14 xsi:schemaLocation="tag:globalcode.info,2019:sane-software/manifesto ssm.xsd"> |
14 xsi:schemaLocation="tag:globalcode.info,2019:sane-software/manifesto ssm.xsd"> |
15 |
15 |
16 |
16 |
17 <title>Sane Software Manifesto</title> |
17 <title>Sane Software Manifesto</title> |
18 <id>fd466b50-6abd-4294-b11f-a5b8f2f39c2a</id> |
18 <id>fd466b50-6abd-4294-b11f-a5b8f2f39c2a</id> |
19 <preamble>In respect to user freedoms, privacy, liberty, quality, mental health and world peace we create software according to these guidelines.</preamble> |
19 <preamble>In respect to user freedoms, privacy, liberty and software quality we create software according to the following guidelines.</preamble> |
20 |
20 |
21 <chapter> |
21 <chapter> |
22 <name>Free software</name> |
22 <name>Free software</name> |
23 <id>ca4d0f6c-9996-49ac-8647-b7f15b049b03</id> |
23 <id>ca4d0f6c-9996-49ac-8647-b7f15b049b03</id> |
24 <item> |
24 <item> |
25 <id>a755410b-6264-4094-b339-aeca55448e8d</id> |
25 <id>a755410b-6264-4094-b339-aeca55448e8d</id> |
26 <text>Every piece of Sane software is also Free software.</text> |
26 <text>Every piece of Sane software is also Free software (as originally defined by Richard Stallman).</text> |
|
27 <text>Which means that the user has freedom to</text> |
|
28 <text>run the program for any purpose, </text> |
|
29 <text>to study and change it (i.e. has access to the source code under a free software license) </text> |
|
30 <text>and to distribute modified or unmodified copies.</text> |
27 <note>see https://www.gnu.org/philosophy/free-sw.html</note> |
31 <note>see https://www.gnu.org/philosophy/free-sw.html</note> |
28 </item> |
32 <note>see https://www.gnu.org/philosophy/who-does-that-server-really-serve.html</note> |
29 <item> |
|
30 <id>c75a518f-c155-4544-a439-5694ba6f1c53</id> |
|
31 <text>The user has freedom to run the program for any purpose, to study and change it (i.e. has access to the source code under a free software license) and to distribute modified or unmodified copies.</text> |
|
32 </item> |
33 </item> |
33 <item> |
34 <item> |
34 <id>b7cd1a50-79eb-4df2-925c-7243a46d5ed8</id> |
35 <id>b7cd1a50-79eb-4df2-925c-7243a46d5ed8</id> |
35 <text>The user controls his/her computer and software and owns the data.</text> |
36 <text>The user controls his computer and software and owns the data. Not the author of the software or anyone else without user's explicit consent.</text> |
36 </item> |
|
37 <item> |
|
38 <id>a61998fa-376a-4435-bd97-8225ea4e2808</id> |
|
39 <text>Non-free software can not be trusted.</text> |
|
40 </item> |
37 </item> |
41 <item> |
38 <item> |
42 <id>c78a9796-7862-4dd2-8ad9-3fdae094fe2c</id> |
39 <id>c78a9796-7862-4dd2-8ad9-3fdae094fe2c</id> |
43 <text>Must be buildable using free software toolchain (like GNU/Linux + GCC or OpenJDK etc.).</text> |
40 <text>Must be buildable using free software toolchain (like GNU/Linux + GCC or OpenJDK etc.).</text> |
44 </item> |
41 </item> |
45 <item> |
42 <item> |
46 <id>b3c0daaf-dcaf-49a8-ae38-40590456a315</id> |
43 <id>b3c0daaf-dcaf-49a8-ae38-40590456a315</id> |
47 <text>Should not promote non-free (proprietary) software or services.</text> |
44 <text>Must not promote non-free (proprietary) software or services.</text> |
48 </item> |
45 </item> |
49 <item> |
46 <item> |
50 <id>b2fd5d2d-4d47-48e8-8abc-4b1aa94a7951</id> |
47 <id>b2fd5d2d-4d47-48e8-8abc-4b1aa94a7951</id> |
51 <text>Copyleft licenses (like GNU GPL or GNU Affero GPL) are strongly recommended because they guarantee software freedoms to every single end-user and prevent possibility that freedom vanishes somewhere in the distribution chain and the user can't benefit from the free software albeit the software is build on originally free source code.</text> |
48 <text>Copyleft licenses (like GNU GPL or GNU Affero GPL) are strongly recommended because they guarantee software freedoms to every single end-user and prevent possibility that freedom vanishes somewhere in the distribution chain and the user can not benefit from the free software albeit the software is build on originally free source code.</text> |
