This is the full version of the thread for opencart#1286, archived from notification emails.
The discussion has since been deleted almost entirely by OpenCart's developer.
Everyone who posted in it has also been blocked from the OpenCart repo.
The function "utf8_to_unicode" defined in the file /upload/system/helper/utf8.php has removed the original developers license statement. Side-by-side comparison to the file can be found here seems to indicate that this code has been reused without attribution, which likely violates its license terms.
EDIT: A note - the original copyright of this code belongs to Mozilla. I would suggest restoring the copyright declarations ASAP, before Mozilla has to step in to protect its own copyrights (which may include filing DMCA notices against this project itself, ultimately resulting in the project's takedown).
Daniel Kerr closed the issue
fuck off!
I'll be contacting Mozilla shortly, then. In the meantime, keep an eye on this repo.
Hi Daniel,
Please restore the license term and help keep open source products legitimate :)
Nice to see that "fuck off" is an appropriate response to someone pointing out a licensing violation.
you don't need a license because its not even the same language!
copy right does not apply!
you see where it says
- Based on PHP-UTF8 by Henri Sivonen.
does not say copyright!
Thanks, Daniel. I wasn't sure if OpenCart was the right decision at first, but now I know.
Magenta it is.
P.S. you're on Hacker News. Tread wisely.
does not say copyright!
Snippet from php-utf8 source, utf8.inc
* The Original Code is Mozilla Communicator client code.
*
* The Initial Developer of the Original Code is
* Netscape Communications Corporation.
* Portions created by the Initial Developer are Copyright (C) 1998
* the Initial Developer. All Rights Reserved.
Additionally, in most nations copyright is automatic and does not need to be registered or declared. This is a good resource to reference.
you don't need a license because its not even the same language!
The author of the ported code chose to state that original code was copyright Mozilla - in all likelihood, they are correct. In any case, you seem rather unfamiliar with how licenses work to begin with - this very code is copyright to Henri Sivonen, who has chosen a triple license under the NPL, GPL v2, and LGPL 2.1. All of these licenses require a notice being retained in the Covered Code or Source Code stating the original copyright owner and the license it is under (even the NPL, I just double-checked). Failing to uphold this clause is a violation of the license and means that you are unable to legally distribute said source code, as you're implicitly claiming it to be your own product. Which, it isn't. Plagiarism isn't cool, 'kay?
The following is sourced from the php-utf8 license file NPL-1.1.txt
3.5. Required Notices.
You must duplicate the notice in Exhibit A in each file of the Source
Code. If it is not possible to put such notice in a particular Source
Code file due to its structure, then You must include such notice in a
location (such as a relevant directory) where a user would be likely
to look for such a notice. If You created one or more Modification(s)
You may add your name as a Contributor to the notice described in
Exhibit A. You must also duplicate this License in any documentation
for the Source Code where You describe recipients' rights or ownership
rights relating to Covered Code. You may choose to offer, and to
charge a fee for, warranty, support, indemnity or liability
obligations to one or more recipients of Covered Code. However, You
may do so only on Your own behalf, and not on behalf of the Initial
Developer or any Contributor. You must make it absolutely clear than
any such warranty, support, indemnity or liability obligation is
offered by You alone, and You hereby agree to indemnify the Initial
Developer and every Contributor for any liability incurred by the
Initial Developer or such Contributor as a result of warranty,
support, indemnity or liability terms You offer.
Taken from the GNU General Public License, version 2
1. You may copy and distribute verbatim copies of the Program's source code as you receive it, in any medium, provided that you conspicuously and appropriately publish on each copy an appropriate copyright notice and disclaimer of warranty; keep intact all the notices that refer to this License and to the absence of any warranty; and give any other recipients of the Program a copy of this License along with the Program.
The LGPL is pretty much an extension of the GPL, and sourcing its clause would just be a waste of bytes here - it's the same damn thing.
