license shouldn't be change-able
| Affects | Status | Importance | Assigned to | Milestone | |
|---|---|---|---|---|---|
| Snap Store Server |
Won't Fix
|
Undecided
|
Unassigned | ||
Bug Description
Currently the store lets people change the license of a snap.
This is weird: the license of something that's been distributed can't be changed without giving users a chance to agree to that change.
(snapd should still alert the user of license changes over refreshes, as it did in snappy 15.04, but it being done together with a revision change makes that doable; it being completely at random makes it very hard to keep straight).
The source of truth of the license of a snap should be the snap.yaml itself. Changing the license should only be possible via pushing a new snap.
Please change the license field to not be editable; take it from the yaml (every time).
FWIW I was just told Gustavo raised the same point in the forum,
https:/
(independently).
My filing of this bug originates in the discussion of https:/
| description: | updated |
| Matthew Paul Thomas (mpt) wrote | #1 |
| Daniel Manrique (roadmr) wrote | #2 |
| Changed in snapstore: | |
| status: | New → Won't Fix |
“This is weird: the license of something that's been distributed can't be changed without giving users a chance to agree to that change.”
To hopefully forestall a derailment … Sure it can, if the user didn’t need to agree to the license in the first place. I’m not a lawyer, but Eben Moglen is, and he wrote that the GPL for example “does not require anyone to accept it in order to acquire, install, use, inspect, or even experimentally modify GPL'd software … The GPL only obliges you if you distribute software made from GPL'd code, and only needs to be accepted when redistribution occurs.” <http://
Proprietary software often has end-user license agreements that aim to establish a contractual agreement for using the software. It might become necessary for snapd and storefronts to have a UI for presenting *those* kinds of agreements during install and during license-changing updates, especially when purchasing snaps (so that you don’t pay without accepting the EULA first). If so, we’d need to clearly distinguish between those licenses and open-source licenses, so that we don’t prompt people unnecessarily.
After all that, I agree the license field should not be editable in the store UI. Not because users need to agree to it, but because it may vary from revision to revision — for example, open-sourcing only those revisions of an app where closed-source dependencies have been removed or replaced. It may even vary from track to track — for example, Skype‘s Insider Program requires acceptance of additional terms beyond the standard app. In this way, License is like “Version” and Size, which may also vary from revision to revision.