info
Google Groups no longer supports new Usenet posts or subscriptions. Historical content remains viewable.
Dismiss
OpenSUSE and Seamonkey
0 views
Skip to first unread message
Andrew
Dec 15, 2021, 3:30:46 PM12/15/21
to
OpenSUSE has Seamonkey in two repositories, the main Update repository
and the Mozilla Test repository. This is about 42.3 Leap by the way.
The level I'm running here - 2.53.8.1 - is the last one which made the
Update repository, although the Mozilla Test repository gets all of the
release versions and - it seems - at least some of the beta versions.
Today I asked the maintainer if he could update the version in "Update"
to a more recent released level, and this was his reply.
> I'm afraid there's nothing I can do -- I've been submitting the new versions as soon as they've been released, but they've all been stuck in legal review. I and other packagers have been occasionally nudging the lawyers but we never hear back from them.
Does anyone know why a new Seamonkey level requires "legal review", in
particular when this level is freely available in another repository anyway.
When Tristan refers to "other packagers", that reads as though other
products are also affected. What the F is going on here? Are the
lawyers getting involved in things which do not concern them?
and the Mozilla Test repository. This is about 42.3 Leap by the way.
The level I'm running here - 2.53.8.1 - is the last one which made the
Update repository, although the Mozilla Test repository gets all of the
release versions and - it seems - at least some of the beta versions.
Today I asked the maintainer if he could update the version in "Update"
to a more recent released level, and this was his reply.
> I'm afraid there's nothing I can do -- I've been submitting the new versions as soon as they've been released, but they've all been stuck in legal review. I and other packagers have been occasionally nudging the lawyers but we never hear back from them.
Does anyone know why a new Seamonkey level requires "legal review", in
particular when this level is freely available in another repository anyway.
When Tristan refers to "other packagers", that reads as though other
products are also affected. What the F is going on here? Are the
lawyers getting involved in things which do not concern them?
NFN Smith
Dec 15, 2021, 4:14:27 PM12/15/21
to
Andrew wrote:
> Today I asked the maintainer if he could update the version in "Update"
> to a more recent released level, and this was his reply.
>
>> I'm afraid there's nothing I can do -- I've been submitting the new versions as soon as they've been released, but they've all been stuck in legal review. I and other packagers have been occasionally nudging the lawyers but we never hear back from them.
>>
>
> Does anyone know why a new Seamonkey level requires "legal review", in
> particular when this level is freely available in another repository anyway.
>
> When Tristan refers to "other packagers", that reads as though other
> products are also affected. What the F is going on here? Are the
> lawyers getting involved in things which do not concern them?
I don't have any inside information, just speculation.
> Today I asked the maintainer if he could update the version in "Update"
> to a more recent released level, and this was his reply.
>
>> I'm afraid there's nothing I can do -- I've been submitting the new versions as soon as they've been released, but they've all been stuck in legal review. I and other packagers have been occasionally nudging the lawyers but we never hear back from them.
>>
>
> Does anyone know why a new Seamonkey level requires "legal review", in
> particular when this level is freely available in another repository anyway.
>
> When Tristan refers to "other packagers", that reads as though other
> products are also affected. What the F is going on here? Are the
> lawyers getting involved in things which do not concern them?
My best guess is that they've decided that review is needed to ensure
that a formal release doesn't have any copyrighted code in it that would
potentially expose them to lawsuits.
Even if the same stuff is in the Test repository, the expectation is
that paying users are going to be using the stuff that officially
released in the Update repository.
"other packagers" is likely to be the maintainers of other packages that
have to jump through the same hoops to get their stuff released.
I agree that it's annoying, especially for work that's limited to bug
and security fixes and no new code. But I think the reviewers are
looking for inclusion of new stuff that may have intellectual property
restrictions.
Unfortunately, where potential legal liabilities are at stake,
everything is of concern to the lawyers.
Smith
Carlos E. R.
Dec 15, 2021, 6:49:28 PM12/15/21
to
On 15/12/2021 21.30, Andrew wrote:
> OpenSUSE has Seamonkey in two repositories, the main Update repository
> and the Mozilla Test repository. This is about 42.3 Leap by the way.
