{"type":"doc","content":[{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","marks":[{"type":"italic"},{"type":"size","attrs":{"size":10}},{"type":"strong"}],"text":"本文最初发表于 The Register,经原作者 Thomas Claburn 授权,InfoQ 中文站翻译并分享。"}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null}},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","text":"3月31日,软件库shared-mime-info 的维护者 Bastien Nocera 通知了 Ruby 库- mimemagic的维护者 Daniel Mendler,该库包含了 Nocera 的代码,而它使用了一种不兼容的软件许可来发布 mimemagic。"}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null}},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","text":"shared-mime-info 库已经在"},{"type":"link","attrs":{"href":"https:\/\/www.gnu.org\/licenses\/old-licenses\/gpl-2.0.html?fileGuid=zLXj22ubrogiy5ah","title":"","type":null},"content":[{"type":"text","text":"GPLv2"}]},{"type":"text","text":"下获得许可,而 mimemagic 被列为"},{"type":"link","attrs":{"href":"https:\/\/opensource.org\/licenses\/MIT?fileGuid=zLXj22ubrogiy5ah","title":"","type":null},"content":[{"type":"text","text":"MIT"}]},{"type":"text","text":"许可项目。"}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null}},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","text":"“使用一个 GPL 文件作为源文件,会让你的整个代码库成为一个衍生作品,使其全部成为 GPL,因此,我认为在有人将它用于纯 MIT 代码库或闭源应用之前,先解决这个问题,非常重要。”Nocera 在一个"},{"type":"link","attrs":{"href":"https:\/\/github.com\/minad\/mimemagic\/issues\/97?fileGuid=zLXj22ubrogiy5ah","title":"","type":null},"content":[{"type":"text","text":"Issues 帖子"}]},{"type":"text","text":"中写道。"}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null}},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","text":"“现在迫切需要把 GPL 头重新添加到 shared-mime-info XML 文件。这是 tarball 发行版中用于合并转换的工具的一部分,但是在同一文件的 .in 版本中可见。”"}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null}},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","text":"Mendler 感谢 Nocera 的通知,并立即将最新版本 0.4.0 和 0.3.6"},{"type":"link","attrs":{"href":"https:\/\/github.com\/minad\/mimemagic\/commit\/c0f7b6b21a192629839db87612794d08f9ff7e88?fileGuid=zLXj22ubrogiy5ah","title":"","type":null},"content":[{"type":"text","text":"移至 GPLv2 下"}]},{"type":"text","text":",同时撤销了之前发布在 RubyGems.org 上的版本,rubygems 是 Ruby 开发者所用的软件包注册表。然后他将"},{"type":"link","attrs":{"href":"https:\/\/github.com\/minad\/mimemagic?fileGuid=zLXj22ubrogiy5ah","title":"","type":null},"content":[{"type":"text","text":"mimemagic 的 GitHub repo"}]},{"type":"text","text":"存档,这意味着它不再被积极地开发了。"}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null}},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","text":"遗憾的是,这一举动"},{"type":"link","attrs":{"href":"https:\/\/github.com\/minad\/mimemagic\/issues\/98?fileGuid=zLXj22ubrogiy5ah","title":"","type":null},"content":[{"type":"text","text":"破坏"}]},{"type":"text","text":"了 Ruby on Rails 这个流行的 Web 开发框架,它包含了 mimemagic 0.3.5 作为依赖项。这也"},{"type":"link","attrs":{"href":"https:\/\/github.com\/minad\/mimemagic\/network\/dependents?package_id=UGFja2FnZS0xMDYyMDY=&fileGuid=zLXj22ubrogiy5ah","title":"","type":null},"content":[{"type":"text","text":"影响"}]},{"type":"text","text":"了其他 172 个软件包,其中包含了 577148 个不同的软件库。"}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null}},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","text":"并不是所有这些项目都会立即受到影响,但是,如果不实现依赖性缓存,任何从 RubyGems.org 获取已撤回版本的 mimemagic 的构建过程都将失败。"}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null}},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","text":"包含 mimemagic 的软件项目现在必须考虑包含 GPLv2 许可代码的影响,在某些情况下这可能是不能接受的。假如这样做在法律上和实践上可行,他们可以切换到 0.3.6 或 0.4.0 版本的库。"