Message116844
> Since libtomcrypt is public domain, you could incorporate the source
> into the tree without making it a binary dependency.
And then we have to maintain our copy ourselves. I'm not sure why you
think this is better than depending on a system-wide install, because
it's certainly worse.
(we do have private copies of a couple of libraries: zlib, expat,
libffi. The first two are probably for historical reasons (the
system-wide versions are used by default), while the third is because
it's patched)
> I certainly wouldn't mind having 1 dependency on NSS, but having 2
> modules depend on OpenSSL is a step in the wrong direction.
Perhaps you wouldn't mind, but others would (especially packagers;
including ourselves since we build binary packages for Windows and Mac
OS X).
> It took several years until someone like Marc-Andre Lemburg to find
> that the Python website might be violating that license. Perhaps the
> reason is because no one bothers to read licenses carefully. People
> are probably violating the license without knowing it.
The solution to stop violating it is trivial, though: just add the
required mention(s).
Compare that to rewriting a lot of code and making sure it doesn't
change behaviour compared to previous Python versions.
> One is that if you mention something like "base64" in whatever could
> be deemed "advertising", you will be subject to this clause because
> base64 is a feature of OpenSSL, even if you don't use their
> implementation.
Unless "base64" is an OpenSSL trademark, this is FUD. |
|
Date |
User |
Action |
Args |
2010-09-19 00:37:08 | pitrou | set | recipients:
+ pitrou, lemburg, loewis, gregory.p.smith, exarkun, vstinner, giampaolo.rodola, gdamjan, lorph, heikki, eric.araujo, debatem1, dmalcolm, daniel.urban, mcrute, jsamuel |
2010-09-19 00:37:05 | pitrou | link | issue8998 messages |
2010-09-19 00:37:03 | pitrou | create | |
|