You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
It appears that the entirety of the cookie crate, with the exception of its license(s), has been copied into the actix-http crate . This is in violation of the two license options (MIT and Apache 2.0) at your disposal, both of which require attribution. Furthermore, it looks like upstreamcommits are simply being copiedhere, again without attribution. And, while this latter point doesn't further violate any licenses, I would consider it poor practice and poor open-source citizenship.
Please either attribute the cookie code as per either the MIT license or the Apache 2.0 license or remove the code from your repository. Better yet: why not use cookie as a dependency? You'd benefit from upstream improvements automatically, and any improvements you've made here could potentially benefit the community at large. In true open-source fashion: it's a win-win. Please do consider this latter option.
Thank you!
The text was updated successfully, but these errors were encountered:
I remember reading it in the docs, that it was copied from that crate, and that it needed some modifications. There was a technical reason involved as well. I can't seem to find that part though.
Hello!
It appears that the entirety of the
cookie
crate, with the exception of its license(s), has been copied into theactix-http
crate . This is in violation of the two license options (MIT and Apache 2.0) at your disposal, both of which require attribution. Furthermore, it looks like upstream commits are simply being copied here, again without attribution. And, while this latter point doesn't further violate any licenses, I would consider it poor practice and poor open-source citizenship.Please either attribute the
cookie
code as per either the MIT license or the Apache 2.0 license or remove the code from your repository. Better yet: why not usecookie
as a dependency? You'd benefit from upstream improvements automatically, and any improvements you've made here could potentially benefit the community at large. In true open-source fashion: it's a win-win. Please do consider this latter option.Thank you!
The text was updated successfully, but these errors were encountered: