Incompatible Packages and Projects

As project oriented on free, permissive licensed software Hyperbola has a strict way to integrate different software-projects and packages based on them. Followed up the possible reasonings for us to decline packages for building or remove them from our repositories:

  • Package (software) is only available for the GNU/Linux-platform itself and is not as port for BSD possible, including the exclusive usage of interfaces being only available on GNU/Linux
  • Package (software) is bloated in technical, social and / or economical (eg. hardware resources) aspects, which means integration makes it the one major dependency for many others or its own dependency-tree is way more complex
  • Package (software) includes several already known vulnerable and insecure implementations and also opposes the essential long-term support from Hyperbola as the maintaining person(s) just state to always update to the newest version without having any interest in stable release-schedules
  • Package (software) is clearly non-free in its outcome and includes several parts impossible to remove or to modify, also declining the modification without asking, excluded would be packages (software) being right possible to patch and non-scaling in size of code with upstream maintainers decided to follow free and libre basics removing problematic parts / code
  • Package (software) is in its original state not complete free and libre, therefore patching would be needed but this would end in such tremendous work that even forking would be the better option
  • Package (software) is not based on the pure work of the community and is just a corporate project pretending to be free and libre in its licensing with people attend but nevertheless misusing their engagement so named copyright-holding companies get their profit with
  • Package (software) is especially not possible to build without further additional gtk-doc and / or texlive just for the documentation (documentation is a good and essential point, but not with over-engineered dependencies to maintain)
A “computer” should be per definition a helping tool, not an energy-consumption with endless scaling. We understand the wording economic especially in the direction that we should use all available resources with care, not with having the assumption of the opposite. Aside of this the hardware should be as long persisting as possible and not be exchanged on a near yearly base as new components and complete systems get available promising even more “performance”. As with this “performance” also the responsibility to care about the own hardware is forgotten!

All of those named points are reducing or even worse declining the elemental freedom of the user, to learn, to modify, to share and to use for any purpose without restrictions. Hyperbola was and is always about essential freedom and with its goal of technical emancipation oriented on lightweight software and design so people can learn and fully control their system by all means. Including software-projects and packages based on them opposing this will never be done, also not just for convinience!