}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null}},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","text":"诸如由英国政府商业、能源和工业战略部运营的"},{"type":"link","attrs":{"href":"https:\/\/github.com\/UKGovernmentBEIS\/beis-report-official-development-assistance\/pull\/1015?fileGuid=zLXj22ubrogiy5ah","title":"","type":null},"content":[{"type":"text","text":"Web 应用"}]},{"type":"text","text":"、"},{"type":"link","attrs":{"href":"https:\/\/github.com\/filestack\/filestack-ruby\/issues\/77?fileGuid=zLXj22ubrogiy5ah","title":"","type":null},"content":[{"type":"text","text":"FileStack CMS 的 Ruby SDK"}]},{"type":"text","text":"、基于 Rails 的可标记图片应用"},{"type":"link","attrs":{"href":"https:\/\/github.com\/danbooru\/danbooru\/issues\/4776?fileGuid=zLXj22ubrogiy5ah","title":"","type":null},"content":[{"type":"text","text":"Danbooru"}]},{"type":"text","text":"等项目,都在考虑如何解决这一问题,这让人想起了 2016 年的"},{"type":"link","attrs":{"href":"https:\/\/www.theregister.com\/2016\/03\/23\/npm_left_pad_chaos\/?fileGuid=zLXj22ubrogiy5ah","title":"","type":null},"content":[{"type":"text","text":"Left-Pad 事件"}]},{"type":"text","text":"。"}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null}},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","text":"因为 mimemagic 主要是"},{"type":"link","attrs":{"href":"https:\/\/github.com\/minad\/mimemagic\/blob\/master\/lib\/mimemagic\/tables.rb?fileGuid=zLXj22ubrogiy5ah","title":"","type":null},"content":[{"type":"text","text":"一个 mime 类型数据映射的数据库"}]},{"type":"text","text":",所以 Rails 团队正在考虑"},{"type":"link","attrs":{"href":"https:\/\/github.com\/rails\/rails\/issues\/41750#issuecomment-805977682?fileGuid=zLXj22ubrogiy5ah","title":"","type":null},"content":[{"type":"text","text":"其他选择"}]},{"type":"text","text":",包括 2-clause BSD 授权的"},{"type":"link","attrs":{"href":"https:\/\/man7.org\/linux\/man-pages\/man3\/libmagic.3.html?fileGuid=zLXj22ubrogiy5ah","title":"","type":null},"content":[{"type":"text","text":"libmagic"}]},{"type":"text","text":"或 mime 数据的 Ruby 转换。但是,要达到这个目标,还有很多事情要做。"}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null}},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","text":"至于其他人,Shopify 应用制造商 ASoft 的创始人"},{"type":"link","attrs":{"href":"https:\/\/github.com\/sergey-alekseev?fileGuid=zLXj22ubrogiy5ah","title":"","type":null},"content":[{"type":"text","text":"Sergey Alekseev"}]},{"type":"text","text":"要求 Mendler"},{"type":"link","attrs":{"href":"https:\/\/github.com\/rails\/rails\/issues\/41750#issuecomment-805831354?fileGuid=zLXj22ubrogiy5ah","title":"","type":null},"content":[{"type":"text","text":"保持 mimemagic repo 的活动状态"}]},{"type":"text","text":",这样其他受影响的项目就可以在这里讨论它们的选择。"}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null}},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","text":"但是 Mendler 并"},{"type":"link","attrs":{"href":"https:\/\/github.com\/rails\/rails\/issues\/41750#issuecomment-805834045?fileGuid=zLXj22ubrogiy5ah","title":"","type":null},"content":[{"type":"text","text":"不同意"}]},{"type":"text","text":",他说:“Rails 的依赖关系无疑是影响最大的。要是我们能找到一个适合 Rails 的解决方案,并得到 Rails 团队的认可,那就更好了。”"}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null}},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","text":"开源许可顾问 Paul Berg 在一封电子邮件中对 The Register 表示,尽管目前形势艰难,但是似乎相关开发人员已经做好了准备。"}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null}},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","text":"“因为依赖的 mimemagic 库的维护者发现它包含 GPL 代码,他们就转而采用了 GPL 许可。”他说,“令人钦佩的是,一旦发现问题,他们就会做出反应,而不是对此保持沉默,让问题继续存在下去。”"}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null}},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","text":"“然而,这确实给 Rails 带来了一个重大问题,”Berg 说。“Rails 广泛用于 MIT 许可下的应用,MIT 许可是一种允许性许可。因为很多应用程序是使用 Rails 编写的,假定这些应用程序不受 GPL 版权保护,所以很有可能其中很多应用程序不符合 GPL 条款,因为它们在部署时没有考虑到这些条款。”"}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null}},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","text":"“所以,将 Rails 重新许可给 GPL,使 Rails 符合要求,这对成千上万的团队来说,很可能是一个巨大的变化,实际上不是一个可行的解决方案。