> The level I'm running here - 2.53.8.1 - is the last one which made the
> Update repository, although the Mozilla Test repository gets all of the
> release versions and - it seems - at least some of the beta versions.
>
> Today I asked the maintainer if he could update the version in "Update"
> to a more recent released level, and this was his reply.
For Leap 42.3? I doubt he can do any update at all for that obsolete
> OpenSUSE has Seamonkey in two repositories, the main Update repository
> and the Mozilla Test repository. This is about 42.3 Leap by the way.
> The level I'm running here - 2.53.8.1 - is the last one which made the
> Update repository, although the Mozilla Test repository gets all of the
> release versions and - it seems - at least some of the beta versions.
>
> Today I asked the maintainer if he could update the version in "Update"
> to a more recent released level, and this was his reply.
version.
>
>> I'm afraid there's nothing I can do -- I've been submitting the new
>> versions as soon as they've been released, but they've all been stuck
>> in legal review. I and other packagers have been occasionally nudging
>> the lawyers but we never hear back from them.
>
> Does anyone know why a new Seamonkey level requires "legal review", in
> particular when this level is freely available in another repository
> anyway.
> When Tristan refers to "other packagers", that reads as though other
> products are also affected. What the F is going on here? Are the
> lawyers getting involved in things which do not concern them?
to be published as official package.
--
Cheers,
Carlos E.R.
Andrew
Dec 16, 2021, 5:08:49 AM12/16/21
to
Quoting from https://en.opensuse.org/openSUSE:Legal_review
> For new packages, a full review of the sources is done to ensure that the package does not violate any licence or copyright constraints. If you submit a package that you don't own, the owner of the package will be respectfully contacted to request permission to add the package to Factory before the package will be accepted. (This triggers an additional review.)
>
> For existing packages, if the legal-auto review (the automatic reviewed noted above) fails, then a full manual review is triggered.
This points to
https://en.opensuse.org/openSUSE:Packaging_guidelines#Legal which
explains what the problems cound be. I have absolutely no idea which of
those could be the problem here.
The Legal Review is automated - see
https://news.opensuse.org/2018/11/08/opensuse-develops-legal-review-system/
- and uses something called "Cavil".
Presumably Seamonkey 2.53.8.1 passed this process, 2.53.9 did not.
Andrew
Dec 16, 2021, 5:23:09 AM12/16/21
to
Carlos E. R. wrote:
> On 15/12/2021 21.30, Andrew wrote:
>> OpenSUSE has Seamonkey in two repositories, the main Update repository
>> and the Mozilla Test repository. This is about 42.3 Leap by the way.
snip
> On 15/12/2021 21.30, Andrew wrote:
>> OpenSUSE has Seamonkey in two repositories, the main Update repository
>> and the Mozilla Test repository. This is about 42.3 Leap by the way.
>
> For Leap 42.3? I doubt he can do any update at all for that obsolete
> version.
>
>>
>
("Leap" was introduced with 15.0) and secondly I meant the current
version 15.3 Leap.
Well, I can see that my posting contained "42.3" but do not understand
how it happened. There is something wrong with my typing (and not my
keyboard).
Andrew
Dec 16, 2021, 9:33:15 AM12/16/21
to
WaltS48 wrote:
> I've lost count of how many proofreaders I've fired. ;)
>
> Forget the distro builds and install from SeaMonkey.
>
> [http://www.seamonkey-project.org/]
>
Wherever the logjam was, it has been resolved.
>
> Forget the distro builds and install from SeaMonkey.
>
> [http://www.seamonkey-project.org/]
>
Wherever the logjam was, it has been resolved.
bad sector
Dec 16, 2021, 12:00:25 PM12/16/21
to
to assure that (in addition to 'packaged' distro rpms that I
have really absolutely nothing against) the original source
code tarball released by originating devs were ALWAYS compilable
without any hickups.
Andrew
Dec 16, 2021, 12:26:17 PM12/16/21
to
system language, Seamonkey is dependent on a version of Rust > n being
installed (so far so good) but some other packages require a lower
level. Newer levels are not necessarily 100% compatible.
openSUSE has taken steps to permit multiple levels of Rust to co-exist
for just this reason.
