Support for Drupal 7 is ending on 5 January 2025—it’s time to migrate to Drupal 10! Learn about the many benefits of Drupal 10 and find migration tools in our resource center.Recently, one of my projects was unpublished because it had modified 3rd party code in it. So I figured in order to make people realize what a retarded policy it is, I'd compile a list of projects (some very well known ones at that) that have the exact same problem that my own project did to make people wake up and smell the coffee.
Now, I compiled this list by looking at 1 user's commit history (Sun). I simply went through it, and pulled out all the projects that had 3rd party libs in them or non-GPLv2 code. Even though most of the code is free, it is not licensed under the GPLv2 and thus is in violation of the CVS rules.
Anyways, I dont really give a hoot about any of these projects, they are merely examples as to why I consider the people I had to deal with as hypocrites. Even the person who reported my project has committed 3rd party libs himself as you will see. He made a snide remark yesterday after I pointed out that his own projects have the same problem in IRC by saying "ha, I wasnt even the one who committed that one" but whatever, I knew he wasnt all that. It's simply to retarded to follow a GUIDELINE as though it were some sort of unbreakable law. There is some discretion to be used, such as dont upload 500 .php/js files from another 3rd party, etc, common sense stuff. But single JS files, some images, and example usage code should not be included in this restriction. The ONLY exception in my opinion would be if the stuff was written under a non-free license. According to people in #drupal, drupal is 'suppose' to be one of the most 'open' communities around. But I'm about to show you that that simply is not the case. Drupal is really nothing more than one big dictatorship run by a couple power hungry kids. And if it's not, then I'd find it interesting if all the projects I am about to list are unpublished with "unpublished to give them time to remove the files" as the same excuse that was given to me, because frankly, I'd find that really retarded. Now, I have no problem removing files as I had mentioned in IRC, but the way in which it was dealt with was completely uncalled for simply because the guy was jealous that the module was better than his own or for whatever reason. It is blatently clear that there was no reason for any of his behaviors. I told him in IRC that I'd find a way to remove them as soon as I could, but 2 mins later he has to go and publish some public crap about it which is not only insulting, but quite angering.
If I were to put an analogy to all of this, here is what I would say: A cop walks up and says, you are parked in the wrong spot, move the car. You say, ok I will, lemme grab the keys. You come back in a few minutes only to find the car has been towed.
Either way, it wasnt even a module to make waves about, its like a 27 line DEMO module displaying how mootools and jQuery can work with D5/6 without modifying any of the core files and it somehow threatened him? yea ok. whatever. So, here's the list I spoke about. Do with it what you want.
Chaos Tools (http://drupal.org/project/ctools)
Problem: Has 3rd party code files as well as non-GPLv2 code (MIT licensing), probably needs to be re-licensed.
List of offending files:
dimensions.js
mc.js
3rd Party Website to download these files:
http://plugins.jquery.com/project/dimensions
http://jquery.glyphix.com/jquery-modalContent/jquery-modalContent.js
CVS Commit:
Commit #156918 by merlinofchaos at 22:22
Chaos tool suite: /modules/ctools/js/mc.js 1.1
Chaos tool suite: /modules/ctools/js/dimensions.js 1.1
------------------------------------------------------------------------------------
Smarty theme engine (http://drupal.org/project/smarty)
Problem: This contains non-GPLv2 code as well as 3rd party code. The 3rd party code in question is released under the LGPLv2, it's probably compatible, but hey I'm not a lawyer.
List of offending files:
function.assign_adv.php
3rd Party website to download these files:
http://smarty.incutio.com/?page=AdvancedAssignPlugin
CVS Commit:
Commit #17742 by tclineks at 06:11
Smarty theme engine: /theme-engines/smarty/plugins/function.assign_adv.php 1.1
------------------------------------------------------------------------------------
JQuery Update (http://drupal.org/project/jquery_update) We've all heard of this one, but hey, it has 3rd party code in it just the same
Problem: Has 3rd party code in it.
List of offending files:
farbtastic.js
jquery.js
jquery.min.js
jquery.packed.js
3rd party website to download these files:
http://acko.net/dev/farbtastic
http://jqueryjs.googlecode.com/files
CVS Commit
Commit #127834 by sun at 01:35
jQuery Update: /modules/jquery_update/CHANGELOG.txt 1.1.2.4 @ DRUPAL-5--2
jQuery Update: /modules/jquery_update/misc/farbtastic/farbtastic.js 1.1.2.1 @ DRUPAL-5--2
#156221 by mfer: Added jQuery 1.2.6 compatible replacement for farbtastic.js.