遗憾的是,其他解决方案很可能并不容易。”"}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null}},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","text":"Berg 表示,mimemagic 可以尝试替换 GPL 部分代码,并保留其 MIT 许可。他说,另一个选择是 Rails 完全取代 mimemagic,前提是存在合适的替代方案。"}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null}},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","text":"“不管怎样,由于 Rails 的普及,它在行业中的重要性不言而喻,解决这一问题在短期内可能不会是一件小事。”他说。“我并不羡慕他们的处境。”"}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null}},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","text":"“这就解释了当你引入所有的依赖性和重用代码时,为什么一定要认真地列出它们,并努力确保这些依赖性的许可与你的意图相一致。这一点非常重要。”"}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null}},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","marks":[{"type":"strong"}],"text":"最新情况"},{"type":"text","text":":4月1日,mimemagic 更新到了 v0.4.1,恢复了 MIT 许可,并删除了 GPL 覆盖的代码:theFreedesktop.org 共享的 Mime Types 数据库。现在用户必须自己提供。0.3.6 和 4.0 版本已经废除,这让很多人感到很沮丧。"}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null}},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","marks":[{"type":"strong"}],"text":"作者介绍:"}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null}},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","text":"Thomas Claburn,居住在旧金山湾区,负责 The Register 的软件开发、DevOps、计算机安全等栏目。"}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null}},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","marks":[{"type":"strong"}],"text":"原文链接:"}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null}},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"link","attrs":{"href":"https:\/\/www.theregister.com\/2021\/03\/25\/ruby_rails_code?fileGuid=zLXj22ubrogiy5ah","title":"","type":null},"content":[{"type":"text","text":"https:\/\/www.theregister.com\/2021\/03\/25\/ruby_rails_code"}]}]}]}
Ruby大“翻车”:代码库因许可证失误被下架,致50 万个项目陷入混乱
{"type":"doc","content":[{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","marks":[{"type":"italic"},{"type":"size","attrs":{"size":10}},{"type":"strong"}],"text":"本文最初发表于 The Register,经原作者 Thomas Claburn 授权,InfoQ 中文站翻译并分享。"}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null}},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","text":"3月31日,软件库shared-mime-info 的维护者 Bastien Nocera 通知了 Ruby 库- mimemagic的维护者 Daniel Mendler,该库包含了 Nocera 的代码,而它使用了一种不兼容的软件许可来发布 mimemagic。"}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null}},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","text":"shared-mime-info 库已经在"},{"type":"link","attrs":{"href":"https:\/\/www.gnu.org\/licenses\/old-licenses\/gpl-2.0.html?fileGuid=zLXj22ubrogiy5ah","title":"","type":null},"content":[{"type":"text","text":"GPLv2"}]},{"type":"text","text":"下获得许可,而 mimemagic 被列为"},{"type":"link","attrs":{"href":"https:\/\/opensource.org\/licenses\/MIT?fileGuid=zLXj22ubrogiy5ah","title":"","type":null},"content":[{"type":"text","text":"MIT"}]},{"type":"text","text":"许可项目。"}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null}},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","text":"“使用一个 GPL 文件作为源文件,会让你的整个代码库成为一个衍生作品,使其全部成为 GPL,因此,我认为在有人将它用于纯 MIT 代码库或闭源应用之前,先解决这个问题,非常重要。”Nocera 在一个"},{"type":"link","attrs":{"href":"https:\/\/github.com\/minad\/mimemagic\/issues\/97?fileGuid=zLXj22ubrogiy5ah","title":"","type":null},"content":[{"type":"text","text":"Issues 帖子"}]},{"type":"text","text":"中写道。"}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null}},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","text":"“现在迫切需要把 GPL 头重新添加到 shared-mime-info XML 文件。这是 tarball 发行版中用于合并转换的工具的一部分,但是在同一文件的 .in 版本中可见。”"