We might be accidentally fighting on behalf of worst-offending profiteering companies.

  • :lock_with_ink_pen: not all terms in (software) licences are legally binding
  • :scroll: recap of Open Source is Bad:
    • lack of warranties in OSS open-source software
             = deliberate & accidental errors
    • could be solved by public funding
  • :hammer: instead of funding, EU have suggested cybersecurity legislation
  • :crossed_swords: cons
    • can liability traverse dependency graph (blame pushed onto FOSS free & open-source software
             dependencies)?
    • could “indirect” profit include “self-promotion” and thus all FOSS?
    • :confounded: surprisingly, some non-profits like the PSF Python Software Foundation
             are unhappy
      • threatens to block python & pip installs in EU
      • thinks proposed law could hold individual FOSS devs unfairly accountable (personal note: huge commercial orgs with ongoing IP intellectual property
                 cases against them happily regurgitate the same arguments)
  • :person_fencing: rebuttal against “cons”
    • FOSS devs & non-profits are fighting to dilute proposed laws on behalf of worst-offending profiteering companies
    • people might be arguing without understanding prerequisite legal jargon nor seeking unbiased legal advice (most modern debates rely on media sensationalism & misunderstanding jargon)
    • could just reword a little
      • expressly (not just implicitly) exclude indie packages
    • somebody should be accountable if critical infra (e.g. PyPI The Python Package Index
             , Linux) breaks
      • if devs/orgs (e.g. PSF) aren’t paid enough to provide warranties, should be given public funding (via governments/ NGOs non-governmental organisation
                 ) purely in interest of public safety