52 </item> |
49 </item> |
53 <item> |
50 <item> |
54 <id>c3599313-338b-428d-885f-964a443d76c6</id> |
51 <id>c3599313-338b-428d-885f-964a443d76c6</id> |
|
52 <!-- TODO: MUST + exception for older software --> |
55 <text>The license should be compatible with GNU GPL in order to allow mixing with the GPL code.</text> |
53 <text>The license should be compatible with GNU GPL in order to allow mixing with the GPL code.</text> |
56 </item> |
54 </item> |
57 <item> |
55 <item> |
58 <id>f39b90ae-0054-467e-a9e2-43379b7c2331</id> |
56 <id>f39b90ae-0054-467e-a9e2-43379b7c2331</id> |
59 <text>If the software is distributed with a hardware, the hardware must support instalation of independently built software without any restrictions or requirements (e.g. digital signature from the original author).</text> |
57 <text>If the software is distributed with a hardware, the hardware must support instalation of independently built software without any restrictions or requirements (e.g. digital signature from the original author).</text> |
121 </item> |
119 </item> |
122 |
120 |
123 </chapter> |
121 </chapter> |
124 |
122 |
125 <chapter> |
123 <chapter> |
|
124 <!-- TODO: rename this chapter? this is also compatibility „with others“ Or merge with previous one--> |
126 <name>Compatible with itself</name> |
125 <name>Compatible with itself</name> |
127 <id>d626bb57-a20a-4182-a88a-446e901e9de4</id> |
126 <id>d626bb57-a20a-4182-a88a-446e901e9de4</id> |
128 <item> |
127 <item> |
129 <id>a9852300-c59a-4bda-86a1-3a90d2ee1b74</id> |
128 <id>a9852300-c59a-4bda-86a1-3a90d2ee1b74</id> |
130 <text>Focus on backward compatibility. Newer version should work as a drop-in replacement.</text> |
129 <text>Focus on backward compatibility. Newer version should work as a drop-in replacement.</text> |
131 </item> |
130 </item> |
132 <item> |
131 <item> |
133 <id>f9b07d6c-da34-4971-8a92-a50b3e9f80ff</id> |
132 <id>f9b07d6c-da34-4971-8a92-a50b3e9f80ff</id> |
134 <text>Don't break things – rather postpone the release date than deliver a faulty product.</text> |
133 <text>Do not break things – rather postpone the release date than deliver a faulty product.</text> |
135 </item> |
134 </item> |
136 <item> |
135 <item> |
137 <id>ae33d206-4988-44ec-b8e2-3120019fcf2f</id> |
136 <id>ae33d206-4988-44ec-b8e2-3120019fcf2f</id> |
138 <text>Don't remove features unless they are really obsolete, unused or unrepairably broken.</text> |
137 <text>Do not remove features unless they are really obsolete, unused or unrepairably broken.</text> |
139 </item> |
138 </item> |
140 <item> |
139 <item> |
141 <id>c542336a-fce8-412c-a8dd-1328c1a884ec</id> |
140 <id>c542336a-fce8-412c-a8dd-1328c1a884ec</id> |
142 <text>The user interface might be simplified or redesigned while preserving the features under the hood.</text> |
141 <text>The user interface might be simplified or redesigned while preserving the features under the hood.</text> |
143 </item> |
142 </item> |
272 <id>d8eba0dd-4305-44b9-80ea-4c38b6dfa633</id> |
272 <id>d8eba0dd-4305-44b9-80ea-4c38b6dfa633</id> |
273 <text>use strong data typing, declare preconditions and possible exceptions</text> |
273 <text>use strong data typing, declare preconditions and possible exceptions</text> |
274 </item> |
274 </item> |
275 <item> |
275 <item> |
276 <id>ebea0c16-f820-444d-a73c-3054ca6a38c8</id> |
276 <id>ebea0c16-f820-444d-a73c-3054ca6a38c8</id> |
277 <text>data structures must be known and well documented – don't use undocumented map keys or properties</text> |
277 <text>data structures must be known and well documented – do not use undocumented map keys or properties</text> |
278 </item> |
278 </item> |
279 <item> |
279 <item> |
280 <id>e24e600e-6542-4664-8cf0-2d8c6feb6c13</id> |
280 <id>e24e600e-6542-4664-8cf0-2d8c6feb6c13</id> |
