privacy/anonymity.  I'm not sure.

It=E2=80=99s risky, indeed.  As time passes it=E2=80=99s likely to have mor=
e and more
known-but-unfixed security issues, which isn=E2=80=99t great.  Leo, thought=
s on
this situation?

> In addition, I notice that the license is GPL 2, but it seems the author
> did not specify whether "any later version" can be used.  Therefore, I
> have listed this as gpl2, instead of gpl2+.

Note that unless authors explicitly removed the =E2=80=9Cor any later versi=
on=E2=80=9D
phrase from license headers in source files, we write =E2=80=98gpl2+=E2=80=
=99;
specifically, Section 9 of GPLv2 reads:

  If the Program does not specify a version number of this License, you
  may choose any version ever published by the Free Software Foundation.

Thanks,
Ludo=E2=80=99.