------------------------------------------------------------------------------------
#translatable (http://drupal.org/project/translatable)
Problem: This project contains also contains Dual Licensed code as well as 3rd Party Code. The dual license is MIT/GPLv1, I doubt there is a problem there, but dual licensing is a sticky subject.
List of offending files:
jquery.block.js
3rd party website to download these files:
http://www.malsup.com/jquery/block/#download
CVS Commit:
Commit #101437 by sun at 05:22
#translatable: /modules/translatable/jquery.block.js 1.1
Comments
Comment #1
chx CreditAttribution: chx commentedThanks for helping cleaning out the Drupal CVS. We will bring the respective authors' attention to the listed files. I read "#156221 by mfer: Added jQuery 1.2.6 compatible replacement for farbtastic.js." so it's a significant change to farbtastic so unless there is a specific equal version to it (somewhat doubt) then we need this.
Comment #2
webchickIn defense of jQuery Update, it's a replacement for the core jquery.js, which we already distribute from Drupal.org. I therefore think it's acceptable for it to break the rule and distribute jquery*.js in this instance, but am not overly fussed about it.
Comment #3
Dave ReidSide note that anyone who hasn't seen it should read the original issue at hand: #417680: Rokbox module: External libraries committed into CVS.
crystaldawn, there are obviously obvious violations of the CVS policy, and there are grey/cloudy cases, most of which you have posted here and warrant a rational, informative discussion about external code in CVS.
Comment #4
crystaldawn CreditAttribution: crystaldawn commentedThis issue is not about the previous one. The issue here are these existing sites, but since you posted the link to it, I might as well tell you what my purpose for doing this is.
I'd like to see how this particular issue (the sites I listed) is handled. Are they unpublished like mine, or just swept under the rug and ignored, or are they given more than an hour or so after being notified to remove the files before they are unpublished. I'm interested to see how it plays out, because however THESE are handled, I will then request that mine be handled in the exact same manor.
Rules are rules right? Break'm and you get unpublished. Hey, I got handed an unpublish about 40 minutes after I was told there was a problem. So I assume the same will happen with these projects. maybe an hour after they are emailed, if nothing has been done, they get unpublished right. Yea, I thought not. So the only conclusion left was that they unpublished mine because they either had personal vindictive reasons or are somehow biased towards the others. Both of which are not suppose to exist in the 'community' and I assume you are here to defend them since you are a friend of theirs or whatever.
How would I like to see these handled? The correct way. We dont go around unpublishing things just because they have files we think should be deleted. No. Instead we give them a few DAYS maybe even weeks to remove them. Not 40, 60, even 300 minutes. Most projects will need to find a way to deal with those files being gone. Like creating new install instructions or maybe setting configs differently, whatever. There is more to it than simply nuking the files in most cases (including my own).
Comment #5
crystaldawn CreditAttribution: crystaldawn commentedFor jquery_update: I agree, it should be an excpetion, but these are clearly 3rd party apps that can be downloaded. The current policy makes no exceptions for anyone is what I've been told by some.
Comment #6
chx CreditAttribution: chx commentedcrystaldawn, this is the last warning: back down. Do not throw accusations, lies and half thruths around or face banning from drupal.org.
If we want to discuss files, that's a relevant and important discussion.
Comment #7
Gerhard Killesreiter CreditAttribution: Gerhard Killesreiter commentedLet me summarize the actual policy for 3rd party libs in our CVS.
1) in general 3rd party libs are forbidden.
2) they are even more forbidden if they aren't licensed under GPL (_and_ cannot be relicensed under GPL)
3) Exceptions can be made if the 3rd party lib
a) had to be modified to work with Drupal and this modifications wasn't accepted by the original author
b) is generally difficult to find in the needed version. This is or maybe rather was true for many jQuery plugins.
c) is no longer maintained by the original author
Please review the provided list according to this and contact the authors if any plugins need removing.