281 <text>code, comments and specification should be written in the same natural language</text> |
281 <text>code, comments and specification should be written in the same natural language</text> |
282 </item> |
282 </item> |
335 <item> |
335 <item> |
336 <id>d7655989-a5e4-4123-9147-3782fc05a5ee</id> |
336 <id>d7655989-a5e4-4123-9147-3782fc05a5ee</id> |
337 <text>helper tools:</text> |
337 <text>helper tools:</text> |
338 <item> |
338 <item> |
339 <id>a5307bc9-36ed-4d83-963a-30c5c67613aa</id> |
339 <id>a5307bc9-36ed-4d83-963a-30c5c67613aa</id> |
340 <text>if you e.g. use Bash and Perl during the build process, don't add also Python dependency, write it in Perl – or use Python instead of Perl.</text> |
340 <text>if you e.g. use Bash and Perl during the build process, do not add also Python dependency, write it in Perl – or use Python instead of Perl.</text> |
341 </item> |
341 </item> |
342 <item> |
342 <item> |
343 <id>b0237d84-7068-4b2b-bc28-ce5e0a0061e4</id> |
343 <id>b0237d84-7068-4b2b-bc28-ce5e0a0061e4</id> |
344 <text>Or if you use Java as your main language, consider not using Python/Perl for scripting and use Java for it</text> |
344 <text>Or if you use Java as your main language, consider not using Python/Perl for scripting and use Java for it</text> |
345 </item> |
345 </item> |
391 <chapter> |
391 <chapter> |
392 <name>Trustworthy packages and sources</name> |
392 <name>Trustworthy packages and sources</name> |
393 <id>e7ded437-aaa2-475a-9754-0b2d89394b24</id> |
393 <id>e7ded437-aaa2-475a-9754-0b2d89394b24</id> |
394 <item> |
394 <item> |
395 <id>a0d9322c-7d2b-4632-b543-7e0d75bb5f0b</id> |
395 <id>a0d9322c-7d2b-4632-b543-7e0d75bb5f0b</id> |
396 <text>every released version (binary or source) is cryptographically signed by the authors (GnuPG/OpenPGP is strongly recommended)</text> |
396 <text>every released version (binary or source) must be cryptographically signed by the authors (GnuPG/OpenPGP is strongly recommended)</text> |
|
397 </item> |
|
398 <item> |
|
399 <id>feb97ec0-c35c-49b8-b455-517a929b4a84</id> |
|
400 <text>there should be also checksums/hashes for every released package</text> |
397 </item> |
401 </item> |
398 <item> |
402 <item> |
399 <id>ff33e209-0460-4a43-997f-d6b32b73997b</id> |
403 <id>ff33e209-0460-4a43-997f-d6b32b73997b</id> |
400 <text>if HTTP is supported, HTTPS should also be – the attacker/eavesdropper should not even know what software/package/update is downloaded by the user</text> |
404 <text>if HTTP is supported, HTTPS should also be – the attacker/eavesdropper should not even know what software/package/update is downloaded by the user</text> |
401 </item> |
405 </item> |
471 <item> |
471 <item> |
472 <id>e6603e06-0b2c-439e-82ce-45f9744b2ef8</id> |
472 <id>e6603e06-0b2c-439e-82ce-45f9744b2ef8</id> |
473 <text>character encoding:</text> |
473 <text>character encoding:</text> |
474 <item> |
474 <item> |
475 <id>abd42a7f-bd4b-4034-98ee-85a33094b5c1</id> |
475 <id>abd42a7f-bd4b-4034-98ee-85a33094b5c1</id> |
476 <text>always be aware of it, don't just blindly use current platform's default (because the other side might run on different platform with different default)</text> |
476 <text>always be aware of it, do not just blindly use current platform's default (because the other side might run on different platform with different default)</text> |
477 </item> |
477 </item> |
478 <item> |
478 <item> |
479 <id>abd48eae-d287-4729-80ee-52dd018b0ba7</id> |
479 <id>abd48eae-d287-4729-80ee-52dd018b0ba7</id> |
480 <text>if given software/format/protocol has some default encoding, it must be clearly defined in its specification and this default should not be changed without changing the major version number</text> |
480 <text>if given software/format/protocol has some default encoding, it must be clearly defined in its specification and this default should not be changed without changing the major version number</text> |
481 </item> |
481 </item> |
537 <id>a2852409-806f-480c-8700-141ace86f322</id> |
