* On 9/27/23 21:10, Sam Hartman wrote: >>>>>> "Mihai" == Mihai Moldovan <ionic@ionic.de> writes: > > Mihai> In this case, we're "just" talking about missing notices for > Mihai> dependencies that are pulled in, which might not be nice, but > Mihai> also, realistically, nobody would really care about or try to > Mihai> enforce it (unless somebody has malicious intent, which > Mihai> indeed did happen in the past). > > I agree with your overall conclusion that in practice we are unlikely to > have significant legal liability or cause significant damages here. > > However, I disagree on one point. You imply that you believe anyone > complaining about a violation here would be malicious. Let me apologize for this misunderstanding, this is not what I meant. What I really wanted to convey was that malicious intent, aiming at causing disruption or for personal gains, is a great concern for the Debian Project, while friendly hints at violations are usually quickly dealt with to the satisfaction of both sides via collective work. Though very rare, and mostly related to patents and not licenses directly, there have been instances of what I would call malicious intent strictly for personal gain in the past, to which I was referring. Mihai
Attachment:
OpenPGP_signature
Description: OpenPGP digital signature