This repository has been archived by the owner on Jul 24, 2019. It is now read-only.
Dependency adm_zip is incorrectly licensed #495
Comments
|
this has been published as v2.1.6 |
This was referenced May 22, 2017
Sign up for free
to subscribe to this conversation on GitHub.
Already have an account?
Sign in.
The phantomjs package dependency adm_zip is licensed under the MIT license like most npm packages, but contains copypasted code with a GPL license.
The MIT and the GPL license are not legally compatible. This issue was reported in 2014, the author of the package has not commented or moved on this in a year.
I know this is not phantomjs's code, but it is phantomjs's dependency.
I'm raising this issue because there are a lot of Javascript zip libraries out there (unzip, extract-zip, bauer-zip, etc) and phantomjs's use of this particular sloppily/illegally-licensed one is causing problems for me, at least, and probably others.
This is not just an abstract problem, it is a potential legal one, and I would like to see phantomjs move to another, correctly-licensed zip library dependency so that this ceases to be a problem for users of phantomjs.
EDIT: Looked at the code, since It's dead-simple I'll try my hand at a PR to replace adm_zip with extract-zip.
The text was updated successfully, but these errors were encountered: