Software Freedom Conservancy

[RSS] Conservancy Blog

Displaying posts tagged Kallithea

Free Software: Behind the Scenes

by Deb Nicholson on January 15, 2019

We wrote a few weeks ago about how Conservancy has several projects that support new people or less technical people and help bring new people into free software. We also support many projects that most folks probably don't think about very often. Many of our projects exist relatively outside of the spotlight and facilitate the creation of free software by providing tools, systems and infrastructure for developers.

Testing and Automation

Once you've got some code, how do you make sure it works everywhere you want it to -- in the way that you want it to? Testing and automation. Selenium is a suite of tools for browser automation. The W3C recommended their WebDriver tool as the best tool for the development of a more accessible and collaborative web last year. Just a few short months ago, we welcomed Reproducible Builds, a project that attests that your build is safe and uncompromised. The integrity of code is critical if you care about user safety and true software freedom and that's why each build needs to be tested and verified using a free software tool.

Interoperability and efficiency are also important. Projects that ignore this can find it hard to increase adoption. QEMU is a generic and free/open source machine emulator and virtualizer that helps developers build programs that work on different kinds of hardware. This lets developers create free software that works on all kinds of machines and with all kinds of hardware. Buildbot is a framework which enables software developers to automate software builds by scheduling different pieces of work. Both tools help developers create software that is useful to all kinds of users on all different systems.

Freedom All the Way Down the Stack

It's a little easier to expain why you want software for the tools that users directly interact with, but what about the tools that most users never see? The bits that talk to the hardware, the pieces that turn on your machine and the code that powers the internet also need to be free. You can't mix and match fee and non-free code and be sure you are getting all of the benefits of user freedom. That's why we are proud to spport so many projects that live close to the bare metal and work on critical interstitial bits that don't always get a lot of press.

Samba removes barriers to interoperability and is standard on nearly all distributions of Linux. Samba is what allows GNU/Linux and Unix machines to access file and print servers that are designed with Windows users in mind. This kind of hardware to hardware level interoperability makes it easy for folks to choose a free operating system for their personal machine, when their workplace or school isn't ready to switch.

Harvey OS provides a fully free operating system with a very compact kernel in which all resources are treated as files. This provides Unix users new ways of working with permissions and applications. Coreboot is an extended firmware platform, which provides users with a lightning fast and fully free boot system for desktops, laptops, servers and tablets. Start with freedom as soon as you boot!

We must have a free software foundation to build on top of, if we ever hope to offer users a completely free computing environment, both online and off. Linux XIA is a protocol stack for Linux that uses eXpress Internet Architecture (XIA) to enable a more trustworthy and interoperable internet while also improving continuity for network users.

Metalink is dedicated to improving downloads. Metalink makes it much easier for people — especially those in areas with inferior Internet connections — to download Open Source and Free Software. Just one non-free piece in the puzzle can counteract the intention to provide user freedom, privacy and security by that free software developers are working to provide throughout the rest of the stack.

Nuts and Bolts

We love supporting tools that free software developers use as part of their workflow to create more free software. We host three version control systems at Conservancy; Git, Mercurial and Darcs, which is a distributed revision control system written in Haskell.

We also support projects that help developers maintain their internal code. Kallithea is a free software source code management system that we use for many of our own scripts and systems. It lets teams easily maintain different versions of internal code projects. phpMyAdmin is a free and open source web interface for the MySQL and MariaDB database systems. It's a mature project that helps folks administrate their web-based MySQL instances.

Conservancy believes that everyone deserves full software freedom, without backdoors or exceptions. Developers deserve free tools and users deserve freedom all the way down to the bare metal. We don't live in that world just yet, but it's got to be built one piece at a time. Many of our projects aren't famous, but they're all important for securing full user freedom and that's why we support their work here at Conservancy.

Tags: conservancy, Kallithea, QEMU, Selenium, Git, phpMyAdmin

2015 YIR: Bradley and Karen Speak at FOSDEM 2015

by Bradley M. Kuhn and Karen M. Sandler on December 16, 2015

[ This is a blog post is the third in our series, Conservancy 2015: Year in Review . ]

At the end of January 2015, Bradley and Karen came back from LCA and left almost immediately for FOSDEM 2015, where they co-organized the FOSDEM 2015 Legal & Policies Issues DevRoom with Tom Marble and Richard Fontana. Karen gave an amazing FOSDEM-wide keynote (in the giant room :) entitled Identity Crisis: Are we who we say we are?, and Bradley gave a talk in the DevRoom.

Sadly, it looks like the cameras were not functioning for Karen's keynote, but you can read her interview with the FOSDEM organizers about the talk. Fortunately, there is video for Bradley's talk, entitled Fork and Ignore: Fighting a GPL Violation By Coding Instead (The Story of Kallithea). The video of the talk is included here (and is also available on Youtube). The slides aren't clear on the video, but you can follow along with the slides on Bradley's website.)