}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null}},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","text":"Mendler 感谢 Nocera 的通知,并立即将最新版本 0.4.0 和 0.3.6"},{"type":"link","attrs":{"href":"https:\/\/github.com\/minad\/mimemagic\/commit\/c0f7b6b21a192629839db87612794d08f9ff7e88?fileGuid=zLXj22ubrogiy5ah","title":"","type":null},"content":[{"type":"text","text":"移至 GPLv2 下"}]},{"type":"text","text":",同时撤销了之前发布在 RubyGems.org 上的版本,rubygems 是 Ruby 开发者所用的软件包注册表。然后他将"},{"type":"link","attrs":{"href":"https:\/\/github.com\/minad\/mimemagic?fileGuid=zLXj22ubrogiy5ah","title":"","type":null},"content":[{"type":"text","text":"mimemagic 的 GitHub repo"}]},{"type":"text","text":"存档,这意味着它不再被积极地开发了。"}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null}},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","text":"遗憾的是,这一举动"},{"type":"link","attrs":{"href":"https:\/\/github.com\/minad\/mimemagic\/issues\/98?fileGuid=zLXj22ubrogiy5ah","title":"","type":null},"content":[{"type":"text","text":"破坏"}]},{"type":"text","text":"了 Ruby on Rails 这个流行的 Web 开发框架,它包含了 mimemagic 0.3.5 作为依赖项。这也"},{"type":"link","attrs":{"href":"https:\/\/github.com\/minad\/mimemagic\/network\/dependents?package_id=UGFja2FnZS0xMDYyMDY=&fileGuid=zLXj22ubrogiy5ah","title":"","type":null},"content":[{"type":"text","text":"影响"}]},{"type":"text","text":"了其他 172 个软件包,其中包含了 577148 个不同的软件库。"}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null}},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","text":"并不是所有这些项目都会立即受到影响,但是,如果不实现依赖性缓存,任何从 RubyGems.org 获取已撤回版本的 mimemagic 的构建过程都将失败。"}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null}},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","text":"包含 mimemagic 的软件项目现在必须考虑包含 GPLv2 许可代码的影响,在某些情况下这可能是不能接受的。假如这样做在法律上和实践上可行,他们可以切换到 0.3.6 或 0.4.0 版本的库。"}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null}},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","text":"诸如由英国政府商业、能源和工业战略部运营的"},{"type":"link","attrs":{"href":"https:\/\/github.com\/UKGovernmentBEIS\/beis-report-official-development-assistance\/pull\/1015?fileGuid=zLXj22ubrogiy5ah","title":"","type":null},"content":[{"type":"text","text":"Web 应用"}]},{"type":"text","text":"、"},{"type":"link","attrs":{"href":"https:\/\/github.com\/filestack\/filestack-ruby\/issues\/77?fileGuid=zLXj22ubrogiy5ah","title":"","type":null},"content":[{"type":"text","text":"FileStack CMS 的 Ruby SDK"}]},{"type":"text","text":"、基于 Rails 的可标记图片应用"},{"type":"link","attrs":{"href":"https:\/\/github.com\/danbooru\/danbooru\/issues\/4776?fileGuid=zLXj22ubrogiy5ah","title":"","type":null},"content":[{"type":"text","text":"Danbooru"}]},{"type":"text","text":"等项目,都在考虑如何解决这一问题,这让人想起了 2016 年的"},{"type":"link","attrs":{"href":"https:\/\/www.theregister.com\/2016\/03\/23\/npm_left_pad_chaos\/?fileGuid=zLXj22ubrogiy5ah","title":"","type":null},"content":[{"type":"text","text":"Left-Pad 事件"}]},{"type":"text","text":"。"}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null}},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","text":"因为 mimemagic 主要是"},{"type":"link","attrs":{"href":"https:\/\/github.com\/minad\/mimemagic\/blob\/master\/lib\/mimemagic\/tables.rb?fileGuid=zLXj22ubrogiy5ah","title":"","type":null},"content":[{"type":"text","text":"一个 mime 类型数据映射的数据库"}]},{"type":"text","text":",所以 Rails 团队正在考虑"},{"type":"link","attrs":{"href":"https:\/\/github.com\/rails\/rails\/issues\/41750#issuecomment-805977682?fileGuid=zLXj22ubrogiy5ah","title":"","type":null},"content":[{"type":"text","text":"其他选择"}]},{"type":"text","text":",包括 2-clause BSD 授权的"},{"type":"link","attrs":{"href":"https:\/\/man7.org\/linux\/man-pages\/man3\/libmagic.3.html?fileGuid=zLXj22ubrogiy5ah","title":"","type":null},"content":[{"type":"text","text":"libmagic"}]},{"type":"text","text":"或 mime 数据的 Ruby 转换。但是,要达到这个目标,还有很多事情要做。"