{"type":"doc","content":[{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","marks":[{"type":"italic"},{"type":"size","attrs":{"size":10}},{"type":"strong"}],"text":"本文最初發表於 The Register,經原作者 Thomas Claburn 授權,InfoQ 中文站翻譯並分享。"}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null}},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","text":"3月31日,軟件庫shared-mime-info 的維護者 Bastien Nocera 通知了 Ruby 庫- mimemagic的維護者 Daniel Mendler,該庫包含了 Nocera 的代碼,而它使用了一種不兼容的軟件許可來發布 mimemagic。"}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null}},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","text":"shared-mime-info 庫已經在"},{"type":"link","attrs":{"href":"https:\/\/www.gnu.org\/licenses\/old-licenses\/gpl-2.0.html?fileGuid=zLXj22ubrogiy5ah","title":"","type":null},"content":[{"type":"text","text":"GPLv2"}]},{"type":"text","text":"下獲得許可,而 mimemagic 被列爲"},{"type":"link","attrs":{"href":"https:\/\/opensource.org\/licenses\/MIT?fileGuid=zLXj22ubrogiy5ah","title":"","type":null},"content":[{"type":"text","text":"MIT"}]},{"type":"text","text":"許可項目。"}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null}},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","text":"“使用一個 GPL 文件作爲源文件,會讓你的整個代碼庫成爲一個衍生作品,使其全部成爲 GPL,因此,我認爲在有人將它用於純 MIT 代碼庫或閉源應用之前,先解決這個問題,非常重要。”Nocera 在一個"},{"type":"link","attrs":{"href":"https:\/\/github.com\/minad\/mimemagic\/issues\/97?fileGuid=zLXj22ubrogiy5ah","title":"","type":null},"content":[{"type":"text","text":"Issues 帖子"}]},{"type":"text","text":"中寫道。"}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null}},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","text":"“現在迫切需要把 GPL 頭重新添加到 shared-mime-info XML 文件。這是 tarball 發行版中用於合併轉換的工具的一部分,但是在同一文件的 .in 版本中可見。”"}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null}},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","text":"Mendler 感謝 Nocera 的通知,並立即將最新版本 0.4.0 和 0.3.6"},{"type":"link","attrs":{"href":"https:\/\/github.com\/minad\/mimemagic\/commit\/c0f7b6b21a192629839db87612794d08f9ff7e88?fileGuid=zLXj22ubrogiy5ah","title":"","type":null},"content":[{"type":"text","text":"移至 GPLv2 下"}]},{"type":"text","text":",同時撤銷了之前發佈在 RubyGems.org 上的版本,rubygems 是 Ruby 開發者所用的軟件包註冊表。然後他將"},{"type":"link","attrs":{"href":"https:\/\/github.com\/minad\/mimemagic?fileGuid=zLXj22ubrogiy5ah","title":"","type":null},"content":[{"type":"text","text":"mimemagic 的 GitHub repo"}]},{"type":"text","text":"存檔,這意味着它不再被積極地開發了。"}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null}},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","text":"遺憾的是,這一舉動"},{"type":"link","attrs":{"href":"https:\/\/github.com\/minad\/mimemagic\/issues\/98?fileGuid=zLXj22ubrogiy5ah","title":"","type":null},"content":[{"type":"text","text":"破壞"}]},{"type":"text","text":"了 Ruby on Rails 這個流行的 Web 開發框架,它包含了 mimemagic 0.3.5 作爲依賴項。這也"},{"type":"link","attrs":{"href":"https:\/\/github.com\/minad\/mimemagic\/network\/dependents?package_id=UGFja2FnZS0xMDYyMDY=&fileGuid=zLXj22ubrogiy5ah","title":"","type":null},"content":[{"type":"text","text":"影響"}]},{"type":"text","text":"了其他 172 個軟件包,其中包含了 577148 個不同的軟件庫。"}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null}},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","text":"並不是所有這些項目都會立即受到影響,但是,如果不實現依賴性緩存,任何從 RubyGems.org 獲取已撤回版本的 mimemagic 的構建過程都將失敗。"}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null}},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","text":"包含 mimemagic 的軟件項目現在必須考慮包含 GPLv2 許可代碼的影響,在某些情況下這可能是不能接受的。假如這樣做在法律上和實踐上可行,他們可以切換到 0.3.6 或 0.4.0 版本的庫。"