The container ecosystem values speed over following licenses. Is there a legal or technical solution where developers don't need to favor that speed over their licensing obligations? We'll facilitate a discussion for the community on the realities of the situation.
Package maintainers lovingly curate license information in their metadata so that a package always informs users of their rights. Developers routinely remove this license information in the container context in the quest to have the smallest possible footprint. The ecosystem seems to tacitly accept the technical speed over informing users of their rights.
How do we as community think about this? Do we care? Are there technical or legal solutions that would meet both needs?
Carol is a Senior Program Manager in the Open Source Programs Office at Microsoft. She has worked in FOSS for over 10 years, and managed Google Summer of Code for 6 years. She has previously worked at GitHub and is an emeritus board director of the Open Source Initiative. She has a degree in photojournalism and is a horseback rider and powerlifter.
Richard Fontana is a lawyer who has specialized in free software and open source legal matters for nearly 15 years. He currently works at Red Hat and previously held positions at Hewlett-Packard, the Software Freedom Law Center, and several law firms. For several years Fontana was a board director of the Open Source Initiative and chaired its license review committee.