| Summary: | Package Review: Mosaic - Web Browser | ||
|---|---|---|---|
| Product: | Package Reviews | Reporter: | Lubomir Rintel <lkundrak> |
| Component: | Review Request | Assignee: | Martin Nagy <nagy.martin> |
| Status: | RESOLVED FIXED | ||
| Severity: | normal | CC: | hans, itamar, kwizart, nagy.martin, rpmfusion-package-review |
| Priority: | P5 | ||
| Version: | Current | ||
| Hardware: | All | ||
| OS: | GNU/Linux | ||
| namespace: | |||
|
Description
Lubomir Rintel
2009-03-29 17:02:15 CEST
I'm opposed to have this packaged into rpmfusion, last upstream release is more than 10 years ago. Any reason why this package should be usefull? (In reply to comment #1) > I'm opposed to have this packaged into rpmfusion, last upstream release is more > than 10 years ago. What's wrong with that provided the package has an active maintainer? > Any reason why this package should be usefull? Browsing gopher? (In reply to comment #2) > (In reply to comment #1) > > I'm opposed to have this packaged into rpmfusion, last upstream release is more > > than 10 years ago. > > What's wrong with that provided the package has an active maintainer? It may have tons of security issues and it isn't useful at all because it can hardly display any current web page correctly. > > Any reason why this package should be usefull? > > Browsing gopher? So, why not providing gopher? or Netscape 3.x and 4.x? I'm sorry but I agree with Nicolas. I don't think we should ship it. Another reason why we shouldn't ship is because it can go in Fedora because the license is fine: http://fedoraproject.org/wiki/Licensing#SoftwareLicenses (In reply to comment #3) > (In reply to comment #2) > > (In reply to comment #1) > > > I'm opposed to have this packaged into rpmfusion, last upstream release is more > > > than 10 years ago. > > > > What's wrong with that provided the package has an active maintainer? > > It may have tons of security issues and it isn't useful at all because it can > hardly display any current web page correctly. Firefox has tons of security issues as well. They're being fixed actively. Feel free to point me to a single security issue of Mosaic, and I'll be glad to fix it. Please refrain from commenting functionality when you've not tried it. It indeed renders most pages usably and probably even better than some browsers Fedora ships do (lynx). > > > Any reason why this package should be usefull? > > > > Browsing gopher? > > So, why not providing gopher? or Netscape 3.x and 4.x? Seriously -- what's wrong with providing a lightweight web browser? It starts up blazingly fast and renders reasonably well. I'm sure I'm not the only user who finds that useful. > Another reason why we shouldn't ship is because it can go in Fedora because the > license is fine: > http://fedoraproject.org/wiki/Licensing#SoftwareLicenses > No it's not. The Mosaic license it's not even there. And it forbids commercial use, therefore is not compatible with Fedora: * Any Licensee wishing to make commercial use of the Software should * * contact the UI, c/o NCSA, to negotiate an appropriate license for such * * commercial use. Commercial use includes (1) integration of all or * * part of the source code into a product for sale or license by or on * * behalf of Licensee to third parties, or (2) distribution of the binary * * code or source code to third parties that need it to utilize a * * commercial product sold or licensed by or on behalf of Licensee. * (In reply to comment #4) > Please refrain from commenting functionality when you've not tried it. It > indeed renders most pages usably and probably even better than some browsers > Fedora ships do (lynx). Any chance to let it display pages in non-latin charset? (In reply to comment #4) > > Another reason why we shouldn't ship is because it can go in Fedora because the > > license is fine: > > http://fedoraproject.org/wiki/Licensing#SoftwareLicenses > > > > No it's not. The Mosaic license it's not even there. And it forbids commercial > use, therefore is not compatible with Fedora: > > * Any Licensee wishing to make commercial use of the Software should * > * contact the UI, c/o NCSA, to negotiate an appropriate license for such * > * commercial use. Commercial use includes (1) integration of all or * > * part of the source code into a product for sale or license by or on * > * behalf of Licensee to third parties, or (2) distribution of the binary * > * code or source code to third parties that need it to utilize a * > * commercial product sold or licensed by or on behalf of Licensee. * In this case the license tag you used it's invalid. NCSA stands for "NCSA/University of Illinois Open Source License": http://www.otm.uiuc.edu/faculty/forms/opensource.asp (In reply to comment #4) > Please refrain from commenting functionality when you've not tried it. It > indeed renders most pages usably and probably even better than some browsers > Fedora ships do (lynx). What makes you think I haven't used Mosaic? I used to run web compatibility test with it well past year 2000 and then I stopped because it was no longer used by no one and it's rendering was incorrect even for simple web pages. When Mosaic was last release, the current HTML version was HTML 2.0! (In reply to comment #5) > Any chance to let it display pages in non-latin charset? No. No chance to play flash as well. (In reply to comment #6) > (In reply to comment #4) > In this case the license tag you used it's invalid. > > NCSA stands for "NCSA/University of Illinois Open Source License": > http://www.otm.uiuc.edu/faculty/forms/opensource.asp I believe licenses of Mosaic and NCSA httpd were traditionally known as "NCSA licenses", but I agree it's wise to change it to "Mosaic" to avoid confusion here. (In reply to comment #7) > What makes you think I haven't used Mosaic? I used to run web compatibility > test with it well past year 2000 and then I stopped because it was no longer > used by no one and it's rendering was incorrect even for simple web pages. 2000 is quite too much in past, isn't it. Web pages have changed a lot since then, therefore your observations are no longer relevant. Mosaic changed as well. Having checked compatibility back in 2000 is equivalent to not having checked at all. > When Mosaic was last release, the current HTML version was HTML 2.0! Quite current. It hasn't changed that much. I don't understand the fuzz about this. It may be old but "old != bad". If there's demand, then this will get reviewed. What are your worries about? Will this package bring bad reputation to rpmfusion or what? (In reply to comment #9) > I don't understand the fuzz about this. > > It may be old but "old != bad". > > If there's demand, then this will get reviewed. What are your worries about? > Will this package bring bad reputation to rpmfusion or what? > +1 If someone wants to package this, why stop him? The only concern I have is security issues. But if it turns out that this becomes a real issue, we can always drop the package then. (In reply to comment #10) > (In reply to comment #9) > > I don't understand the fuzz about this. > > It may be old but "old != bad". > > If there's demand, then this will get reviewed. What are your worries about? > > Will this package bring bad reputation to rpmfusion or what? > +1 +1 from me as well > If someone wants to package this, why stop him? Well, it creates work for others. E.g. load for the build on the server, space on the server and the mirrors, one more package to take care of during mass-rebuilds and more things like that. But whatever, I don't consider those to be huge problems. > The only concern I have is > security issues. But if it turns out that this becomes a real issue, we > can always drop the package then. Which doesn't magically remove the package from the users system, which makes this point a bit questionable imho. But if there is interest by someone to take care of this package and no real show-stoppers anyone can point us to then let's just ship it. Only an full security audit could make clean if mosaic has less or more security issues than any other (outdated) package that is in Fedora or RPM Fusion. +1 for the package For those worried about security, keep in mind that the submitter is a security team member, so he knows what he's doing there. :-) For %description: s/Mosaic is the/Mosaic is a/ Missing BR: libXmu-devel rpmlint output: Mosaic-debuginfo.i386: E: script-without-shebang /usr/src/debug/Mosaic-src/src/bitmaps/busy_9.xbm Mosaic-debuginfo.i386: W: spurious-executable-perm /usr/src/debug/Mosaic-src/libnut/url-utils.c These can be fixed by chmod-ing those files to 644. Mosaic.desktop: s/Broswser/Browser [1] Claims that new packages should not have the vendor tag applied. Remainder: In Comment #8 you mentioned plans to change the license name to "Mosaic" [1] https://fedoraproject.org/wiki/Packaging:Guidelines#desktop-file-install_usage Thanks for the review. New packages (I believe all issues were addressed): SPECS: http://v3.sk/~lkundrak/SPECS/Mosaic.spec SRPMS: http://v3.sk/~lkundrak/SRPMS/Mosaic-2.7-0.3.b5.fc11.src.rpm All raised issues have been fixed, thanks. rpmlint now complains only about the License tag. APPROVED. Package CVS request ====================== Package Name: Mosaic Short Description: Web Browser Owners: lkundrak Branches: EL-5 License tag: nonfree (In reply to comment #17) > Package CVS request done Imported and built. Thanks for review! |