}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null}},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","text":"諸如由英國政府商業、能源和工業戰略部運營的"},{"type":"link","attrs":{"href":"https:\/\/github.com\/UKGovernmentBEIS\/beis-report-official-development-assistance\/pull\/1015?fileGuid=zLXj22ubrogiy5ah","title":"","type":null},"content":[{"type":"text","text":"Web 應用"}]},{"type":"text","text":"、"},{"type":"link","attrs":{"href":"https:\/\/github.com\/filestack\/filestack-ruby\/issues\/77?fileGuid=zLXj22ubrogiy5ah","title":"","type":null},"content":[{"type":"text","text":"FileStack CMS 的 Ruby SDK"}]},{"type":"text","text":"、基於 Rails 的可標記圖片應用"},{"type":"link","attrs":{"href":"https:\/\/github.com\/danbooru\/danbooru\/issues\/4776?fileGuid=zLXj22ubrogiy5ah","title":"","type":null},"content":[{"type":"text","text":"Danbooru"}]},{"type":"text","text":"等項目,都在考慮如何解決這一問題,這讓人想起了 2016 年的"},{"type":"link","attrs":{"href":"https:\/\/www.theregister.com\/2016\/03\/23\/npm_left_pad_chaos\/?fileGuid=zLXj22ubrogiy5ah","title":"","type":null},"content":[{"type":"text","text":"Left-Pad 事件"}]},{"type":"text","text":"。"}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null}},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","text":"因爲 mimemagic 主要是"},{"type":"link","attrs":{"href":"https:\/\/github.com\/minad\/mimemagic\/blob\/master\/lib\/mimemagic\/tables.rb?fileGuid=zLXj22ubrogiy5ah","title":"","type":null},"content":[{"type":"text","text":"一個 mime 類型數據映射的數據庫"}]},{"type":"text","text":",所以 Rails 團隊正在考慮"},{"type":"link","attrs":{"href":"https:\/\/github.com\/rails\/rails\/issues\/41750#issuecomment-805977682?fileGuid=zLXj22ubrogiy5ah","title":"","type":null},"content":[{"type":"text","text":"其他選擇"}]},{"type":"text","text":",包括 2-clause BSD 授權的"},{"type":"link","attrs":{"href":"https:\/\/man7.org\/linux\/man-pages\/man3\/libmagic.3.html?fileGuid=zLXj22ubrogiy5ah","title":"","type":null},"content":[{"type":"text","text":"libmagic"}]},{"type":"text","text":"或 mime 數據的 Ruby 轉換。但是,要達到這個目標,還有很多事情要做。"}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null}},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","text":"至於其他人,Shopify 應用製造商 ASoft 的創始人"},{"type":"link","attrs":{"href":"https:\/\/github.com\/sergey-alekseev?fileGuid=zLXj22ubrogiy5ah","title":"","type":null},"content":[{"type":"text","text":"Sergey Alekseev"}]},{"type":"text","text":"要求 Mendler"},{"type":"link","attrs":{"href":"https:\/\/github.com\/rails\/rails\/issues\/41750#issuecomment-805831354?fileGuid=zLXj22ubrogiy5ah","title":"","type":null},"content":[{"type":"text","text":"保持 mimemagic repo 的活動狀態"}]},{"type":"text","text":",這樣其他受影響的項目就可以在這裏討論它們的選擇。"}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null}},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","text":"但是 Mendler 並"},{"type":"link","attrs":{"href":"https:\/\/github.com\/rails\/rails\/issues\/41750#issuecomment-805834045?fileGuid=zLXj22ubrogiy5ah","title":"","type":null},"content":[{"type":"text","text":"不同意"}]},{"type":"text","text":",他說:“Rails 的依賴關係無疑是影響最大的。要是我們能找到一個適合 Rails 的解決方案,並得到 Rails 團隊的認可,那就更好了。”"}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null}},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","text":"開源許可顧問 Paul Berg 在一封電子郵件中對 The Register 表示,儘管目前形勢艱難,但是似乎相關開發人員已經做好了準備。"}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null}},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","text":"“因爲依賴的 mimemagic 庫的維護者發現它包含 GPL 代碼,他們就轉而採用了 GPL 許可。”他說,“令人欽佩的是,一旦發現問題,他們就會做出反應,而不是對此保持沉默,讓問題繼續存在下去。”"}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null}},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","text":"“然而,這確實給 Rails 帶來了一個重大問題,”Berg 說。“Rails 廣泛用於 MIT 許可下的應用,MIT 許可是一種允許性許可。因爲很多應用程序是使用 Rails 編寫的,假定這些應用程序不受 GPL 版權保護,所以很有可能其中很多應用程序不符合 GPL 條款,因爲它們在部署時沒有考慮到這些條款。”"}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null}},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","text":"“所以,將 Rails 重新許可給 GPL,使 Rails 符合要求,這對成千上萬的團隊來說,很可能是一個巨大的變化,實際上不是一個可行的解決方案。