FC
Dec 16, 2021, 12:34:56 PM12/16/21
to
use those? If a modification has to be done for SUSE to use SeaMonkey,
it would explain why a lawyer is needed, since SeaMonkey is trademarked,
and one may not distribute a modified version without legal consent.
Andrew
Dec 16, 2021, 2:39:58 PM12/16/21
to
always very up to date - to the extent of releasing test versions of
Seamonkey quite frequently.
I wanted to restrict this machine to actual releases, a policy which has
been very useful several times. What provoked my posting was
discovering that unspecified legal reasons were preventing new versions
from making it to the standard "update" repostory.
The new - and current - version arrived around 8 hours ago so the
problem has been solved for the time being.
bad sector
Dec 16, 2021, 2:43:02 PM12/16/21
to
On 12/16/21 12:26 PM, Andrew wrote:
that I remember when virtually any source package could
be just compiled in any distro. App devs could also do a
bit by ignoring anything that haa been a parrt of every
distro for at least 5 years. My 2 cents.
> bad sector wrote:
>> A lot of headaches could be avoided if an effort was made
>> to assure that (in addition to 'packaged' distro rpms that I have
>> really absolutely nothing against) the original source code
>> tarball released by originating devs were ALWAYS compilable
>> without any hickups.
>>
>
> Not as trivial as it seems. Rust is currently becoming the next big
> system language, Seamonkey is dependent on a version of Rust > n
> being installed (so far so good) but some other packages require a
> lower level. Newer levels are not necessarily 100% compatible.
> openSUSE has taken steps to permit multiple levels of Rust to
> co-exist for just this reason.
I know it isn't, didn't wanna toss no rocks either, it's just
>> A lot of headaches could be avoided if an effort was made
>> to assure that (in addition to 'packaged' distro rpms that I have
>> really absolutely nothing against) the original source code
>> tarball released by originating devs were ALWAYS compilable
>> without any hickups.
>>
>
> Not as trivial as it seems. Rust is currently becoming the next big
> system language, Seamonkey is dependent on a version of Rust > n
> being installed (so far so good) but some other packages require a
> lower level. Newer levels are not necessarily 100% compatible.
> openSUSE has taken steps to permit multiple levels of Rust to
> co-exist for just this reason.
that I remember when virtually any source package could
be just compiled in any distro. App devs could also do a
bit by ignoring anything that haa been a parrt of every
distro for at least 5 years. My 2 cents.
Carlos E. R.
Dec 16, 2021, 4:05:42 PM12/16/21
to
On 16/12/2021 11.23, Andrew wrote:
> Carlos E. R. wrote:
>> On 15/12/2021 21.30, Andrew wrote:
>>> OpenSUSE has Seamonkey in two repositories, the main Update
>>> repository and the Mozilla Test repository. This is about 42.3 Leap
>>> by the way.
> snip
>
>>
>> For Leap 42.3? I doubt he can do any update at all for that obsolete
>> version.
>>
>>>
>>
>
> How the F did "42.3 Leap" get in there? Firstly there was no such level
> ("Leap" was introduced with 15.0) and secondly I meant the current
> version 15.3 Leap.
No, Leap was introduced with 42. Special number with special meaning for
> Carlos E. R. wrote:
>> On 15/12/2021 21.30, Andrew wrote:
>>> OpenSUSE has Seamonkey in two repositories, the main Update
>>> repository and the Mozilla Test repository. This is about 42.3 Leap
>>> by the way.
> snip
>
>>
>> For Leap 42.3? I doubt he can do any update at all for that obsolete
>> version.
>>
>>>
>>
>
> How the F did "42.3 Leap" get in there? Firstly there was no such level
> ("Leap" was introduced with 15.0) and secondly I meant the current
> version 15.3 Leap.
some.
> Well, I can see that my posting contained "42.3" but do not understand
> how it happened. There is something wrong with my typing (and not my
> keyboard).
--
Cheers,
Carlos E.R.
Carlos E. R.
Dec 16, 2021, 4:08:01 PM12/16/21
to
On 16/12/2021 11.08, Andrew wrote:
> Carlos E. R. wrote:
>> On 15/12/2021 21.30, Andrew wrote:
...
> Carlos E. R. wrote:
>> On 15/12/2021 21.30, Andrew wrote:
>> Every package in openSUSE has to pass a legal review, at least if it
>> is to be published as official package.