Now, please stop being childish. You aren't the original author; you cut and pasted code without attribution. That's immoral, that's unethical, and according to the license terms for the original source - that's illegal, too.
copyright means the lines of the code need to be the same which they are not because one is programmed in C++ and mine is php!
so Mozilla has no say this!
copyright and being based on another's code are different things!
its also gpl based which opencart is also!
Mozilla did not write this code Henri Sivonen did. he just based it on Mozilla's code. which he released as gpl over 13 years ago.
i would like to know where Mozilla based there c++ code from.
"You aren't the original author; you cut and pasted code without attribution. That's immoral, that's unethical, and according to the license terms for the original source - that's illegal, too. You're actively harming your own reputation (though on the netsec circles, you don't seem to have much to begin with) and losing users."
is this some rule you made up in your head! i have to give attribution to one function based out of thousands of lines of code. when this code was based on others work, whoes code was probably based on others work etc...
how about i keep working on the next version of opencart, answering support emails, without some dick head wasting my time on some bullshit fucking issue you have made up in your head!
do not post another bug report on the opencart site again! do not even use the project so that I can continue provide free code and support to my growing community of members.
your just a fucking time wasting dick head!
There is absolutely no need to speak like a child here. Why are you working on an open source project when you cannot handle criticism or complaints? Your behaviour can be seen elsewhere as well:
#1279
#1269
#1264
#1094
#1061
#872
#773
And your attitude shows up elsewhere too:
http://blog.visionsource.org/2010/01/28/opencart-csrf-vulnerability/
http://blog.ericlamb.net/2010/05/should-we-use-opencart/#comment-411
Maybe open source projects are not for you if you cannot be bothered to respond like a rational human being. It's quite apparent you cannot handle the pressure.
its not handling criticism. its about wasting my time!
Addressing the security and safety of your userbase is a waste of your time? So if you don't understand the problem you'll just dismiss it as a waste of your time?
Are you sure you want to continue being in open source?
You're putting user security at risk by not acknowledging your software has flaws.
Is it just me or are @ColinKeigher's comments being deleted here?
Daniel, why are you deleting comments?
takes a huge steamy shit all over OpenCart
Y'know, I could sue for libel.
Also for posterity, the original issue: http://i.imgur.com/V3u9E5l.png
still claiming to be a lawyer!
Full moon over Daniels head? Cmon, ignorance is not helping to build a community here.
Also, a screenshot from the google cache of the issue before @danielkerr tried to jackboot this issue. http://i.imgur.com/V3u9E5l.png
daimb,
congratulations. i have now wasted probably over 1 hour at home sat in front of my computer. i have stopped for over 2 hour working on opencart 2.0 to deal with you.
@danielkerr You don't need to be a lawyer to understand the basics of a license. There are many websites such as Choose a License that, while is geared towards picking a license in the first place, summarise the key points you need to know.
Daniel, you're making matters worse for yourself by not acknowledging "open" in "Opencart" here. Why are you deleting comments like mine? Your reputation is at risk by not doing so?
Restore the comments and embrace open source software.
Daniel, you're making matters worse for yourself by not acknowledging "open" in "Opencart" here. Why are you deleting comments like mine? Your reputation is at risk by not doing so?
because your so important!
all the links you posted of me closing threads, you had now idea why i closed them! yet you posted them as examples!
there are numinous people on these threads that have cost me days of work many times for reporting non existent bugs!
yet your happy to post them to claim im in the wrong!
i dont know why github does not have a system to block future comments when you close an issue.
i have already blocked you. i dont; understand why you are allowed to kepp posting comments!
You can contact github directly with the Contact Us link at the bottom, but I don't think they'll give two shits.
your just wasting my time! do you think miozzlia or the other guy gives to shits!
Because GitHub is a place to put your code out into the public view and accept criticism using pull requests and issues.
Screenshots of thread before deletions http://imgur.com/a/GRIzy
In Daniel's defense. He spends most of his time working on this project which belongs to him. If he chooses to not include something it is his to decide. How many of these posters have their own shopping cart project? I will assume none. Everyone has voiced their beef. It's time to let it go and stop this nonsense.