遺憾的是,其他解決方案很可能並不容易。”"}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null}},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","text":"Berg 表示,mimemagic 可以嘗試替換 GPL 部分代碼,並保留其 MIT 許可。他說,另一個選擇是 Rails 完全取代 mimemagic,前提是存在合適的替代方案。"}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null}},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","text":"“不管怎樣,由於 Rails 的普及,它在行業中的重要性不言而喻,解決這一問題在短期內可能不會是一件小事。”他說。“我並不羨慕他們的處境。”"}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null}},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","text":"“這就解釋了當你引入所有的依賴性和重用代碼時,爲什麼一定要認真地列出它們,並努力確保這些依賴性的許可與你的意圖相一致。這一點非常重要。”"}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null}},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","marks":[{"type":"strong"}],"text":"最新情況"},{"type":"text","text":":4月1日,mimemagic 更新到了 v0.4.1,恢復了 MIT 許可,並刪除了 GPL 覆蓋的代碼:theFreedesktop.org 共享的 Mime Types 數據庫。現在用戶必須自己提供。0.3.6 和 4.0 版本已經廢除,這讓很多人感到很沮喪。"}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null}},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","marks":[{"type":"strong"}],"text":"作者介紹:"}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null}},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","text":"Thomas Claburn,居住在舊金山灣區,負責 The Register 的軟件開發、DevOps、計算機安全等欄目。"}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null}},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","marks":[{"type":"strong"}],"text":"原文鏈接:"}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null}},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"link","attrs":{"href":"https:\/\/www.theregister.com\/2021\/03\/25\/ruby_rails_code?fileGuid=zLXj22ubrogiy5ah","title":"","type":null},"content":[{"type":"text","text":"https:\/\/www.theregister.com\/2021\/03\/25\/ruby_rails_code"}]}]}]}
Ruby大“翻車”:代碼庫因許可證失誤被下架,致50 萬個項目陷入混亂
{"type":"doc","content":[{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","marks":[{"type":"italic"},{"type":"size","attrs":{"size":10}},{"type":"strong"}],"text":"本文最初發表於 The Register,經原作者 Thomas Claburn 授權,InfoQ 中文站翻譯並分享。"}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null}},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","text":"3月31日,軟件庫shared-mime-info 的維護者 Bastien Nocera 通知了 Ruby 庫- mimemagic的維護者 Daniel Mendler,該庫包含了 Nocera 的代碼,而它使用了一種不兼容的軟件許可來發布 mimemagic。"}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null}},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","text":"shared-mime-info 庫已經在"},{"type":"link","attrs":{"href":"https:\/\/www.gnu.org\/licenses\/old-licenses\/gpl-2.0.html?fileGuid=zLXj22ubrogiy5ah","title":"","type":null},"content":[{"type":"text","text":"GPLv2"}]},{"type":"text","text":"下獲得許可,而 mimemagic 被列爲"},{"type":"link","attrs":{"href":"https:\/\/opensource.org\/licenses\/MIT?fileGuid=zLXj22ubrogiy5ah","title":"","type":null},"content":[{"type":"text","text":"MIT"}]},{"type":"text","text":"許可項目。"}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null}},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","text":"“使用一個 GPL 文件作爲源文件,會讓你的整個代碼庫成爲一個衍生作品,使其全部成爲 GPL,因此,我認爲在有人將它用於純 MIT 代碼庫或閉源應用之前,先解決這個問題,非常重要。”Nocera 在一個"},{"type":"link","attrs":{"href":"https:\/\/github.com\/minad\/mimemagic\/issues\/97?fileGuid=zLXj22ubrogiy5ah","title":"","type":null},"content":[{"type":"text","text":"Issues 帖子"}]},{"type":"text","text":"中寫道。"}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null}},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","text":"“現在迫切需要把 GPL 頭重新添加到 shared-mime-info XML 文件。這是 tarball 發行版中用於合併轉換的工具的一部分,但是在同一文件的 .in 版本中可見。”"