I was browsing through snaps avalaible in offcial store and noticed that there are two snaps of dnsmasq:
One of them called “dnsmasqd” wasn’t updated since 2016. Moreover its license is set as “proprietary” which obviously can’t be true.
I looked around for more snaps from the same author and all of them are listed with “proprietary” license which isn’t true at least for some of them (didn’t check them all), maybe even all of them.
I found their author github site witch is used for hosting snap build files: https://github.com/lool
It seems they’re building dnsmasq from their own private repo:
In my opinion this is a red flag and unacceptable as it undermines all trust user may have for snap packages (I don’t judge author intentions).
I don’t know what are the rules for publishing snap in store but but I’m pretty sure that fake licenses shouldn’t be allowed.
I’m also wondering what are the rules about duplicate packages?
Can someone submit Firef0x package which will be duplicate of Firefox?
What about building snaps from private repos not connected to upstream which can contain anything?