537 <id>a2852409-806f-480c-8700-141ace86f322</id> |
538 <text>use signed and encrypted messages (GnuPG or X.509)</text> |
538 <text>use signed and encrypted messages (GnuPG or X.509)</text> |
539 </item> |
539 </item> |
540 <item> |
540 <item> |
541 <id>da2b84bd-a20d-4e76-af14-740a7c9ccfb3</id> |
541 <id>da2b84bd-a20d-4e76-af14-740a7c9ccfb3</id> |
542 <text>avoid spam and viruses, don't spam the users, don't push them to subscribe your „newsletter“ – always offer also anonymous channel like RSS/Atom</text> |
542 <text>avoid spam and viruses, do not spam the users, do not push them to subscribe your „newsletter“ – always offer also anonymous channel like RSS/Atom</text> |
543 </item> |
543 </item> |
544 </item> |
544 </item> |
545 <item> |
545 <item> |
546 <id>ec4c92b6-83e5-4051-9aef-fa7d02e292b8</id> |
546 <id>ec4c92b6-83e5-4051-9aef-fa7d02e292b8</id> |
547 <text>Jabber MUC or IRC</text> |
547 <text>Jabber MUC or IRC</text> |
562 <id>ff537045-819e-4dec-a020-d2c9f2c3292b</id> |
562 <id>ff537045-819e-4dec-a020-d2c9f2c3292b</id> |
563 <text>there should be a second-level internet domain for the project or its team</text> |
563 <text>there should be a second-level internet domain for the project or its team</text> |
564 </item> |
564 </item> |
565 <item> |
565 <item> |
566 <id>b54d4978-974b-4743-bdba-7d4957bc9ba7</id> |
566 <id>b54d4978-974b-4743-bdba-7d4957bc9ba7</id> |
567 <text>but don't buy an internet domain if you are not prepared to mainain it for decades – rather use third level domain under some reliable second level domain maintained by a credible group or person – think of that every expired domain helps spammers and scammers and hurts the users</text> |
567 <text>but do not buy an internet domain if you are not prepared to mainain it for decades – rather use third level domain under some reliable second level domain maintained by a credible group or person – think of that every expired domain helps spammers and scammers and hurts the users</text> |
568 </item> |
568 </item> |
569 <item> |
569 <item> |
570 <id>a1141312-5177-4d68-bb14-fce952d542c3</id> |
570 <id>a1141312-5177-4d68-bb14-fce952d542c3</id> |
571 <text>URLs should be as stable as possible (don't break old links, set up redirections if needed)</text> |
571 <text>URLs should be as stable as possible (do not break old links, set up redirections if needed)</text> |
572 </item> |
572 </item> |
573 <item> |
573 <item> |
574 <id>c5b6d3d7-2f1f-4371-acfa-d6af1588c2cb</id> |
574 <id>c5b6d3d7-2f1f-4371-acfa-d6af1588c2cb</id> |
575 <text>the website must be independent and must contain everything needed – any content (JavaScripts, CSS, fonts, images etc.) downloaded from other domains must not be required to browse/use the website</text> |
575 <text>the website must be independent and must contain everything needed – any content (JavaScripts, CSS, fonts, images etc.) downloaded from other domains must not be required to browse/use the website</text> |
576 </item> |
576 </item> |
661 <item> |
661 <item> |
662 <id>e6d2175a-97ff-4fd5-9bc1-a3914c6dd719</id> |
662 <id>e6d2175a-97ff-4fd5-9bc1-a3914c6dd719</id> |
663 <text>feature/bug tracking system</text> |
663 <text>feature/bug tracking system</text> |
664 </item> |
664 </item> |
665 <item> |
665 <item> |
666 <id>d3fb6917-75b2-4243-adbb-0d1c93d14883</id> |
|
667 <text>roadmap of future releases</text> |
|
668 </item> |
|
669 <item> |
|
670 <id>ae430fee-4850-453f-9382-282d7eed27a4</id> |
666 <id>ae430fee-4850-453f-9382-282d7eed27a4</id> |
671 <text>plan of supported versions/branches</text> |
667 <text>plan of supported versions/branches</text> |
672 </item> |
668 </item> |
673 <item> |
|
674 <id>fbe9e5d0-17b8-43e3-9e00-7660eb4833e5</id> |
|
675 <text>every release/version/branch must clearly declare the status (alpha, beta, prototype, stable, retired, deprecated…)</text> |
|
676 </item> |
|
677 |
|
678 </chapter> |
669 </chapter> |
679 |
670 |
680 </manifesto> |
671 </manifesto> |