Comment #8
Damien Tournoud CreditAttribution: Damien Tournoud commentedIn #417680: Rokbox module: External libraries committed into CVS, you *actively* refused to remove those files, you never asked for time to do so. In your first reply, you marked the issue as "fixed", while not having done anything. In your second reply, you set it to "by design", and actively refused to comply, violently attacking another member of the community.
Improve your attitude towards people, and the attitude of people towards you will improve.
Comment #9
chx CreditAttribution: chx commentedI think #7 should be moved to the handbook. I agree that if a given file can only be found by checking it from some cvs that's beyond the reach of the general Drupal population.
Comment #10
greggles@chx - see Why drupal.org doesn't host GPL-"compatible" code which covers most of that.
Comment #11
crystaldawn CreditAttribution: crystaldawn commentedDoes this include the LGPL? There could be a lot of very very popular modules that would be in my opinion unnecessarily difficult to install for non-technical users if some of their libs were pulled because of that. By non-technical, I mean they cant even figure out how to download a lib and include it. Just enabling a module can be a lot of work for them.
#7 told me everything I needed to know. I was right by marking it to by design according to #7. If you had DLd the rokbox from the rokbox site, it would not have worked because i had slightly modified the default install. Go ahead and try it, see what happens.
Comment #12
crystaldawn CreditAttribution: crystaldawn commentedO heres another question sort of related to all this. Is is fine to have your module do the actual DL of 3rd party libs itself and store them in the DB as blob files? This is one of the work arounds I was thinking of earlier.
Comment #13
merlinofchaos CreditAttribution: merlinofchaos commentedcrystaldawn: By involving my module and my commits (ctools) in your discussion even though I had nothing to do with any of this, you have engendered even more antipathy toward yourself. For what it's worth, the presence of these files has already been dealt with by the drupal.org staff.
You seem to consistently miss the fact that it was not the files that got it unpublished, it was your refusal to do anything about it and offering either no or very hollow explanations. If you think this is acceptable, you are simply wrong.
You further went on to attack a drupal.org administrator, calling him a troll. Given what sun has contributed to the Drupal project, and how incredibly helpful he has been to many in the community, these attacks paint you in a particularly poor light.
In my opinion, you are consistently displaying an attitude that is not acceptable around drupal.org. Your efforts must turn toward the polite and the cooperative if you expect to actually resolve the issue, and if they remain aggressive and rude, this kind of behavior tends to get banned rather quickly here. Tread lightly, crystaldawn. You are making more enemies than friends here.
Comment #14
chx CreditAttribution: chx commented@all we already read the riot act to crystaldawn let's discuss files here...
Comment #15
crystaldawn CreditAttribution: crystaldawn commentedMerlinofChaos: What is the link to the issue that deals with these files? That link could possibly be used to check your files off the list. I tried a search, but nothing of any interest came up.
Comment #16
merlinofchaos CreditAttribution: merlinofchaos commentedIt was dealt with privately by the Drupal Association after a complaint was sent directly to them. mc.js fits both the modified and no longer available clauses, and that version of dimensions.js is also no longer available. Newer versions are but they are for newer versions of jquery.
That said, it's also not your business.
Comment #17
chx CreditAttribution: chx commentedDo we need to provide a list of files dealt with? Add a note to CVS? Something?
Comment #18
pwolanin CreditAttribution: pwolanin commentedAdded to the handbook: http://drupal.org/node/422996
Please review that and the cross-linked FAQ page.
Comment #19
apadernoI am cleaning up the queue. Is there anything that needs to be done about this?
Comment #20
pwolanin CreditAttribution: pwolanin commentedI just rolled a comment in on the linked handbook page. I left the original comment unpublished - feel free to delete if desired.
Comment #21
fgmIt might make sense to move http://drupal.org/node/66113 from the CVS FAQ to the same "Usage policy" book chapter as http://drupal.org/node/422996 since the topics are intimately related.
Comment #22
apadernoI guess it has been placed under CVS FAQ because it was a frequently asked question.
It should be possible to move that page to a different chapter (as it should be possible to do with the other pages listed under CVS FAQ), but IMO it makes more sense to leave it where it is.
Comment #23
silverwing CreditAttribution: silverwing commentedMarking as Fixed.
As for #22 - as new CVS applicants go through a vetting, they'll be told if their code is GPL/appropiate - older users should know this or find out the hard way.
Comment #25
gisle