}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null}},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","text":"至于其他人,Shopify 应用制造商 ASoft 的创始人"},{"type":"link","attrs":{"href":"https:\/\/github.com\/sergey-alekseev?fileGuid=zLXj22ubrogiy5ah","title":"","type":null},"content":[{"type":"text","text":"Sergey Alekseev"}]},{"type":"text","text":"要求 Mendler"},{"type":"link","attrs":{"href":"https:\/\/github.com\/rails\/rails\/issues\/41750#issuecomment-805831354?fileGuid=zLXj22ubrogiy5ah","title":"","type":null},"content":[{"type":"text","text":"保持 mimemagic repo 的活动状态"}]},{"type":"text","text":",这样其他受影响的项目就可以在这里讨论它们的选择。"}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null}},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","text":"但是 Mendler 并"},{"type":"link","attrs":{"href":"https:\/\/github.com\/rails\/rails\/issues\/41750#issuecomment-805834045?fileGuid=zLXj22ubrogiy5ah","title":"","type":null},"content":[{"type":"text","text":"不同意"}]},{"type":"text","text":",他说:“Rails 的依赖关系无疑是影响最大的。要是我们能找到一个适合 Rails 的解决方案,并得到 Rails 团队的认可,那就更好了。”"}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null}},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","text":"开源许可顾问 Paul Berg 在一封电子邮件中对 The Register 表示,尽管目前形势艰难,但是似乎相关开发人员已经做好了准备。"}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null}},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","text":"“因为依赖的 mimemagic 库的维护者发现它包含 GPL 代码,他们就转而采用了 GPL 许可。”他说,“令人钦佩的是,一旦发现问题,他们就会做出反应,而不是对此保持沉默,让问题继续存在下去。”"}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null}},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","text":"“然而,这确实给 Rails 带来了一个重大问题,”Berg 说。“Rails 广泛用于 MIT 许可下的应用,MIT 许可是一种允许性许可。因为很多应用程序是使用 Rails 编写的,假定这些应用程序不受 GPL 版权保护,所以很有可能其中很多应用程序不符合 GPL 条款,因为它们在部署时没有考虑到这些条款。”"}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null}},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","text":"“所以,将 Rails 重新许可给 GPL,使 Rails 符合要求,这对成千上万的团队来说,很可能是一个巨大的变化,实际上不是一个可行的解决方案。遗憾的是,其他解决方案很可能并不容易。”"}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null}},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","text":"Berg 表示,mimemagic 可以尝试替换 GPL 部分代码,并保留其 MIT 许可。他说,另一个选择是 Rails 完全取代 mimemagic,前提是存在合适的替代方案。"}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null}},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","text":"“不管怎样,由于 Rails 的普及,它在行业中的重要性不言而喻,解决这一问题在短期内可能不会是一件小事。”他说。“我并不羡慕他们的处境。”"}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null}},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","text":"“这就解释了当你引入所有的依赖性和重用代码时,为什么一定要认真地列出它们,并努力确保这些依赖性的许可与你的意图相一致。这一点非常重要。”"}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null}},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","marks":[{"type":"strong"}],"text":"最新情况"},{"type":"text","text":":4月1日,mimemagic 更新到了 v0.4.1,恢复了 MIT 许可,并删除了 GPL 覆盖的代码:theFreedesktop.org 共享的 Mime Types 数据库。现在用户必须自己提供。0.3.6 和 4.0 版本已经废除,这让很多人感到很沮丧。"}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null}},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","marks":[{"type":"strong"}],"text":"作者介绍:"}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null}},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","text":"Thomas Claburn,居住在旧金山湾区,负责 The Register 的软件开发、DevOps、计算机安全等栏目。"}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null}},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"text","marks":[{"type":"strong"}],"text":"原文链接:"}]},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null}},{"type":"paragraph","attrs":{"indent":0,"number":0,"align":null,"origin":null},"content":[{"type":"link","attrs":{"href":"https:\/\/www.theregister.com\/2021\/03\/25\/ruby_rails_code?fileGuid=zLXj22ubrogiy5ah","title":"","type":null},"content":[{"type":"text","text":"https:\/\/www.theregister.com\/2021\/03\/25\/ruby_rails_code"}]}]}]}
發表評論
所有評論
還沒有人評論,想成為第一個評論的人麼? 請在上方評論欄輸入並且點擊發布.