We care about the safety and security of our and your users so we'll point out flaws in software--that's how open source works: someone reports a flaw, suggests a fix, and someone goes and addresses it all.
In your case, someone points out a flaw, you fail to acknowledge its importance or understand what it is, and then immediately dismiss it. In this case, you fail to understand that you're violating a licence and would rather instead respond with childish statements like "fuck off".
Is this how you conduct yourself in public? It must be lonely in Hong Kong if that is the case.
You have "open" in your software but so far the only thing that is "open" is the code and even that doesn't acknowledge the true contributors to the software. How much of it is yours and how much of it was lifted from other projects?
I have had someone reach out to Mozilla legal on this very issue--someone from Mozilla is reading this very thread. I'd suggest restoring it and try engaging the community in a positive manner rather than trying to belittle people who tell you otherwise.
Otherwise I'd go and make this closed source and rename it to "Crazycart" or something.
@danielkerr You realize one of the comments that was posted prior included a Mozilla employee. So, yes, they do care - there's also a legal bug open with them, according to a contact of mine.
NekomimiScience,
this is not redit! when a issue is closed you should not need to keep dealign with the same person. its down to the project owners what an issues is.
ColinKeigher ,
again you consider all the issues i have closed as real issues! do i have to waste my time to go overevery issue to validate them with you!
no! so fuck off and stop posting!
Please make this closed source as it is obvious you are unable to work in an open source community setting.
@danielkerr Upper right on the issue, just unsubscribe.
I cannot guarantee that this won't continue ruining your public relations and developer image, however. You're doing a number on that already just on your own.
ColinKeigher,
yeah because your such an expert!
@damianb why did you use words "ASAP" instead of creating a pull request? This is github, right?
@gytisgreitai People have real lives, too - and that should be expected. It was to note that it was something that should have been prioritized, and considered a blocking issue.
@shaneog Hope you're keeping a running mirror of all comments. Dev is still trying to censor this issue.
easy solution now. just use iconv and remove the function.
@damianb pull request would have taken what? 5, 10 minutes? Instead you've spent what? 2 hours? To me, this is not how you contribute to opensource. But it's way more fun, isn't it?
@gytisgreitai I submitted the issue originally from an ipod. The response that was made ("fuck off!") pretty much threw a PR out of the question afterwards.
@gytisgreitai Judging by the current response and @danielkerr's previous track record of dealing with far more important security issues, I doubt a pull request would have been accepted anyway.
@damianb you can always find a lame excuse. The fact is - you're no different from danielkerr .
no there is a big difference damianb is not helping anybody and is just wasting my time and many other peoples but does not realise it.
he also does not nor ever will have a project of opencarts popularity!
http://en.wikipedia.org/wiki/Appeal_to_accomplishment
http://en.wikipedia.org/wiki/Appeal_to_authority
you are still considering your self as a lawyer!
Those are actually logical fallacies. Nothing to do with law, just logic.
its not logic! i told you to fuck off yet you keep coming.
Click the unsubscribe button pictured here: http://i.imgur.com/oaIqnst.png
its my issue tracker!
@danielkerr If we're going down that road, it's GitHub's issue tracker. Everybody is free to post here as long as they abide by the terms of service.
not if i have blocked and reported one of you for abuse!
Rather disappointing that you're trying to report anyone else here for breach of the Github terms of service, considering that most of everyone who has responded to this issue is simply trying to convince you to do the right thing and not steal someone else's code.
Now please, stop turning this into a shitfest of ad hominem attacks and get back to the issue. Will you respect Henri Sivonen's copyright or not?
ok first off you do not speak for Mozilla or the creator of the code! while the creator of the code did work for Mozilla he has clearly released the code as a side project under GPL which opencart is also GPL!
I suggest you stop trolling github repositories and and making accusation of illegal activity!
you are obversely not a laywer and and again you do not speak for anybody except your own mind!