}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null}},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","text":"Mendler 感謝 Nocera 的通知,並立即將最新版本 0.4.0 和 0.3.6"},{"type":"link","attrs":{"href":"https:\/\/github.com\/minad\/mimemagic\/commit\/c0f7b6b21a192629839db87612794d08f9ff7e88?fileGuid=zLXj22ubrogiy5ah","title":"","type":null},"content":[{"type":"text","text":"移至 GPLv2 下"}]},{"type":"text","text":",同時撤銷了之前發佈在 RubyGems.org 上的版本,rubygems 是 Ruby 開發者所用的軟件包註冊表。然後他將"},{"type":"link","attrs":{"href":"https:\/\/github.com\/minad\/mimemagic?fileGuid=zLXj22ubrogiy5ah","title":"","type":null},"content":[{"type":"text","text":"mimemagic 的 GitHub repo"}]},{"type":"text","text":"存檔,這意味着它不再被積極地開發了。"}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null}},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","text":"遺憾的是,這一舉動"},{"type":"link","attrs":{"href":"https:\/\/github.com\/minad\/mimemagic\/issues\/98?fileGuid=zLXj22ubrogiy5ah","title":"","type":null},"content":[{"type":"text","text":"破壞"}]},{"type":"text","text":"了 Ruby on Rails 這個流行的 Web 開發框架,它包含了 mimemagic 0.3.5 作爲依賴項。這也"},{"type":"link","attrs":{"href":"https:\/\/github.com\/minad\/mimemagic\/network\/dependents?package_id=UGFja2FnZS0xMDYyMDY=&fileGuid=zLXj22ubrogiy5ah","title":"","type":null},"content":[{"type":"text","text":"影響"}]},{"type":"text","text":"了其他 172 個軟件包,其中包含了 577148 個不同的軟件庫。"}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null}},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","text":"並不是所有這些項目都會立即受到影響,但是,如果不實現依賴性緩存,任何從 RubyGems.org 獲取已撤回版本的 mimemagic 的構建過程都將失敗。"}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null}},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","text":"包含 mimemagic 的軟件項目現在必須考慮包含 GPLv2 許可代碼的影響,在某些情況下這可能是不能接受的。假如這樣做在法律上和實踐上可行,他們可以切換到 0.3.6 或 0.4.0 版本的庫。"}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null}},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","text":"諸如由英國政府商業、能源和工業戰略部運營的"},{"type":"link","attrs":{"href":"https:\/\/github.com\/UKGovernmentBEIS\/beis-report-official-development-assistance\/pull\/1015?fileGuid=zLXj22ubrogiy5ah","title":"","type":null},"content":[{"type":"text","text":"Web 應用"}]},{"type":"text","text":"、"},{"type":"link","attrs":{"href":"https:\/\/github.com\/filestack\/filestack-ruby\/issues\/77?fileGuid=zLXj22ubrogiy5ah","title":"","type":null},"content":[{"type":"text","text":"FileStack CMS 的 Ruby SDK"}]},{"type":"text","text":"、基於 Rails 的可標記圖片應用"},{"type":"link","attrs":{"href":"https:\/\/github.com\/danbooru\/danbooru\/issues\/4776?fileGuid=zLXj22ubrogiy5ah","title":"","type":null},"content":[{"type":"text","text":"Danbooru"}]},{"type":"text","text":"等項目,都在考慮如何解決這一問題,這讓人想起了 2016 年的"},{"type":"link","attrs":{"href":"https:\/\/www.theregister.com\/2016\/03\/23\/npm_left_pad_chaos\/?fileGuid=zLXj22ubrogiy5ah","title":"","type":null},"content":[{"type":"text","text":"Left-Pad 事件"}]},{"type":"text","text":"。"}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null}},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","text":"因爲 mimemagic 主要是"},{"type":"link","attrs":{"href":"https:\/\/github.com\/minad\/mimemagic\/blob\/master\/lib\/mimemagic\/tables.rb?fileGuid=zLXj22ubrogiy5ah","title":"","type":null},"content":[{"type":"text","text":"一個 mime 類型數據映射的數據庫"}]},{"type":"text","text":",所以 Rails 團隊正在考慮"},{"type":"link","attrs":{"href":"https:\/\/github.com\/rails\/rails\/issues\/41750#issuecomment-805977682?fileGuid=zLXj22ubrogiy5ah","title":"","type":null},"content":[{"type":"text","text":"其他選擇"}]},{"type":"text","text":",包括 2-clause BSD 授權的"},{"type":"link","attrs":{"href":"https:\/\/man7.org\/linux\/man-pages\/man3\/libmagic.3.html?fileGuid=zLXj22ubrogiy5ah","title":"","type":null},"content":[{"type":"text","text":"libmagic"}]},{"type":"text","text":"或 mime 數據的 Ruby 轉換。但是,要達到這個目標,還有很多事情要做。"