Bradley's talk in particular tells a story of one of Conservancy's successes from the previous year, the launch of the Kallithea project. Just a few weeks ago, Conservancy launched its own Kallithea instance for Conservancy's public repositories.

Karen and Bradley are again co-organizers of the Legal & Policy DevRoom at FODEM 2016.

Tags: conservancy, GPL, Kallithea, Year In Revew 2015

Why Conservancy's Kallithea Project Exists

by Bradley M. Kuhn on July 15, 2014

Eleven days ago, Conservancy announced Kallithea. Kallithea is a GPLv3'd system for hosting and managing Mercurial and Git repositories on one's own servers. As Conservancy mentioned in its announcement, Kallithea is indeed based on code released under GPLv3 by RhodeCode GmbH. Below, I describe why Conservancy chose to serve as non-profit home to an obvious fork (as this is the first time Conservancy ever welcomed a fork as a member project).

The primary impetus for Kallithea is that more recent versions of RhodeCode GmbH's codebase contain a very unorthodox and ambiguous license statement, which states:

(1) The Python code and integrated HTML are licensed under the GPLv3 license as is RhodeCode itself.
(2) All other parts of the RhodeCode including, but not limited to the CSS code, images, and design are licensed according to the license purchased.

Simply put, this licensing scheme is — either (a) a GPL violation, (b) an unclear license permission statement under the GPL which leaves the redistributor feeling unclear about their rights, or (c) both.

When members of the Mercurial community first brought this license to Conservancy's attention about ten months ago, the first focus was to form a formal opinion regarding (a). Of course, Conservancy did form such an opinion, and you can probably guess what that is. However, I realized a few weeks later that this analysis really didn't matter in this case; the situation called for a more innovative solution.

Indeed, I recalled at that time the disputes between AT&T and University of California at Berkeley over BSD. In that case, while nearly all of the BSD code was adjudicated as freely licensed, the dispute itself was painful for the BSD community. BSD's development slowed nearly to a standstill for years while the legal disagreement was resolved. Court action — even if you're in the right — isn't always the fastest nor best way to push forward an important Free Software project.

In the case of RhodeCode's releases, there was an obvious and more productive solution. Namely, the 1.7.2 release of RhodeCode's codebase, written primarily by Marcin Kuzminski was fully released under GPLv3-only, and provided an excellent starting point to begin a GPLv3'd fork. Furthermore, some of the improved code in the 2.2.5 era of RhodeCode's codebase were explicitly licensed under GPLv3 by RhodeCode GmbH itself. Finally, many volunteers produced patches for all versions of RhodeCode's codebase and released those patches under GPLv3, too. Thus, there was already a burgeoning GPLv3-friendly community yearning to begin.

Conservancy's primary contribution, therefore, was to vet and verify a completely indisputable GPLv3'd version of the codebase. This was extensive and time consuming work; I personally spent over 100 hours to reach this point, and I suspect many Kallithea volunteers have already spent that much and more. Ironically, the most complex part of the work so far was verifying and organizing the licensing situation regarding third-party Javascript (released under a myriad of various licenses). You can see the details of that work by reading the revision history of Kallithea (or, you can read an overview in Kallithea's LICENSE file).

Like with any Free Software codebase fork, acrimony and disagreement led to Kallithea's creation. However, as the person who made most of the early changesets for Kallithea, I want to thank RhodeCode GmbH for explicitly releasing some of their work under GPLv3. Even as I hereby reiterate publicly my previously private request that RhodeCode GmbH correct the parts of their licensing scheme that are (at best) problematic, and (at worst) GPL-violating, I also point out this simple fact to those who have been heavily criticizing and admonishing RhodeCode GmbH: the situation could be much worse! RhodeCode could have simply never released any of their code under the GPLv3 in the first place. After all, there are many well-known code hosting sites that refuse to release any of their code (or release only a pittance of small components). By contrast, the GPLv3'd RhodeCode software was nearly a working system that helped bootstrap the Kallithea community. We're grateful for that, and we welcome RhodeCode developers to contribute to Kallithea under GPLv3. We do note, of course, that RhodeCode developers sadly can't incorporate any of our improvements in their codebase, due to their problematic license. However, Conservancy extends again our offer (also made privately last year) to work with RhodeCode GmbH to correct its licensing problems.

Tags: conservancy, GPL, Kallithea

Connect with Conservancy on Mastodon, Twitter, pump.io, Google+, Facebook, and YouTube.

Main Page | Contact | Sponsors | Privacy Policy | RSS Feed

Our privacy policy was last updated 25 May 2018.