Tart License Violation #47
Comments
|
Hi @fkorotkov , thanks for signaling. Will change the code accordingly. Let me know if I should remove it immediately or if it's fine to keep it as is until the parts that are too similar are changed. Kudos for your work on Tart by the way! |
|
I would like to add that this is not all, here's a piece of code that was blatantly copied without even changing anything in the code itself. You won't find this a similar code on GitHub (except for in Tart forks and in your project). Difference between the original Sources/tart/MACAddressResolver/MACAddress.swift#L3-L21 on and the copied code Cilicon/LeaseParser.swift#L63C1-L81:
|
|
@edigaryev thanks for reporting this. This code was actually not used. It's no secret that some of the code in Cilicon is heavily inspired by Tart. It's using its image format after all. |
|
I guess It seems the issue dates back to 2.0.0 version of Cilicon and affects both 2.0.0 and 2.1.0 versions. To not break things for your users I guess we can ignore the past and let's make sure future versions of Cilicon are compliant. Please consider using Tart similar to how Tartlet is using it. Your users will benefit from upstream support and you won't need to keep up-to-date Tart compatibility. |
|
Thanks for understanding @fkorotkov! |
|
Can we keep the issue open until the issue is actually fixed? |
|
Of course! Just to manage expectations: |
|
I can refer you a lawyer that we consult with about such issues if you have doubts that licensing is applied on such snippets. |
|
Please let me know if the current version is ok with you. Just to explain my previous point, I meant that (in my non-expert opinion) a certain methodology, especially when almost entirely relying on platform SDKs, is probably not covered by copyright/licensing. For example if a random engineer, who was to implement the same functionality based on the requirements (without seeing the code), would be likely to end up writing the exact or very similar code by coincidence. |
|
Do you mean renames in ef87736 by the "current version"? Unfortunately I don't see how it's fixing the issue rather than just tying hide it. I'd really like you to take this issue seriously. It's great that you have an access to an IP layer. Please consult with them about your "inspiration"/"adaption" technique of coping significant code snippets and what's the licensing implication of it. |
|
I have removed the V2 downloader for now which should fix the license issues and will write one from scratch soon. Sorry for the inconvenience! |
Hey team and @Marcocanc, it was hard to not recognize some of Tart's code in #46. For example,
LayerV2Downloaderseems like a copy/paste of Tart'sDiskV2#pull:https://github.com/cirruslabs/tart/blob/f4bc02d1751dd5ad447619515e7d73a9efc2d7e6/Sources/tart/OCI/Layerizer/DiskV2.swift#L39-L121
Here is a visual diff that shows similarities. All the variable names are the same, structure is the same, just some comments removed and different kind of error handling:
On behalf of Tart authors we are glad you found Tart code useful but unfortunately such usage is agains Tart's License.
The text was updated successfully, but these errors were encountered: