I think all that information is coming from archlinux-appstream-data (bug #813). I have mentioned this bug in relation to #1371, I suspect apparmor-profiles and archlinux-appstream-data stay or fall together.

isacdaavid wrote:

I think all that information is coming from archlinux-appstream-data (bug #813). I have mentioned this bug in relation to #1371, I suspect apparmor-profiles and archlinux-appstream-data stay or fall together.

so then we must replace archlinux-appstream-data with sth. like parabola-appstream-data, or lets see what happens if we remove it as Emulatorman suggested at #hyperbola

22:21:22 - Megver83: Emulatorman: https://git.parabola.nu/blacklist.git/commit/?id=47620a1ff37c23b62939dbf60c382c3d912f4c67
22:23:09 - Emulatorman: Megver83: no hay manera de salvarlo?
22:23:28 - Megver83: Emulatorman: isacdaavid actualizo el issue, revisalo
22:23:28 - Emulatorman: Megver83: no sera algo secundario que lo esta afectando
22:23:30 - Emulatorman: ?
22:23:48 - Megver83: Emulatorman: parece que si, creo que es archlinux-appstream-data
22:24:06 - Megver83: Emulatorman: sin embargo, no podemos tener gnome-software hasta que arreglen eso
22:24:07 - Emulatorman: Megver83: nosotros aqui, "blacklistiamos" a archlinux-appstream-data
22:24:27 - Emulatorman: Megver83: recomiendo que eliminen esa basura de paquete ya que compromete la libertad
22:24:39 - Emulatorman: Megver83: dejame pasarte nuestro blacklist
22:26:02 - Emulatorman: isacdaavid: Megver83: https://git.hyperbola.info:50100/software/blacklist.git/tree/blacklist.txt#n32
22:26:19 - Megver83: Emulatorman: pero es una dependencia de gnome-software
22:26:34 - Emulatorman: isacdaavid: Megver83: aqui eliminamos y funciona perfectamente

isacdaavid wrote:

my verdict: temporarily block.

rebuilding in [libre] without depending on archlinux-appstream-data is enough to sway mentions of nonfree software away (i tested this using Hyperbola's gnome-software. i imagine it's similar for KDE discover). in fact, all it can do afterwards is show installed programs (i'm kinda disappointed it doesn't use packagekit to explore the repos despite needing it). i'll write in #813 about how we could develop a parabola-appstream-data package to restore full functionality.

meanwhile, there's a plethora of places incorrect license information could come from: archlinux-appstream-data, packages themselves (/usr/share/appdata/${pkgname}.appdata.xml, maybe even the more traditional .desktop files?). for instance, while also doing without archlinux-appstream-data, i found that gnome-software would label an already-installed audacity as proprietary; even though it's "GPL" according to pacman and "CC-BY" per audacity's own reporting (/usr/share/appdata/audacity.appdata.xml). as for free programs being mislabeled, i would say let's not be anal about it until it starts causing us tons of alarmed reports.

AFAIK Discover does not have this issue, I've look at it and for now no problems, but it's better to prevent anything

Someone put together a HOWTO on how archlinux-appstream-data is generated. https://sources.archlinux.org/other/packages/archlinux-appstream-data/HOWTO.

Basically someone with access to the package servers needs to use https://sources.archlinux.org/other/packages/archlinux-appstream-data/asgen-config.json, change 'arch' in the suites section to parabola, add the extra parabola repos (eg libre, pcr), and run the command in number 2. If we can do this, then gnome-software gets closer to getting in the repos again.

Another issue is flatpak. The flatpak package for arch includes flathub by default, which includes proprietary software. GNOME software would use this and end up showing and allowing users to install proprietary software. I see three solutions to this:

• Remove flathub from default install of flatpak
• Ask for a patch upstream to block proprietary apps in flatpak
• I've heard GNOME Software can filter out proprietary apps (this would be suboptimal on arch due to janky reporting within the appstream data, but everything in parabola repos is libre)

Another solution would be to host a mirror of flathub without proprietary apps. Thinking about it, the third point is suboptimal because libre apps may show as proprietary in GNOME Software, and thus be filtered out erroneously.

brainblasted wrote:

Someone put together a HOWTO on how archlinux-appstream-data is generated. https://sources.archlinux.org/other/packages/archlinux-appstream-data/HOWTO.

Basically someone with access to the package servers needs to use https://sources.archlinux.org/other/packages/archlinux-appstream-data/asgen-config.json, change 'arch' in the suites section to parabola, add the extra parabola repos (eg libre, pcr), and run the command in number 2. If we can do this, then gnome-software gets closer to getting in the repos again.

Didn't know about this. I'll look at this later at some moment ... no promises

Another issue is flatpak. The flatpak package for arch includes flathub by default, which includes proprietary software. GNOME software would use this and end up showing and allowing users to install proprietary software. I see three solutions to this:

• Remove flathub from default install of flatpak
• Ask for a patch upstream to block proprietary apps in flatpak
• I've heard GNOME Software can filter out proprietary apps (this would be suboptimal on arch due to janky reporting within the appstream data, but everything in parabola repos is libre)

Could you make a freedom issue report about this, specifying this too? (solutions, send patches, PKGBUILDs, etc) thx

bill-auger wrote:

if the bug (displays incorrect licenses) is itself a freedom issue (its the kind of bug that would prevent this program from being in parabola) - then probably this ticket can just be changed to "Freedom Issue"

is it even verified that this is a legimate bug ? - perhaps the licenses are being displayed as the packager has incorectly labeled them

idk why I marked it as a bug, but you're right, it's a freedom issue

I've moved it as we don't have gnome-software anymore so there is no direct freedom issue anymore. I also made sure to promote the fact that it's half done so we do have infos on how to fix part of the issues.