Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Reconsider use of DragSelect 3 #35

Closed
ewpatton opened this issue Jan 5, 2024 · 4 comments · Fixed by #36
Closed

Reconsider use of DragSelect 3 #35

ewpatton opened this issue Jan 5, 2024 · 4 comments · Fixed by #36

Comments

@ewpatton
Copy link
Member

ewpatton commented Jan 5, 2024

DragSelect 3 changed the license from MIT to GPLv3 with a commercial option. By upgrading to version 3.0.4 from 2.7.4 we may be putting undue burden on downstream users of this plugin.
@halatmit
Copy link

halatmit commented Jan 5, 2024 via email

@HollowMan6
Copy link
Collaborator

Interesting, didn't notice their license change. After I did some research, I found out that for public websites, if one of the JavaScript libraries contains GPLv3 code, then the whole website should be open-sourced: https://www.gnu.org/licenses/gpl-faq.en.html#UnreleasedMods

But I still think we should keep using the latest version of DragSelect, as it's not us who are using it commercially. There should be no reason to stop adopting the new versions only for those companies that don't want to give credit to the authors of DragSelect.

This project depends on DragSelect heavily, so they deserve to get paid for their hard work even if those companies want to use our plugin. If someone doesn't want to pay, they should resolve these things by themselves, like patching the node_modules with DragSelect v2 and revert c93cbd2 I will open a separate PR for including a LICENSE file that explains the situation here (the license for our codebase is Apache-2.0).

@ewpatton
Copy link
Member Author

ewpatton commented Jan 5, 2024

Interesting, didn't notice their license change. After I did some research, I found out that for public websites, if one of the JavaScript libraries contains GPLv3 code, then the whole website should be open-sourced: https://www.gnu.org/licenses/gpl-faq.en.html#UnreleasedMods

App Inventor has proprietary branding commits that are specific to MIT, so we wouldn't be able to abide by this. I also think the requirement is technically to release it under a license compatible with the GPLv3, not just "open source," and I can't easily guarantee that is true of the transitive dependencies. I expect it's probably true but it would take leg work.

Another real problem is how we are not really handling semantic versioning here. For example, if I have a package.json with:

"dependencies": {
  "@mit-app-inventor/blockly-plugin-workspace-multiselect": "^0.1.7"
}

and have previously installed that so I have the plugin that uses non-GPL code and then npm upgrade now I will have GPLed code without any warning.

This project depends on DragSelect heavily, so they deserve to get paid for their hard work even if those companies want to use our plugin. If someone doesn't want to pay, they should resolve these things by themselves, like patching the node_modules with DragSelect v2 and revert c93cbd2 I will open a separate PR for including a LICENSE file that explains the situation here (the license for our codebase is Apache-2.0).

Then we may need to consider implementing the necessary functionality within this repo and not rely on an external dependency like that.

@HollowMan6 HollowMan6 mentioned this issue Jan 5, 2024
Merged
@HollowMan6
Copy link
Collaborator

HollowMan6 commented Jan 5, 2024
edited
Loading

App Inventor has proprietary branding commits that are specific to MIT, so we wouldn't be able to abide by this. I also think the requirement is technically to release it under a license compatible with the GPLv3, not just "open source," and I can't easily guarantee that is true of the transitive dependencies. I expect it's probably true but it would take leg work.

Okay, fair enough if that's for the App Inventor. I opened the PR #36 to downgrade.

Then we may need to consider implementing the necessary functionality within this repo and not rely on an external dependency like that.

If we decide to implement ours, we are literally copying and removing features from DragSelect's code since our plugin is built upon theirs. Let's not do this unless someday DragSelect no longer works for Blockly again.

@HollowMan6 HollowMan6 mentioned this issue Mar 8, 2024
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

Downgrade DragSelect to v2 HollowMan6/workspace-multiselect
3 participants
@halatmit @ewpatton @HollowMan6