Tobias Hunger @ hunger @programming.dev

A Slint fanboy from Berlin.

---

Read more

Posts

5

Comments

117

Joined

3 yr. ago

To be fair: Free software projects were and also are dying from lack of ownership.

And the existing free software projects tend to be old and make it really hard for young people to join IMHO. They avoid the popular (and proprietary) stuff, which makes them hard to discover and their processes seem archaic.

When going so far back: Please do not leave out the FL part of FLOSS. Free/Libre software kicked this all off, the OSS is a later attempt to "sell" the development process FL software came up with to companies, stripping out all the pesky ideas about society benefiting for moving all the benefits over to the companies using OSS. Free/libre softwsre and OSS are technically the same, but the idea behind the licenses are so very different: Free/libre software wsnt to give rights to end users, OSS cares about the freedom of the developers between yourself and end users -- giving the companies the right to commercialize your work for you.

The moment you stop caring for the social and societal aspects of software, it becomes OK to host on a proprietary service. That was never the case for the free/libre parts of our community. Those projects tend to shun proprietary services like discord, github and stuff. Pretty old fashined... not very sexy for young devs:-(

We said the same about memory safety: That's something a compiler can not solve. Now it does.

It is nice to see that sometines things do improve.

Filesystem enable age verification in pretty much the same way as systemd does: You can optionally store a user's birthday. That is such a ridiculous statement.

To be fair: None of the other inits cared for udev. None contributed or helped by providing features they wanted to improve udev. The systemd devs care for the lower level plumbing overall... and not just for the init system. So it is very natural for low level plumbing projects to land under the systemd umbrella today.

Systemds track record wrt. security flaws is actually pretty good. Not many went through the cracks,maven though some were indeed pretty ghastly. Hardly any was in the core functionality, most were in new code not widely used yet.

On the other hand, the service hardening that systemd enables has improved the overall security of a typical Linux system by quite a lot.

What you can expect when switching from a system management tool written for Linux to an init tool targetting the least common denominator of general Unix functionality?

Less functionality, less security, less information about the state the system is in, less reliable switching between states and a whole lot less of linux kernel features exposed to your use in convenient ways.

It's not as if systemd was started to be complicated, the world got complicated. E.g. we used to just create all the device nodes in /dev statically during system installation. Then USB became a thing and supported so many different kinds of devices with thousands of potential ports to connect them to. They would not fit into the device node namespace! So we needed to make device nodes dynamic, which is also convenient.You do not have lots of device nodes that do not exist on your system and you no longer need to change system configuration when you plug your mouse into another port of your system.

Filesystems, security (often linux specific) features, everything is easy more complex (and more dynamic) today than it was when sysv init was a thing. That simple stuff was great when you had to power off your machine to change its available devices. It is less cool when you plug an USB-C cable into your laptop and want to use all the stuff that is now suddenly available.

What did you write to the lawmakers in California?

You do not even need to patch it out. It is basically an extra entry in the user db (think: /etc/passwd). Just don't fill it in and you are done, just like your location and a ton of other stuff you can put there if you want to.

Nobody can read it outside your system either... it's a defined place when (not if -- not anymore) something wants to store that information. Better have a properly protected defined place ready than have 10 different programs request that info separately and store it all over the place.

More than that: "its only an init daemon that does not even make use of Linux features". They all try to work on all posix systems while systemd is Linux-only and uses everything the kernel can offer to make things safer and more reliable.

I revolve very much around copyleft and its ideology. Free software formed my entire career, just as it did for the founders of Slint. From my point of view slint is GPL and offers some other license options for users that do not want GPL for whatever reason.

Forking slint is just as easy as forking any other GPL licensed project: Take all off slints code under GPL and you are done. Yes, you can not relicense that fork to a more permissive license without replacing all the code that you did not write... but that is exactly the same as with any other GPL project you fork. Any use of Slint under GPL is exactly as using any other GPL project, with the same obligations and protections to all parties involved.

I get that you are feeling slint is not GPL, but I do not understand where that feeling comes from. Is it "just" because there is a company backing it? Or because that company is selling their product in addition to oing it under GPL? That is fine for the GNU project from all I understand. Or is it because of contributions happen under MIT terms? But that does not effect the end users that the GPL is protecting in any way.

So to be a GPL project you need to be able to trust the project to release all future releases under GPL in addition to having released existing code under GPL?

I do not like this approach:

First of, you need a crystal ball to decide whether a project is GPL or not: Some projects managed to pull off a license change before, just by asking devs whether they are ok and replacing code from devs that did not agree. Its rare, but it happens, so checking for CLAs, copyright assignments, ..., is not enough.

Secondly this definition excludes lots of projects that release their source code under GPL, including the GNU project. They ask for copyright assignment, both to defend the GPL license, as well as to be able to relicense when weaknesses in the current licenses are found. I give you that GNU is probably way more trustworthy wrt. not changing away from the free software spirit than some random company.

You are fine with a free software project using Slint as well: Slint is a GPL project, with everything that implies. The releases are out there and the slint project is bound to the terms it released them under. In theory we could release new versions without the GPL option, but we can not take the sources of the released versions away. Neither the other licensing options nor the contribution rules change that. If youbare happy with GPL dependencies, you can use Slint just as any other GPL dependency, with the same risks and benefits.

The copyright holders of any GPL project can decide to relicense their (future) releases. I admit that it is a bit simpler in Slints case due to the contribution rules, but other projects have similar rules in place. Copyright assignments, CLAs, ..., they all exist to simplify a possible future relicensing effort. And even GPL projects without such provisions in place have manged to relicense before.

As a user of Slint you typically never get into contact with our contribution setup at all. Only a contributor might pause and decide not to spend time on Slint due to that. IMHO that is entirely normal: I use tons of free and open source projects that I would never contribute to -- for various reasons ranging from contribution terms, to programming language being used or the projects community.

In many cases you can also publish slint related code in your own repository under whatever license you like. While this obviously does not work for core functionality that has to live in Slint itself, it does work for a wide range of things you might want to make available (like new widgets, ...).

But you do get all code under GPL, which you seem to agree is a freedom preserving choice. That does make Slint free software and as save to use as any other free software project out there.

The story is a bit different when you want to contribute to slint. Slint is not a even playing field for contributions. The company has an advantage in that if can use all contributions as MIT and you can only use the companies changes under GPL, commercial, or royalty free terms.

As a contributor you need to decide whether you contribute to the slint repository, or maybe write an add-on library which you are free to license as you see fit.

You contribute code to slint under MIT and you can also use that contributed code under MIT or any other license of your choosing, it stays your code after all. You can not use other peoples code from the slint repo under MIT though, that is correct. The royalty free license tries to get as close to MIT as we can while limiting the use on embedded... but with that limitation in place it is of course not an open source license.

Contributing back to Slint is in no way required, so if you do not like our contribution terms, then you are free to not do so. Ypu are also free to use something else if you do not like our license terms.

We try to make all of the terms as clear as possible. We rewrote the Slint licensing page several times, often with extensive community feedback, to get it as clear as it is right now. If you have ideas on how we can improve, I am all ears.

You are technically correct: Slint is free software. You can get Slint as GPL or commercial terms -- or the royalty free license. The latter lets you do whatever you want anywhere with the exception of "embedded" (this exception makes is not open source).

When you contribute to any MIT license project you are in the same situation: Your code will be redistributed by some company under different license terms. That's the point of MIT & Co. You contribute MIT code to a project, the project releases its code under MIT, and a company consumes the project and restricts its use. Slint is just cutting out the middle step here.

Disclaimer: I work for Slint and appreciate being paid for contributing to open source software. I also appreciate Slint being free software.

It is unfortunately developing very slowly and it is impossible to interact with git repos... which nowadays is basically every repo:-(

Take a look at jj. It is not as ambitious, but develops faster and you can use it with any git repository out there (as long as it does not need git submodules that is).

This is the presentation from FOSDEM about the OS:

https://fosdem.org/2025/schedule/event/fosdem-2025-4057-particleos-can-we-make-lennart-poettering-run-an-image-based-distribution-/

News at 11: Senior C++ committee member still does not understand what memory safe means.

Seriously: C++ does not "archive parity with other memory-safe languages" (emphasis mine) since it is not a memory safe language itself, even if profiles deliver on everything they promise today.

I use cargo-dist to generate the binaries.

As a user I definitely want flatpaks and use them over distribution packages whereever possible. First I can sandbox the flatpak, but not the native package. Why would my browser need to be able to read my ssh keys?

Secondly I just have seen too many distro packagers sabotaging packages in the most braindead ways possible. Debian removing almost all the random data during key generation because some static analysis tool did not like the code. To this day there are servers using one of the 32k keys debian could produce during that time (they are of course all brute forced by now). Fedora removing Codecs from a video encoder, dependencies that upstream knows are broken and listsmas such in its documentation being used anyway. Random patches being applied, or versions years out of date getting shipped...

If you find a reliable way to allow for people to use data without being able to copy it: Patent it right away, the entertainment industry will be paying big time for it.

Same for erasing the laptop: You can only erase something as long as you can talk to the machine in some way to instruct it to clean itself up. The guy with the machine in hand can just turn off wifi to stop it from receiving the message...