diff --git a/project/modules/ROOT/pages/upstream-first.adoc b/project/modules/ROOT/pages/upstream-first.adoc index 4ceddc1..a602470 100644 --- a/project/modules/ROOT/pages/upstream-first.adoc +++ b/project/modules/ROOT/pages/upstream-first.adoc @@ -60,6 +60,10 @@ Reasons for downstream patches include: * *Distribution-Specific Needs*: Fedora, and its downstream distributions like EPEL, may have unique requirements or constraints that necessitate downstream modifications. These needs might relate to specific hardware support, security considerations, or integration with other Fedora components. +* *Non-Free Blobs*: + Fedora is committed to promoting free and open source software and building everything from source. + Sometimes, upstream projects include non-free or pre-built binary blobs that Fedora needs to patch out to adhere to our principles. + While Fedora may discuss potential fixes with upstream, these patches might not always be accepted if there are no suitable alternatives or if they remove functionality. In these situations, Fedora strives to minimize the scope and duration of downstream patches, and continues to work towards upstreaming changes whenever feasible. Understanding the reasons for downstream changes is essential for maintaining transparency and trust within the community. @@ -97,6 +101,10 @@ Here are a couple of examples: A Fedora packager discovers licensing issues with an open source project, such as unclear or non-compliant licenses for included assets. Instead of simply excluding the project from Fedora, they work with the upstream developers to clarify or correct the licenses. This ensures that the project can be included in Fedora and benefits the broader open source community by promoting license compliance. +* *Avoiding Bundled Dependencies*: + A Fedora packager notices that an upstream project bundles a specific version of a dependency. + Instead of using the bundled dependency, they repackage the project to use the system-wide version of the dependency. + This ensures consistency across Fedora packages, enables rapid security patch deployment, and maintains compatibility between interdependent packages. These examples illustrate how upstream first fosters collaboration, shared ownership, and continuous improvement within the open source ecosystem. We encourage you to share your own examples of upstream first contributions to this list.