List of packages and projects being not integrated and removed

Name Description Reasoning
systemd system and service manager See our reasoning here.
dbus Freedesktop.org message bus system See our reasoning here.
openssl Toolkit for Secure Sockets Layer and Transport Layer Security See our reasoning here.
bluez Daemons for the bluetooth protocol stack See our reasoning here.
xorg Xorg X server See our reasoning here.
gtk-doc Documentation tool for public library API There is no need to implement a toolset for generating any kind of HTML-based documentation or even more complex file-formats while man pages are absolutely sufficient.
libcanberra Implementation of the XDG Sound Theme Specification Package is not needed for running any kind of application and just make more work to maintain it, while the software itself is using more in its own dependency-tree.
avahi Service Discovery using mDNS/DNS-SD Package is named as being compatible with the non-free framework Bonjour from Apple and is also a possible attack-vector throughout the network.
zstd Zstandard - Fast real-time compression algorithm Package is free and permissive licensed but nevertheless bloat within especially social and economical aspects as some projects implement it as mandatory dependency without any kind of choice left to fast select another interface and dependency. It is a corporate project imposing goals of free, libre culture and destroying other free software with imperative things (breaks portability, ignores backwards compatibility, and replaces existing services, forcing into adoption)!
protobuf Protocol Buffers - data interchange format Package is free and permissive licensed but nevertheless bloat within especially social and economical aspects as some projects implement it as mandatory dependency without any kind of choice left to fast select another interface and dependency. It is a corporate project imposing goals of free, libre culture and destroying other free software with imperative things (breaks portability, ignores backwards compatibility, and replaces existing services, forcing into adoption)!
libatasmart ATA S.M.A.R.T. Reading and Parsing Library Package is based on interfaces only available on GNU/Linux, making it impossible to be ported and / or used further.
java / openjdk Java development kit See our reasoning here.
rust Systems programming language See our reasoning here.
sudo Give certain users the ability to run some commands as root See our reasoning here.
gettext GNU internationalization library Enforcing usage of Java and C# (.Net / Mono), while including references towards those non-free language implementations. Package itself is completely bloated in all named categories.
mono Implementation of the .NET platform including runtime and compiler Package is free and permissive licensed but nevertheless bloat within especially social and economical aspects as some projects implement it as mandatory dependency without any kind of choice left to fast select another interface and dependency. It is a corporate project imposing goals of free, libre culture and destroying other free software with imperative things as the company Microsoft has only given the permission for the core-parts, holding back essential copyright material and is able planning to force all free C# implementations underground some day using their software patent (source).
nodejs Evented I/O for V8 javascript Package is free and permissive licensed on the first look but nevertheless bloat within all parts. Also it is a possible attack-vector as JavaScript is exectued at run- and build-time with many further needed dependencies for projects. Further reasoning is to be read here.
npm A package manager for javascript We do not distribute any further package-manager outside our own as there will be never any kind of control which kind of licensed dependency is loaded and installed. Possible non-free dependencies would be then provided direct on the system.
pip The PyPA recommended tool for installing Python packages We do not distribute any further package-manager outside our own as there will be never any kind of control which kind of licensed dependency is loaded and installed. Possible non-free dependencies would be then provided direct on the system.
conan A distributed C/C++ package manager We do not distribute any further package-manager outside our own as there will be never any kind of control which kind of licensed dependency is loaded and installed. Possible non-free dependencies would be then provided direct on the system.
cargo Package manager for Rust We do not distribute any further package-manager outside our own as there will be never any kind of control which kind of licensed dependency is loaded and installed. Possible non-free dependencies would be then provided direct on the system.
flatpak Application sandboxing and distribution framework The project itself would bring up another way to distribute software, but as there is no source available without non-free packages and also no restriction to be implemented: Possible non-free dependencies and software would be then provided direct on the system.
chromium A web browser built for speed and simplicity See our reasoning here.
qt-webengine Provides support for web applications Package is based fully on chromium.
youtube-dl / yt-dlp (any fork) A command-line program to download videos from YouTube.com and more sites Besides that the only purpose of this software is to work with non-free platforms, this so-called “streamripper”-projects are part of further problems in contact with copyright-questions. Free and libre software mustn't use non-free platforms to circumvent them and make usage in a way nevertheless possible for accessing. For reaching possible easy download and extraction of data most of the projects incorporate JS, SWF, and SDK interpreters in order to deliver some functionality; packaging these runs contrary to delivering freedom as a number 1 priority (more information here).
electron Build cross platform desktop apps with web technologies Package is not fully free and permissive licensed and bloat within all categories. It is a corporate project imposing goals of free, libre culture and destroying other free software with imperative things (breaks portability, ignores backwards compatibility, and replaces existing services, forcing into adoption)!
midori Lightweight web browser The original project was abandoned since 2019 and further forks done on the base of electron.
go Core compiler tools for the Go programming language Hyperbola only provides gcc-go within the repositories and rejects the usage of go beyond as the language itself is designed to download further dependencies at buildtime, while there is no guarantee those are free and libre licensed. Besides that this concept opposes the idea of a stable design for software.
cdrtools Supporting CD, DVD and BluRay burning Package includes Apple's license binding with no clarification (apple_driver utility is non-free) and has an incompatible mix of the GPL and the CDDL, for which Hyperbola cannot include this software and all further projects exclusive only based on this.
kodi Software media player and entertainment hub for digital media Package contains non-free decompression engine for RAR archives and support for non-free addons, parts are furthermore only useful with java-runtime (jre7-openjdk and/or later versions) and it depends on libpulse and recommends pulseaudio optional installation.
pulseaudio A general-purpose sound server Package contains absurd bugs and conceptional problems such as SIGSEGV, following then takes some client applications with when crashing. There are also buffering issues which cause sound to stutter, jitter, and basically providing bad output. Reports of bugs with the hardware mixer, breaks or jitters input streams when adjusting line-in or mic volume; misidentifies mixer controls, depends on openssl, depends on systemd.
libhandy Library full of GTK+ widgets for mobile phones Package is mandatory for many newer GTK+ applications and instead of being just an option it is taken that way into the very basic needs for compilation, which causes even more dependencies.
imagemagick An image viewing/manipulation program Package has trademark issues.
directx-headers DirectX headers for using D3D12 The whole purpose of this package is only to provide some support for execution of DirectX-based applications and games. As technology-stack DirectX stays completely non-free, so there is also no purpose for Hyperbola including such package.
