Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

RJSONIO licensing effectively non-free by Debian interpretation #2758

Closed
jonassmedegaard opened this issue Oct 18, 2015 · 11 comments
Closed

Comments

@jonassmedegaard
Copy link

RJSONIO itself is licensed as BSD-3-Clause but links against libjson which has a license considered non-free by Debian and others: https://wiki.debian.org/qa.debian.org/jsonevil

Please consider switching to either r-cran-rjson or r-cran-jsonlite (i.e. revisit #472).

@jonassmedegaard
Copy link
Author

For the record, this issue was kindly brought to my attention by a fellow Debian developer, Jonathon Love, when I filed a "request for packaging" of r-cran-rjsonio for Debian: https://bugs.debian.org/802263

@scottdraves scottdraves added this to the v1.5 milestone Oct 19, 2015
@scottdraves
Copy link
Contributor

argh, i heard about this. thanks for the report.
Unfortunately https://cran.r-project.org/web/packages/rjson/index.html does not support unicode.
I will see if jsonlite can do the unboxed values right.

@jonathon-love
Copy link

Unfortunately https://cran.r-project.org/web/packages/rjson/index.html does not support unicode

it does support UTF-8

we originally baulked at using it for exactly the same reason, but it actually does.

@scottdraves
Copy link
Contributor

Looks like the libjson included by RJSONIO is not the problematic one.
this license looks good: https://github.com/duncantl/RJSONIO/blob/master/src/libjson/License.txt

@jonathon-love
Copy link

@scottdraves scottdraves reopened this Nov 5, 2015
@scottdraves
Copy link
Contributor

duncantl/RJSONIO#21

@scottdraves
Copy link
Contributor

btw, thank you jonathon

@jonathon-love
Copy link

no worries :)

i only know about this because i once tried to package rjsonio for debian, and lintian automagically picked up that a bad license was in the source!

@scottdraves
Copy link
Contributor

Looking at the code, R_readFromJSON does call into the evil code, but is itself only called from oldFromJSON. The other reference in readJSON.R is protected by if(FALSE). oldFromJSON is only called if a 2nd parameter is given to fromJSON, which we never do. So I think we can rip it out.

@jonassmedegaard
Copy link
Author

Quoting Scott Draves (2015-11-10 17:46:54)

Looking at the code, R_readFromJSON does call into the evil code, but
is itself only called from oldFromJSON. The other reference in
readJSON.R is protected by if(FALSE). oldFromJSON is only called if a
2nd parameter is given to fromJSON, which we never do. So I think
we can rip it out.

That sounds promising.

I can understand if upstream wants to keep backwards compatibility
and therefore not (yet?) drop even deprecated functions.

Even so, we can in the Debian packaging of RJSONIO patch the code and
add a warning to our packaging documentation that we've killed those
functions due to its licensing problems.

  • Jonas

  • Jonas Smedegaard - idealist & Internet-arkitekt

  • Tlf.: +45 40843136 Website: http://dr.jones.dk/

    [x] quote me freely [ ] ask before reusing [ ] keep private

@scottdraves scottdraves assigned maxyeg and unassigned maxyeg Nov 12, 2015
@scottdraves
Copy link
Contributor

sounds like this can be handled when rjsonio is packaged, not in beaker's code.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Projects
None yet
Development

No branches or pull requests

4 participants