[Distutils] Hobby time (was: some questions about PEP470)

Nick Coghlan ncoghlan at gmail.com
Fri Oct 17 07:00:32 CEST 2014

On 17 October 2014 09:54, Ian Cordasco <graffatcolmingov at gmail.com> wrote:
> A hobby is by definition what you do in your free time. Donald is clearly
> encouraging Stefan to spend his free time as he wishes. None of us who
> participate in our free time are obligated to support anything beyond our
> desire to do so, unlike someone who's paid to work on their project(s). It
> almost seems like you're nitpicking the valid usage of a word to pile into
> an argument in which you have nothing valid to say. I know it doesn't
> usually happen on mailing lists, but that's what it seems like here.

Folks, when somebody tells you that they find a particular term
diminutive and insulting, *it is not OK* to tell them that they
shouldn't feel that way. An honest description of how someone else's
choice of words makes us feel should *never* be casually dismissed.

In this particular case, not everything people do in their free time
is appropriately classified as a hobby. Volunteering for charities,
serving on the boards of corporations and non-profit organisations,
and, in many cases, contributing to the open source community is
better characterised as "volunteer work".

A lawyer representing someone pro bono is expected to be just as
professional as they would if they were getting paid, and the same is
true for most open source contributors that identify as professional
software developers. Yes, we're contributing on our own time on the
community side of things, but we're bringing just as much professional
expertise to bear regardless of whether we're getting paid or not.

The fact is that community members (including Stefan) *have* been
personally attacked, with examples including accusations of not caring
about their users or the Python community as whole, due to their
concerns around some of the legal details related to hosting packages
directly on PyPI. In particular, PyPI is subject to US export
regulations, a legal entanglement that developers from outside the US
may prefer to avoid, and there's a clause in the terms and conditions
which introduces some ambiguity as to whether or not it is attempting
to override a project's own stated license (this isn't the intention,
but the clause can certainly be read that way). In relation to the
latter point, Red Hat, *as an organisation*, has proposed alternate
wording for that clause (to no avail thus far). Finding time to pursue
that kind of legally sensitive change is always a challenge (as it
only affects a relatively small subset of package authors, and has
potentially broad ramifications for the rights of PyPI consumers), but
I expect the topic to eventually be raised again via the
Python-legal-sig mailing list.

These are not concerns that can just be waved away - they need to be
taken seriously, and I believe both PEP 438 and PEP 470 represent good
faith attempts to do just that. While it *is* convenient for end users
when developers choose to host their releases directly on PyPI, that
benefit doesn't override the interests of developers in choosing what
licenses they choose to place on their work, or which legal regimes
they choose to grant authority to.

Offering an explicit, reliable, user experience for externally hosted
packages is key to simultaneously respecting the interests of both end
users downloading and discovering packages via PyPI, and developers
retaining autonomy in relation to how they choose to engage with the
intricacies of the global copyright system.


Nick Coghlan   |   ncoghlan at gmail.com   |   Brisbane, Australia

More information about the Distutils-SIG mailing list