directx-shader-compiler A compiler for HLSL to DXIL (DirectX Intermediate Language) The whole purpose of this package is only to provide some support for execution of DirectX-based applications and games. As technology-stack DirectX stays completely non-free, so there is also no purpose for Hyperbola including such package.
redis An in-memory database that persists on disk Package is free and permissive licensed, but in its whole approach only usable in combination with specialized software. It is a Corporate project imposing goals of free, libre culture and destroying other free software with imperative things (breaks portability, ignores backwards compatibility, and replaces existing services, forcing into adoption)!
syslog-ng Next-generation syslogd with advanced networking and filtering capabilities Package is a corporate project imposing goals of free, libre culture and destroying other free software with imperative things (breaks portability, ignores backwards compatibility, and replaces existing services, forcing into adoption, source)!
libsecret Library for storing and retrieving passwords and other secrets Package is another approach for having password-management in applications possible. But especially those sensible fields should not done within a library, while this also results into more dependencies and no lightweight implementation! It communicates using dbus and is therefore not possible to be included for Hyperbola at any time.
polkit Application development toolkit for controlling system-wide privileges Privileges should be always being handled with care, especially not system-wide controlled by only one service / package including severe security-issues and being foremost oriented only onto GNU/Linux.
udisks2 Disk Management Service, version 2 Package is providing foremost only support towards GNU/Linux and is not available elsewhere. Furthermore dependencies for polkit, libatasmart and others needed.
gvfs Virtual filesystem implementation for GIO Package is bloat within all named aspects and includes also interfaces to non-free webservices.
pam PAM (Pluggable Authentication Modules) library Package has different security-issues and is not oriented on the way of technical emancipation as Hyperbola is trying to adapt lightweight implementations.
retroarch / libretro Reference frontend for the libretro API Package is providing several non-free libraries and projects.
qt-location Provides access to position, satellite and area monitoring classes Package is used for geo-tracking of users.
php A general-purpose scripting language that is especially suited to web development See our reasoning here.
sbc Bluetooth Subband Codec (SBC) library See our reasoning here.
phosh A pure Wayland shell prototype for GNOME on mobile devices The only purpose of this package is to enforce wayland as new display server protocol.
libgudev GObject bindings for libudev Package requires now particular version specific udev utilities on-pair with systemd itself and therefore is also making its own way to enforce dependencies.
libva Video Acceleration (VA) API for GNU/Linux Package is free and permissive licensed, but in its whole approach only usable in combination with specialized software. It is a Corporate project imposing goals of free, libre culture and destroying other free software with imperative things (breaks portability, ignores backwards compatibility, and replaces existing services, forcing into adoption)!
libvdpau Nvidia VDPAU library Package is free and permissive licensed, but in its whole approach only usable in combination with specialized software. It is a Corporate project imposing goals of free, libre culture and destroying other free software with imperative things (breaks portability, ignores backwards compatibility, and replaces existing services, forcing into adoption)!
cuda NVIDIA's GPU programming toolkit Package is completely non-free and therefore violating Hyperbola's standards!
fpc Free Pascal Compiler, Turbo Pascal 7.0 and Delphi compatible. Package needs itself within an earlier version to build, so creating a circular dependency-tree. Not supported and wanted within Hyperbola as a linear dependency-tree is our major interest.
python-build A simple, correct Python packaging build frontend Package needs itself within an earlier version to build, so creating a circular dependency-tree. Not supported and wanted within Hyperbola as a linear dependency-tree is our major interest.
python-installer Low-level library for installing a Python package from a wheel distribution Package is creating a circular dependency-tree.
texlive LateX and further packages distributed Hyperbola is not offering any package included as the licensing is not final cleared and therefore also not following free, libre culture with copyleft perspective.
shaderc Collection of tools, libraries and tests for shader compilation Package is a corporate project imposing goals of free, libre culture and destroying other free software with imperative things (breaks portability, ignores backwards compatibility, and replaces existing services, forcing into adoption)!
leveldb A fast and lightweight key/value database library Package is a corporate project imposing goals of free, libre culture and destroying other free software with imperative things (breaks portability, ignores backwards compatibility, and replaces existing services, forcing into adoption)!
gtest Google Test - C++ testing utility Package is a corporate project imposing goals of free, libre culture and destroying other free software with imperative things (breaks portability, ignores backwards compatibility, and replaces existing services, forcing into adoption)!
syncthing Continuous Replication / Cluster Synchronization Thing Package is using wide list of dependencies making it a corporate project imposing goals of free, libre culture and destroying other free software with imperative things (breaks portability, ignores backwards compatibility, and replaces existing services, forcing into adoption)! (dependencies towards leveldb and protobuf included)
vulkan Low-level and low-overhead, cross-platform API and open standard for 3D graphics and computing Resulting from non-free API-implementation named “Mantle” from AMD, Vulkan should create more access to faster rendering capabilities, but instead this API-implementation is only focussed on most modern and powerful graphic-processing-units. Development is therefore not oriented backwards and the API-implementation is also carrying a growing list of dependencies with every new version and release of included packages. Hyperbola decided active to disregard further this implementation. Vulkan is therefore not included and supported.
wayland A computer display server protocol Package breaks portability, ignores backwards compatibility, and replaces existing services, forcing into adoption!
scummvm A 'virtual machine' for several classic graphical point-and-click adventure games. Package implements engines just as interpreter instead of a full possible reimplementation of the engine. Also package needs non-free data to run.
granite Library that extends Gtk+ Package implements additions for GTK+, but being not compatible towards Hyperbola's policies. Also the maintainers ignore backwards compatibility complete.
freetds Library for accessing Sybase and MS SQL Server databases Package breaks portability, ignores backwards compatibility, and replaces existing services, forcing into adoption!
libsignal-protocol-c Signal Protocol C Library Package breaks portability, ignores backwards compatibility, and replaces existing services, forcing into adoption! Package is furthermore no longer in active development.
libomemo-c Fork of libsignal-protocol-c adding support for OMEMO XEP-0384 0.5.0+ Package is using protobuf-implementation and therefore being not possible to be rebuild from scratch.
lightdm A lightweight display manager Package is depending on other bloated frameworks being not supported by Hyperbola, like pam or polkit.
webrtc Free project providing web browsers and mobile applications with real-time communication (RTC) Packages based on this API are not supported in Hyperbola as all of them break portability, ignore backwards compatibility, and replace existing services, forcing into adoption!
kotlin Statically typed programming language that can interoperate with Java Package is only possible to be build with Java, see our reasoning here.

Packages and projects using those named dependencies within the listing as mandatory dependency can't and won't be integrated within the repositories of Hyperbola at any time.

There is no easy patch!

Please be also aware that even if it would be possible to patch several dependencies out for packaging a concrete version: This patch would only work for a concrete version and release. With any new released version the whole work would be done again or even worse is no longer possible. Also take into your perspective that even a questionable dependency is once optional it may be changed in coming new releases. For a small system and project like Hyperbola this is not acceptable. You cannot select the fitting convinient way, just some packages are not fitting and others do. Either to follow the whole strict way for not ignoring issues or staying pragmatic. The decision for the project is oriented onto not ignore all issues!

List of packages and projects being integrated but in staled state

Name Description Reasoning
weechat Fast, light and extensible IRC client (curses UI) Since release 3.5 the project is enforcing zstd using it as mandatory dependency. So the last functional version for Hyperbola is 3.4.1 and being on hold in this state.
wyrmsun Real-time strategy game based on history, mythology and fiction Since release 4.0.0 the project is enforcing qt-location using it as mandatory dependency. So the last functional version for Hyperbola is 3.5.4 and being on hold in this state.
ccache Compiler cache that speeds up recompilation by caching previous compilations Since release 4.0 the project is enforcing zstd using it as mandatory dependency. So the last functional version for Hyperbola is 3.7.12 and being on hold in this state.
librsvg SVG rendering library Project is enforcing the usage of Rust from versions newer than 2.40.21.
hexchat A popular and easy to use graphical IRC (chat) client Since higher versions than 2.14.3 the project is using different parameters for compilations and no longer offers the possibility to disable the notification-interfaces which is causing unneeded warnings for not existing dbus-interfaces.
supertux A classic, free and libre 2D jump'n'run sidescroller game Project has started to include more and more non-free services alike Discord. Therefore the package is being put in staled state for version 0.6.2 as being last and latest version available without non-free services integrated.
inkscape Professional vector graphics editor Project has started to provide profiles for non-free services like Facebook, Twitter and others in version 1.1, providing those directly in a dialog when starting to select possible sizings for new created graphic-files. Since this is at minimum social bloated Hyperbola will no longer provide further updates to the application and set it on hold in its current version available in our repositories. A patch would not help to overcome this situation.
clamav Anti-virus toolkit for Unix Starting with ClamAV 0.105, the Rust toolchain is required to compile ClamAV. So Hyperbola stops providing further updates and put the current version 0.103 on hold, just security-fixes.
warzone2100 3D realtime strategy game on a future Earth Newer versions of package allocate dependencies funded with not free and libre interests, going into the opposite direction of what Hyperbola wants to reach. So package is on hold in version 3.3.0.
supertuxkart Free software kart racing game Newer versions of package allocate dependencies funded with not free and libre interests, going into the opposite direction of what Hyperbola wants to reach. So package is on hold in version 1.2.
neverball Free and libre 3D floor-tilting game Package implements non-free media like the “octocat”-logo from Github and also the logo from Occulus Rift. Hyperbola includes therefore an own modified revision and set the package on hold for version 1.6.0.
ffmpeg Complete solution to record, convert and stream audio and video Package implements corporate sources and patents as having basic not much choice. Within newer releases package also implements enhancements funded with not free and libre interests, going into the opposite direction of what Hyperbola wants to reach. So package is on hold in version 4.4.
conky Lightweight system monitor for X Newer versions of package going into the opposite direction of what Hyperbola wants to reach. So package is on hold in version 1.11.6.
audacity A program that lets you manipulate digital audio waveforms Newer versions of package have introduced telemetry and a privacy policy raising concerns being in conflict with GPL v2 license. Furthermore the enforced integration of questionable platforms and other interfaces makes this package no longer possible to maintain in a free and libre compatible way within newer versions and therefore staying on hold in version 2.4.2.