}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null}},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","text":"至於其他人,Shopify 應用製造商 ASoft 的創始人"},{"type":"link","attrs":{"href":"https:\/\/github.com\/sergey-alekseev?fileGuid=zLXj22ubrogiy5ah","title":"","type":null},"content":[{"type":"text","text":"Sergey Alekseev"}]},{"type":"text","text":"要求 Mendler"},{"type":"link","attrs":{"href":"https:\/\/github.com\/rails\/rails\/issues\/41750#issuecomment-805831354?fileGuid=zLXj22ubrogiy5ah","title":"","type":null},"content":[{"type":"text","text":"保持 mimemagic repo 的活動狀態"}]},{"type":"text","text":",這樣其他受影響的項目就可以在這裏討論它們的選擇。"}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null}},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","text":"但是 Mendler 並"},{"type":"link","attrs":{"href":"https:\/\/github.com\/rails\/rails\/issues\/41750#issuecomment-805834045?fileGuid=zLXj22ubrogiy5ah","title":"","type":null},"content":[{"type":"text","text":"不同意"}]},{"type":"text","text":",他說:“Rails 的依賴關係無疑是影響最大的。要是我們能找到一個適合 Rails 的解決方案,並得到 Rails 團隊的認可,那就更好了。”"}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null}},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","text":"開源許可顧問 Paul Berg 在一封電子郵件中對 The Register 表示,儘管目前形勢艱難,但是似乎相關開發人員已經做好了準備。"}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null}},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","text":"“因爲依賴的 mimemagic 庫的維護者發現它包含 GPL 代碼,他們就轉而採用了 GPL 許可。”他說,“令人欽佩的是,一旦發現問題,他們就會做出反應,而不是對此保持沉默,讓問題繼續存在下去。”"}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null}},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","text":"“然而,這確實給 Rails 帶來了一個重大問題,”Berg 說。“Rails 廣泛用於 MIT 許可下的應用,MIT 許可是一種允許性許可。因爲很多應用程序是使用 Rails 編寫的,假定這些應用程序不受 GPL 版權保護,所以很有可能其中很多應用程序不符合 GPL 條款,因爲它們在部署時沒有考慮到這些條款。”"}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null}},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","text":"“所以,將 Rails 重新許可給 GPL,使 Rails 符合要求,這對成千上萬的團隊來說,很可能是一個巨大的變化,實際上不是一個可行的解決方案。遺憾的是,其他解決方案很可能並不容易。”"}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null}},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","text":"Berg 表示,mimemagic 可以嘗試替換 GPL 部分代碼,並保留其 MIT 許可。他說,另一個選擇是 Rails 完全取代 mimemagic,前提是存在合適的替代方案。"}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null}},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","text":"“不管怎樣,由於 Rails 的普及,它在行業中的重要性不言而喻,解決這一問題在短期內可能不會是一件小事。”他說。“我並不羨慕他們的處境。”"}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null}},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","text":"“這就解釋了當你引入所有的依賴性和重用代碼時,爲什麼一定要認真地列出它們,並努力確保這些依賴性的許可與你的意圖相一致。這一點非常重要。”"}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null}},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","marks":[{"type":"strong"}],"text":"最新情況"},{"type":"text","text":":4月1日,mimemagic 更新到了 v0.4.1,恢復了 MIT 許可,並刪除了 GPL 覆蓋的代碼:theFreedesktop.org 共享的 Mime Types 數據庫。現在用戶必須自己提供。0.3.6 和 4.0 版本已經廢除,這讓很多人感到很沮喪。"}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null}},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","marks":[{"type":"strong"}],"text":"作者介紹:"}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null}},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","text":"Thomas Claburn,居住在舊金山灣區,負責 The Register 的軟件開發、DevOps、計算機安全等欄目。"}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null}},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","marks":[{"type":"strong"}],"text":"原文鏈接:"}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null}},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"link","attrs":{"href":"https:\/\/www.theregister.com\/2021\/03\/25\/ruby_rails_code?fileGuid=zLXj22ubrogiy5ah","title":"","type":null},"content":[{"type":"text","text":"https:\/\/www.theregister.com\/2021\/03\/25\/ruby_rails_code"}]}]}]}
發表評論
所有評論
還沒有人評論,想成為第一個評論的人麼? 請在上方評論欄輸入並且點擊發布.