Read the GPL yourself - you're still required to acknowledge the original author, otherwise you're in violation of the GPL and cannot redistribute that code. I've already quoted the section of the GPL (and NPL) where this is stated directly, but you decided to delete that comment.
I have just stumbled upon this. You're on reddit man. What is the problem with including another license / copyright notice? All you've said so far is "stop wasting my time". Just add the license and everyone's happy.
+1 @silvinci
silvinci, because it is a waste of time for a single function.
damianb,
where does it say this?
"you're still required to acknowledge the original author"
under MIT license this is required not GPL!
@danielkerr You have just wasted 4 days with a discussion on wether or not to paste in a few lines of legal stuff. Adding the notice would literally take no longer than 1 minute.
why should i add a license to my code when its not required just because some one else thinks i have to.
come on damianb, am i right legally or not! GPL does not require attribution!
- You may copy and distribute verbatim copies of the Program's source code as you receive it, in any medium, provided that you conspicuously and appropriately publish on each copy an appropriate copyright notice and disclaimer of warranty; keep intact all the notices that refer to this License and to the absence of any warranty; and give any other recipients of the Program a copy of this License along with the Program.
- You may modify your copy or copies of the Program or any portion of it, thus forming a work based on the Program, and copy and distribute such modifications or work under the terms of Section 1 above, provided that you also meet all of these conditions:
a) You must cause the modified files to carry prominent notices stating that you changed the files and the date of any change.
and yet both licenses included are not GPL v2!
It is not "someone else". It is virtually everybody else. You are putting your project and all users at risk.
You have admitted that you copied licensed code and only marginally changed it. Your code would not exist, if it wasn't for the original code. What is your problem to attribute the original author accordingly?
Are you feeling injured in your pride?
There's three licenses that the function falls under. The NPL 1.0, the GPL v2, the LGPL v2. I quoted the NPL beforehand - refer to the screenshots of the original comment I'd made or go examine that license yourself.
no because the authors code is based on another authors code which is probably based on another persons code!
the original code is in c++ not one line of code is identical to the c++ code!
The original code is licensed only under the NPL 1.0 from what I see (an extension of the MPL), in which case you must adhere solely to the NPL 1.0 (which may or may not be GPL compatible, in which case you can't use it at all).
According to GNU: https://www.gnu.org/licenses/license-list.html
This is a free software license, not a strong copyleft, and incompatible with the GNU GPL.
So, unless you rely on the porting author's triple-licensing scheme, you cannot use it without express permission from Mozilla and a license exception.
where are the words:
You may copy and distribute verbatim copies of the Program's source code as you receive it, in any medium, provided that you conspicuously and appropriately publish on each copy an appropriate copyright notice and disclaimer of warranty; keep intact all the notices that refer to this License and to the absence of any warranty; and give any other recipients of the Program a copy of this License along with the Program.
they are not in the license!
@danielkerr And even if. You have used the code, that was licensed.
@damianb Would you be so kind to provide the original code for reference? Preferably a link to the site of which Daniel grabbed it. :)
The original code linked in the original issue (before @danielkerr started removing all the comments and changing the title) appears to be PHP unless I'm missing something. https://hsivonen.fi/php-utf8/
@silvinci Here, it's been removed several times over - I suggest keeping an eye on the gist that @uppfinnarn is maintaining of this issue. http://hsivonen.iki.fi/php-utf8/
i got it from the phpwact site library. it was a sinlge function
its also used in joomla
after wasting much of my time now damianb, is acting like a lawyer again and deciding which license has to be used even though there are 3 to choose from!
@danielkerr And Joomla! has provided attribution to the original author, which can be seen here
damianb , so read the license!
While this is am amusing read at 3am, its pretty darn cut and dry. You say you copy and pasted someone elses code why would you create such a big deal about giving them credit? If its that big a deal to you rewrite the function.
