Canonical Fully Open-Sources the Launchpad Code

← Back to Stories (view on slashdot.org)

Canonical Fully Open-Sources the Launchpad Code

Posted by Soulskill on Tuesday July 21, 2009 @01:27AM from the done-and-done dept.

kfogel writes "Canonical has just fully open-sourced the code to Launchpad. Although we'd said earlier that a couple of components would be held back, we changed our mind. All the code has been released under the GNU Affero General Public License, version 3. 'Canonical will continue to run the Launchpad servers, taking care of production and deployment issues; opening up the code doesn't mean burdening the users with all of that stuff. At the same time, we'll institute processes to shepherd community-contributed code into the system, so that people who have ideas for how to improve Launchpad can quickly turn these ideas into reality.'"

26 of 104 comments (clear)

Min score:

Reason:

Sort:

sweet by BladeMelbourne · 2009-07-21 01:30 · Score: 3

I [heart] this company and Ubuntu,
Debian by James_Duncan8181 · 2009-07-21 01:33 · Score: 4, Interesting

Please now consider standardising on this. It's much better technically than Debian's current infrastructure, and will enable much, much easier sharing of patches. Finally the community could be reunified a bit, and PPAs for Stable would also be an important improvement for Debian.

--
"To any truly impartial person, it would be obvious that I am right."
1. Re:Debian by Tweenk · 2009-07-21 02:59 · Score: 3, Insightful
  
  That's ass backwards. We need *more* PPAs with the latest versions. What's missing is an easy way to pick them from a checklist while automatically fetching GPG keys. This way you have something like an open app store, and it solves the problem of not having recent enough versions in the repository - you need a bleeding edge version, you check the relevant PPA and the latest bells and whistles magically appear in the package manager.
  
  --
  Those who would give up liberty to obtain working drivers, deserve neither liberty nor working drivers.
2. Re:Debian by Tweenk · 2009-07-21 03:06 · Score: 2, Insightful
  
  Personally I'm waiting for them to add better integration of PPAs into Synaptic. For example, when I need a bleeding edge version of Banshee, or some application not in Debian like Handbrake, I pick its PPA from a list, enter the password and it magically appears in Synaptic. After this I'm asked which programs from this PPA I want to install (again a list for PPAs that have several). Since it allows only PPAs and not some arbitrary repositories, it could be protected against malware to some extent. This would change software installation on Ubuntu from good to groundbreaking.
  
  --
  Those who would give up liberty to obtain working drivers, deserve neither liberty nor working drivers.
3. Re:Debian by Dr_Barnowl · 2009-07-21 03:35 · Score: 4, Informative
  
  The problem with this is that PPA means "Personal" Package archive and a lot of them are just that - an arbitrary repository. In many cases you are trusting some random stranger, and not Canonical, to have produced a package that doesn't contain horrendous malware. Every Launchpad user is entitled to a 1GB PPA just by signing up. Mine contains packages for MythTV with patches to fix a bug that hasn't made it out to the stable branch yet. You can install them if you really want to, but do you trust me? And how do you distinguish from all the other people with MythTV in their PPA?
  Lots of projects have links to deb packages that install their GPG key and their PPA, after which you can see them in Synaptic, but this still isn't any guarantee. About the only thing you can do is be careful which groups you install keys and PPAs from. And I'd guess the reason that more of them aren't in the Universe repository is that the task of vetting them all is a mammoth one.
4. Re:Debian by stevey · 2009-07-21 04:05 · Score: 2, Informative
  
  And we could call that "unstable", right?
  Actually launchpad for Debian would suck - we shouldn't have to sign up to a site to submit bug reports.
5. Re:Debian by Nevyn · 2009-07-21 06:54 · Score: 2, Informative
  
  Personally I'm waiting for them to add better integration of PPAs into Synaptic.
  
  Well unless the authors become dumbasses overnight, you'll probably be waiting a long time. Package management needs to be a single coherent database, making it much more distributed than it needs to be is just asking for pain ... PPAs/KoPeRs aren't terrible in moderation, and solve a couple of problems. But if you make them easily available (ie. available to people who don't know what problems they cause) the solution is much worse than the problem.
  
  --
  ustr: Managed string API with ave. 44% overhead over strdup(), for 0-20B
I guess it closes bug #393596 ? by migla · 2009-07-21 01:38 · Score: 3, Insightful

Status should be changed to "Fix released", then:
https://bugs.launchpad.net/ubuntu-community/+bug/393596

--
Some of my favourite people are from th US; Vonnegut, Chomsky, Bill Hicks.
1. Re:I guess it closes bug #393596 ? by James_Duncan8181 · 2009-07-21 01:54 · Score: 4, Insightful
  
  "Not really - the bug is calling for code to be released under a Free licence. The AGPL isn't a Free licence."
  what.
  It is approved by both the OSI and, obviously, the FSF. Are you trolling?
  
  --
  "To any truly impartial person, it would be obvious that I am right."
2. Re:I guess it closes bug #393596 ? by migla · 2009-07-21 01:57 · Score: 4, Informative
  
  Wrong. Straight from the GNU:s mouth:
  "The GNU Affero General Public License is a free, copyleft license [...]"
  http://www.fsf.org/licensing/licenses/agpl-3.0.html
  
  --
  Some of my favourite people are from th US; Vonnegut, Chomsky, Bill Hicks.
3. Re:I guess it closes bug #393596 ? by Anonymous Coward · 2009-07-21 01:59 · Score: 2, Insightful
  
  Everybody calm down; take a deep breath. Parent is a troll: just let it slide. Move along now.
4. Re:I guess it closes bug #393596 ? by Attila+Dimedici · 2009-07-21 02:24 · Score: 5, Interesting
  
  The GNU affero is an abomination.
  A customer of mine was skeptical about open source. Then one of their people started reading the Affero GPL, and was terrified ("this means they can do a surprise inspection on our premises!") now anything with GPL or open source is out of the question. They even bought an xserve for php
  You mean as opposed to the Business Software Alliance? Which you agree to allow to do a surprise inspection on your premises if you buy software from their members (Microsoft, Adobe, etc). Yeah they better not use open source because, you know, those guys might launch a surprise inspection, not that I have ever seen a report of them doing so (unlike the BSA), but they might.
  So they better stick to safe software from Microsoft and Adobe, they would never invade the privacy of their customers (except of course when they can make money from doing so).
  
  --
  The truth is that all men having power ought to be mistrusted. James Madison
5. Re:I guess it closes bug #393596 ? by the_womble · 2009-07-21 02:40 · Score: 2, Informative
  
  The AGPL requires you to make the source code available to people who use the software over a network - so you cannot use AGPL code in a web app on the public internet without releasing the source.
  The stuff about inspecting premises is FUD. I think this is a new version of an old troll comment.
6. Re:I guess it closes bug #393596 ? by gbjbaanb · 2009-07-21 02:40 · Score: 5, Informative
  
  its not quite like that - we had a surprise inspection from Microsoft.. well, they surprised us by telling us we'd be inspected, and they kindly offered to come and do an analysis of our software licences to see which ones we'd accidentally forgotten to buy.
  Unfortunately, the analysis required the use of a 3rd party who were very happy to charge us only a reasonable sum to let us run a licence-checker tool on every workstation and send the results to them where they'd put it in excel and tell us how many licences we should have bought, leaving us to compare that to the number we had bought.
  so in effect, we had to pay to inspect ourselves. And we still owe MS a bundle!
7. Re:I guess it closes bug #393596 ? by Espinas217 · 2009-07-21 04:22 · Score: 2, Informative
  
  It is clearly less free than the GPL just as the GPL is less free than BSD.
  Whether it is free enough to count as free is a matter of opinion.
  Less free to whom? to the end user is just the same as they don't intend to redistribute the software. To some user who wants to distribute the code, it's less free. To the original developer no, it gives him the freedom to choose how his code is being distributed.
  
  --
  La vida no es una pastafrola. :wq
8. Re:I guess it closes bug #393596 ? by rbanffy · 2009-07-21 15:47 · Score: 2, Interesting
  
  This is actually the first clever use of AGPL I am aware of: it prevents a competitor to form around an altered version of Launchpad. If they try, they have to give it to their users and thus Canonical.
  It prevents fragmentation of the code base. Very, very clever.
  
  --
  http://www.dieblinkenlights.com
Talk about hoops by Norsefire · 2009-07-21 01:43 · Score: 2, Informative

It's as if they don't want anyone to download it.

First problem is they require bzr 1.16.1 to download their rocket-fuel-setup script, the latest available version in the Ubuntu repo is 1.13.1 -- so you have to manually add the PPA source.
Why do they not have the version *they* use in the repo for *their* operating system?

That aside, the rocket-fuel script then downloads, unpacks, installs, alters and generally takes too long. And if that wasn't enough ...

## Note that this will make changes to your Apache configuration if ## you already have an Apache server on your box. It will also add ## entries to /etc/hosts and it will setup a postgresql server on ## you box. ## If you want to play safe with regards to your existing Apache, ## try this out in a virtual environment first.
And because there's no way to just _get the source_ (ie. a tarball with source files in it) there's no way to download it without screwing with Apache.

How about a way to browse it online? I just wanted to see what language it was in, according to the docs it's Python but it would have been nice to be able to take a look at it without spending "a few hours to get everything" jumping through hoops.
1. Re:Talk about hoops by Anonymous Coward · 2009-07-21 01:53 · Score: 5, Informative
  
  First problem is they require bzr 1.16.1 to download their rocket-fuel-setup script, the latest available version in the Ubuntu repo is 1.13.1 -- so you have to manually add the PPA source.
  Why do they not have the version *they* use in the repo for *their* operating system?
  Don't be a drama queen now, 1.16.1 was only recently released and you know Ubuntu policy about stable releases.
  
  And because there's no way to just _get the source_ (ie. a tarball with source files in it) there's no way to download it without screwing with Apache.
  bzr get lp:launchpad
  Is that easy enough for you? ;)
  
  How about a way to browse it online? I just wanted to see what language it was in, according to the docs it's Python but it would have been nice to be able to take a look at it without spending "a few hours to get everything" jumping through hoops.
  https://bazaar.launchpad.net/~launchpad-pqm/launchpad/stable/files
Re:What influenced this move? by fandingo · 2009-07-21 01:55 · Score: 5, Informative

Did Google's Chrome OS have something to do with this move, I think so. Why you may ask: Because entry of another Linux based Open Source OS into the Linux playground does nothing to further Canonical's ambitions.
Now waiting on Adobe and its Flash Technologies to do likewise.
What on earth are you talking about? This has nothing to do with a desktop operating system. Furthermore, Canonical promised a year ago tomorrow to release the source code within a year. This pre-dates the announcement of Chrome OS by at least 11 months.
Re:Bazaar only? by Keyper7 · 2009-07-21 01:56 · Score: 2, Interesting

You can avoid an abrupt transition, though. I've heard that the Bazaar svn plugin is quite good.
Re:What influenced this move? by Norsefire · 2009-07-21 02:01 · Score: 4, Funny

Did Google's Chrome OS have something to do with this move
No, I think it was more that Microsoft contributed code the Kernel and they didn't want to be accused of having closed-sourced software when even Microsoft was opening up. Or maybe it was the vulnerabilities found in the Kernel, they decided if exploits could slip into the most-watched open source project they need to get more eyes on their code. It could have even been that because the world is supposed to end in 2012, but I think I would be drawing a correlation where there isn't one if I said that.
Re:What influenced this move? by ciroknight · 2009-07-21 02:11 · Score: 3, Insightful

Actually they promised something like four years ago (give or take a few months), but only set a date for its open sourcing about 7 months ago. They were behind their own deadline, but they also released the source for Soyuz and Code Hosting, so I guess they spent those extra few weeks well.

--
"Victory means exit strategy, and it's important for the President to explain to us what the exit strategy is." G.W.Bush
Re:What influenced this move? by Runaway1956 · 2009-07-21 02:55 · Score: 2, Insightful

People from slashdotters, to bloggers, to self appointed tech reviewers, to wall street lackwits try to read drama into everything that happens in the computing world. A new Firefox is the IE Killer, Chrome was the FF and IE killer, Android was the iPhone killer, etc ad nauseum. It's almost as if people DEMAND that one killer OS, and a handful of killer apps rule the world. God help us if that ever does happen. It would be pure hell trying to be "different". It would be like - like - well - it would be like loving Linux in a Microsoft world!!!
No, I don't think that Canonical released the source code for PPA in response to Google's new operating system. In fact, if you think about it, they have just GIVEN Google a somewhat tested means to release their OS and updates. I mean, it's OPEN SOURCE - even Microsoft can take it and use it! (Hole shit, what an idea!!! What if Microsoft picks up on it, and gives people a decent update system? The world might actually change for the better!)

--
"Windows is like the faint smell of piss in a subway: it's there, and there's nothing you can do about it." - Charlie Br
Really? by CarpetShark · 2009-07-21 03:52 · Score: 3, Interesting

https://bugs.launchpad.net/ubuntu/+bug/377005
https://bugs.launchpad.net/ubunet/+bug/375345
Re: Ask Sterling Ball by AshboryBass · 2009-07-21 03:52 · Score: 2, Interesting

Show me any time open software has done anything like what the BSA/Microsoft did to the makers of Music Man guitars (Ernie Ball) and we'll talk: http://news.cnet.com/2008-1082_3-5065859.html Worrying about what could happen is one thing, but knowing what has happened is more significant.
Re:Is the AGPL a EULA? by styrotech · 2009-07-21 16:15 · Score: 2, Interesting

So when (assuming it was under the AGPL rather than the GPL) I modify my Drupal settings.php file to include the connection string to my database, do I have to share that with my site visitors? Or do passwords want to be free as well?
The legal advice the Drupal community has got from the FSF with regards to the GPL is that with PHP apps any PHP include files fall under their linking clauses and are subject to the GPL as well. Which means that every Drupal (and also many other similar PHP apps) sites out there are running with code modifications.
I couldn't see anything obvious in the license that provides for situations like this.