>>
>
> Thanks - that appears to be the problem, although I don't know why.
> Quoting from https://en.opensuse.org/openSUSE:Legal_review
>> For new packages, a full review of the sources is done to ensure that
>> the package does not violate any licence or copyright constraints. If
>> you submit a package that you don't own, the owner of the package will
>> be respectfully contacted to request permission to add the package to
>> Factory before the package will be accepted. (This triggers an
>> additional review.)
>>
>> For existing packages, if the legal-auto review (the automatic
>> reviewed noted above) fails, then a full manual review is triggered.
>
> This points to
> https://en.opensuse.org/openSUSE:Packaging_guidelines#Legal which
> explains what the problems cound be. I have absolutely no idea which of
> those could be the problem here.
>
> The Legal Review is automated - see
> https://news.opensuse.org/2018/11/08/opensuse-develops-legal-review-system/
> - and uses something called "Cavil".
> Presumably Seamonkey 2.53.8.1 passed this process, 2.53.9 did not.
>
--
Cheers,
Carlos E.R.
Christian Schumacher
Dec 19, 2021, 8:49:05 AM12/19/21
to
Andrew <Do...@hyperspace.vogon.gov> schrieb in alt.comp.software.seamonkey:
I guess it's not about legal review within SUSE.
--
Regards, Christian
»Warum ist "umfahren" das Gegenteil von "umfahren"?«
> Carlos E. R. wrote:
>> Every package in openSUSE has to pass a legal review, at least if it is
>> to be published as official package.
>>
>
> Thanks - that appears to be the problem, although I don't know why.
> Quoting from https://en.opensuse.org/openSUSE:Legal_review
>> For new packages, a full review of the sources is done to ensure that
>> the package does not violate any licence or copyright constraints.
>> If you submit a package that you don't own, the owner of the package
>> will be respectfully contacted to request permission to add the package
>> to Factory before the package will be accepted. (This triggers an
>> additional review.)
>>
>> For existing packages, if the legal-auto review (the automatic reviewed
>> noted above) fails, then a full manual review is triggered.
>
> This points to
> https://en.opensuse.org/openSUSE:Packaging_guidelines#Legal which
> explains what the problems cound be. I have absolutely no idea which of
> those could be the problem here.
>
> The Legal Review is automated - see
> https://news.opensuse.org/2018/11/08/opensuse-develops-legal-review-system/
> - and uses something called "Cavil".
> Presumably Seamonkey 2.53.8.1 passed this process, 2.53.9 did not.
As OpenSUSE Tumbleweed currently deliveres SeaMonkey 2.53.10.1
>> Every package in openSUSE has to pass a legal review, at least if it is
>> to be published as official package.
>>
>
> Thanks - that appears to be the problem, although I don't know why.
> Quoting from https://en.opensuse.org/openSUSE:Legal_review
>> For new packages, a full review of the sources is done to ensure that
>> the package does not violate any licence or copyright constraints.
>> If you submit a package that you don't own, the owner of the package
>> will be respectfully contacted to request permission to add the package
>> to Factory before the package will be accepted. (This triggers an
>> additional review.)
>>
>> For existing packages, if the legal-auto review (the automatic reviewed
>> noted above) fails, then a full manual review is triggered.
>
> This points to
> https://en.opensuse.org/openSUSE:Packaging_guidelines#Legal which
> explains what the problems cound be. I have absolutely no idea which of
> those could be the problem here.
>
> The Legal Review is automated - see
> https://news.opensuse.org/2018/11/08/opensuse-develops-legal-review-system/
> - and uses something called "Cavil".
> Presumably Seamonkey 2.53.8.1 passed this process, 2.53.9 did not.
I guess it's not about legal review within SUSE.
--
Regards, Christian
»Warum ist "umfahren" das Gegenteil von "umfahren"?«
Andrew
Dec 19, 2021, 9:13:42 AM12/19/21
to
no idea why - correct is 15.3 Leap.
2. 2.53.10.1 magically appeared in the Update repository a day later.
Carlos E.R.
Dec 21, 2021, 6:52:06 AM12/21/21
to
using the openSUSE Build Service, not necessarily using the source
package and your own computer with traditional building tools.
--
Cheers, Carlos.
0 new messages