Closed (fixed)
Project:
Drupal Licensing Working Group
Component:
Violation
Priority:
Critical
Category:
Task
Assigned:
Unassigned
Issue tags:
Reporter:
Created:
26 Dec 2010 at 20:19 UTC
Updated:
24 Jun 2015 at 10:24 UTC
Jump to comment: Most recent
Comments
Comment #1
bonobo commentedThe code is licensed under a BSD license, which is one of the GPL-compatible licenses.
Isn't this covered under section 10 of the licensing FAQ: http://drupal.org/licensing/faq#q10 ?
Is this actually an issue? It seems like this falls within the licensing guidelines.
Comment #2
wundo commentedAs far as I checked there is no "local" changes to S3.php, so IMHO there is no reason to duplicate it in our repository.
Comment #3
wundo commentedTake a look at Crell's comment in #460824: Non-GPL code in CVS and distributed with module:
Comment #4
avpadernoThe link reported in comment #1 contains the following text:
In http://drupal.org/node/66113 is reported that:
In http://drupal.org/node/422996, though, is reported that:
Comment #5
ronan commentedI added the library to the module since the module is aimed at a fairly non-technical audience and I wanted to make installation easier. (My experience with the 'describe how to install it' method with B&M Files tells me I'm not wrong on this one: http://drupal.org/project/issues/backup_migrate_files?text=archive%3A%3A...).
I understand that "Making it easier for the user" is not an listed excuse to get a variance from this policy so I imagine I won't, but I do have to say that I disagree with the policy. I understand the basic need to not allow, say, the entire Zend framework to be committed to the drupal CVS, but to apply this rule in all cases starts to feel a little arbitrary. The rule makes perfect sense for the 'bridge' type modules that link to enormous and ever-changing libraries, but in a case like this, I'm not fully onboard. The file is all of 46k and since I haven't changed it whatsoever, it cannot possibly be construed as a fork by any reasonable definition of the word. I'm really not seeing the difference between including a version of the file with the module and directing the user to download the very same version of the file from a different server and putting it in exactly the same place (other than confusing and inconveniencing the end user).
That's my opinion and my reasoning for ignoring the policy to begin with. I hope I didn't come off too rude or disrespectful, because I do respect and appreciate the hard work the infrastructure team put into keeping everything ticking along nicely here on d.o.
Let me know if you want me to pull the S3 file.
Ronan
Comment #6
sreynen commentedSubscribing.
Comment #7
crifi commentedSubscribing.
Comment #8
bojanz commentedTo be honest, requiring every single file to be downloaded separately makes installing a module into a full-blown operation and really makes it impractical to do anything without drush make scripts. It's been bugging me for quite a while.
So I must say I agree with ronan, even if it's against the policy.
Comment #9
wundo commentedWhat I would to in this case is separate this feature in another module (like you suggest for the Dropbox integration) and create a Drush make for that.
Putting this feature in another module allows us to implement our own hook_requirements to check if the library is in place and warn the user if it isn't, so those support tickets should not occur.
Comment #10
avpadernoI think that not committing external libraries in drupal.org has its pros, especially if the library is used by more than a module.
What would happen if two modules use the same library, but different versions? If both the modules load the library for the same page, there will be surely a conflict.
Even in the case the library is used from just a module, what happen when the library is updated? Should the users will wait until the maintainer commits the new version of the library? What happens for those sites where the library creates problems and the maintainer should use the older version of the library? What happens if the administrator of a site has modified the library for his own site?
We have already rules about which libraries can be committed, and those rules should be followed.
Comment #11
bonobo commentedRonan's comments in #5, above, nail this issue.
It's also worth noting that the work around allowing 3rd party code to be whitelisted and included as part of install profiles are providing a way around this complexity: #779452: Whitelist for external dependencies
In this specific case, the code in Backup and Migrate is being used in accordance with the original author's wishes. The code is licensed under a GPL-compatible license. The code used is pretty small, and it has not been changed in any way.
Moreover, the version included with Backup/Migrate *works*. Additionally, the code is not under rapid devlopment; the most recent release is July, 2009, so the argument that this is even approaching a fork doesn't hold here.
+1 for closing this issue as a non-issue. The inclusion of this code in CVS feels in line with what the guidelines are, and in this case, no one is trying to circumvent/subvert the intent of the GPL.
If there is not consensus to just leave this be, I suggest that someone contact the original author and see if he would be open to dual licensing for this specific case.
Comment #12
bonobo commentedkiamlaluno and I were cross-posting
RE:
This happens all the time - a few modules use the getid(3) library, swfobject2, etc. It's one of the problems that the libraries API was intended to solve, and one of the things pushing people to standardize around using sites/all/libraries
But this really gets sorted out by site buiders, on a site by site basis. This is not a problem that can be solved by d.o cvs policies.
In this case, we have code with a GPL compatible license, being used within the terms of the original author.
No harm, no foul.
Comment #13
damien tournoud commentedThere is nothing to discuss here. Drupal.org repositories only host code released on a "GPL 2 or later" license, as clearly stated in our Usage Policy:
It is even clarified in the FAQ that our repositories do not host any "GPL-compatible code".
This file is not released under the "GPL 2 or later" license, it needs to be immediately removed from our repositories.
Comment #14
damien tournoud commentedAs soon as we will have migrated to Git, it will become easier to reference external code, which will make the whole "it's easier for my users" argument moot. But note that the "Don't mix licenses" policy will probably stay in place.
Comment #15
ronan commentedIt's gone now.
Comment #16
alex ua commentedMarking as fixed as per #15
Comment #17
avpadernoThe file is still present in the MAIN branch: http://drupalcode.org/viewvc/drupal/contributions/modules/backup_migrate....
Comment #18
avpadernoI have removed the file (http://drupal.org/cvs?commit=472884).
Comment #19
avpadernoI forgot to change status.
Comment #22
avpaderno