On Tue, 12 Nov 2019 04:59:52 +0100 Johannes Schauer wrote: [...] > Quoting Francesco Poli (wintermute) (2019-11-12 00:03:52) [...] > > The disclaimer of warranty and limitation of liability are important > > (above all, they protect the authors and copyright holders): I would > > strongly recommend adding them as soon as possible, thus effectively > > changing the license of mmdebstrap (this can be easily done, as long > > as there's only one copyright holder). > > the warranty part does not change any of the terms under which the software > can > be used or distributed. Thus I don't think it would need coordination with any > copyright holder.
But it may change the implied warranty or liability that the copyright holders are providing. I think there are (or can be) jurisdictions where some form of "basic" warranty is implicitly granted, unless explicitly disclaimed. And perhaps some form of liability is implicitly accepted, unless explicitly limited. As far as I can say, that's the reason why most (if not nearly all!) free software licenses include a disclaimer of warranty and limitation of liability, in order to protect the authors / copyright holders. > > Furthermore, the Expat License clearly states: > > > The above copyright notice and this permission notice shall be included in > > all copies or substantial portions of the Software. > > Indeed the *above* notice was kept intact. The expat license says nothing > about > keeping the text intact that follows, namely the warranty part. I think "this permission notice" could be interpreted as including the disclaimer of warranty and limitation of liability, hence I still believe that calling that text "Expat license" may be considered as incorrect license naming... > > Lastly, the warranty part is not required at all in my jurisdiction. I assume you mean the German jurisdiction. I am not familiar enough with German law to know, hence I am asking you: do you have information that, with no disclaimer of warranty or limitation of liability, you are *not* implicitly granting some form of warranty (e.g. that the software is reasonably free of defects) or implicitly accepting some form of liability (e.g. for damages arising from the use of the software)? And anyway, not everybody lives in the same jurisdiction. Potential contributors could be scared away from contributing patches under the same license as the one you adopted, because of the lack of disclaimer of warranty and limitation of liability that may be useful in their own jurisdictions! I still recommend that you add that disclaimer of warranty and limitation of liability to the upstream license, so that it matches the canonical Expat license text and makes many people more comfortable with it... > Are there > important jurisdictions where the Debian project as a whole cares that it is > needed? Most free software licenses include such a disclaimer. Most free software licenses originated from the USA. I guess... probably the U.S. jurisdiction?!? ;-) And possibly other jurisdictions, as well... Please note that I am not especially enthusiast about OSI, but they have lawyers look into licenses. While talking about [public domain], they state: [...] | open source licenses usually have a strong disclaimer of liability | for the copyright holder — but we don't know how or whether the author | would be protected from liability for software released into the | public domain in various jurisdictions [...] [public domain]: <https://opensource.org/faq#public-domain> mmdebstrap is not in the public domain, but lacks any disclaimer of warranty or limitation of liability, just like public domain software... > > If the Debian project cares about the disclaimer of warranty, then it can just > easily be added into debian/copyright so that all recipients of the software > via Debian receive it together with the disclaimer. As I explained above, I > don't think that this requires a change of the upstream license. I don't think that would work... Debian Policy (section 2.3) insists that the debian/copyright file include a verbatim copy of the upstream license: adding a disclaimer not present in the upstream license would be really confusing (if not a plain Debian Policy violation). Do you agree? -- http://www.inventati.org/frx/ There's not a second to spare! To the laboratory! ..................................................... Francesco Poli . GnuPG key fpr == CA01 1147 9CD2 EFDF FB82 3925 3E1C 27E1 1F69 BFFE
pgpN3Ii3VjYq7.pgp
Description: PGP signature