Packages and projects in the state on hold are not able to get any further update as they enforce dependencies being not possible to be added or integrated as otherwise being a direct violation of the principles and values of Hyperbola. If there are possible problems for security those would be needed to be removed. When needed Hyperbola will also backport security-fixes!

Hyperbola is not opposing a diverse and colorful software-landscape!

It sounds harsh when we need to mark a package being set on hold, but we would have nevertheless otherwise need to integrate packages and dependencies we have before marked as incompatible with our own perspective of software-freedom. This has nothing to with any kind more fanatic perspective as it is just following a simple and also direct logic. When a project concludes to have incompatible dependencies marked mandatory for running, we have only the choice to ask upstream for alternatives or leave the resulting software / package complete out. And many of our questions for having alternative options upstream were rejected in the past, as we wanted to keep problematic frameworks and dependencies optional instead of defining them as mandatory. Surely we don't and won't interfere within the decisions of the project-maintainers so we decide most to put the packages included then in this state. The communication to upstream can help and bring insights, but it can be also mistaken as the opposite. Our decision is therefore having working versions of packages put on hold whenever their dependency-tree is changing to more complex frameworks and libraries in usage putting the users at risk to loose the insights in their installed system, including non-free systems and platforms makes the software and its users depending on them and even simulating acceptance. It is just the clear idea of software-freedom, which we are following. Also to add: It is surely not always the newest version of a software-package needed or the safe spot for security afterwards. When a package always needs the newest version for being “safe” it should be more questioned in its quality of code and design.

As HyperbolaBSD is a complete operating-system we are not longer in the need to follow the routine to update always every package and can follow our own perspective instead.

The bigger picture and conclusion

While many other systems and system-distributions include those above listed packages in one form or another (other names and descriptions) Hyperbola is oriented fully on the freedom for the users. To keep the packages named is mostly done with the reasoning of convinience, set above freedom and technical emancipation in general.

This list is not meant to be used as false argument against Hyperbola as project, likewise stating it would be ideological misleaded. Everyone and every user is free in the own decision. So what is furthermore done local stays upon that. But to keep up the freedom and especially the free decision software-projects named are excluded. Learning how to build and package software is part of our main purpose for the users.

So is it about “isolation” for Hyperbola? No, for sure not. But the project is setting up a clear statement with all those packages listed not compatible and / or on hold. A clear statement in regards for the principles and values being important for Hyperbola and as every project those matters for us. If this is to be seen different? That's absolutely working, but for sure not in our perspective. And perhaps this drop of information and principles likewise values keeps on growing as to oppose the misusage of free, libre culture in its roots. Perhaps others may say that politics do not matter for software, we see it different. Everything is part of and political, otherwise this project and the whole sphere of free and libre software, licensing and culture would not exist! There is also a right not to use a package and choose a different one as part of a diverse approach building the own system for the own usage.

And just a short note in the end: Even though many parts here sound like we are dealing with “antagonists” or even worse we do not follow this line. It is about ignorance and arrogance, which may relevant at any time for every being. Do not work with singular simplified imagery, work with clear guidelines, calm but straight values and principles. Do not go out and spread hate or shortened messages. Those won't help and even make the whole situation more drastic and worse!