The everyday syntax we use when speaking and writing the English language wouldn't exist if it wasn't for those who spoke and modified it before us. Do we attribute every subtle change since Middle English to those who progressed the language from that time period? Does any particular person who uses modern English without attribution mean to claim the language as his/her own? There is a principle to consider here. I, for one, agree that this particular issue is a waste of time for the OC project. This smells like patent trolling to me, even though I'm sure many of the commentators here are genuine in their concerns (and may even be legally correct).
@garudacrafts The English language isn't released under license.
im not claiming it as my own! but the person who wrote this code based it on on a c++ example. so who owns the code!
just wasting my time.
@damianb @uppfinnarn Thank ya. :)
@garudacrafts He did not translate the function from C++ to PHP. He ripped off a translation that is licensed.
@danielkerr You are ridiculing yourself. You stole code written by someone else. Line by line. You did not translate the code yourself.
the code is GPL, LGPL, NPL choose the license you want!
@danielkerr All three require attribution in some form.
@danielkerr So you've acknowledged, that the code is licensed. Now acknowledge the licenses themselves. All three require you to attribute the original author.
search the word attribution in the lgl license!
LGPL 3.0
Combined Works. You may convey a Combined Work under terms of your choice that, taken together, effectively do not restrict modification of the portions of the Library contained in the Combined Work and reverse engineering for debugging such modifications, if you also do each of the following: a) Give prominent notice with each copy of the Combined Work that the Library is used in it and that the Library and its use are covered by this License.
its lgpl 2
You're kidding, right
You may copy and distribute verbatim copies of the Library's complete source code as you receive it, in any medium, provided that you conspicuously and appropriately publish on each copy an appropriate copyright notice and disclaimer of warranty; keep intact all the notices that refer to this License and to the absence of any warranty; and distribute a copy of this License along with the Library.
Yes, it's the GNU LGPL 2.1 actually, and still:
- You may modify your copy or copies of the Library or any portion of it, thus forming a work based on the Library, and copy and distribute such modifications or work under the terms of Section 1 above, provided that you also meet all of these conditions:
a) The modified work must itself be a software library. b) You must cause the files modified to carry prominent notices stating that you changed the files and the date of any change.
- A program that contains no derivative of any portion of the Library, but is designed to work with the Library by being compiled or linked with it, is called a "work that uses the Library". Such a work, in isolation, is not a derivative work of the Library, and therefore falls outside the scope of this License.
However, linking a "work that uses the Library" with the Library creates an executable that is a derivative of the Library (because it contains portions of the Library), rather than a "work that uses the library". The executable is therefore covered by this License. Section 6 states terms for distribution of such executables.
When a "work that uses the Library" uses material from a header file that is part of the Library, the object code for the work may be a derivative work of the Library even though the source code is not. Whether this is true is especially significant if the work can be linked without the Library, or if the work is itself a library. The threshold for this to be true is not precisely defined by law.
If such an object file uses only numerical parameters, data structure layouts and accessors, and small macros and small inline functions (ten lines or less in length), then the use of the object file is unrestricted, regardless of whether it is legally a derivative work. (Executables containing this object code plus portions of the Library will still fall under Section 6.)
Otherwise, if the work is a derivative of the Library, you may distribute the object code for the work under the terms of Section 6. Any executables containing that work also fall under Section 6, whether or not they are linked directly with the Library itself.
- As an exception to the Sections above, you may also combine or link a "work that uses the Library" with the Library to produce a work containing portions of the Library, and distribute that work under terms of your choice, provided that the terms permit modification of the work for the customer's own use and reverse engineering for debugging such modifications.
You must give prominent notice with each copy of the work that the Library is used in it and that the Library and its use are covered by this License. You must supply a copy of this License. If the work during execution displays copyright notices, you must include the copyright notice for the Library among them, as well as a reference directing the user to the copy of this License. Also, you must do one of these things:
To make it clear: "[...] keep intact all the notices that refer to this License and to the absence of any warranty; and distribute a copy of this License along with the Library."
As an exception to the Sections above, you may also combine or link a "work that uses the Library" with the Library to produce a work containing portions of the Library, and distribute that work under terms of your choice, provided that the terms permit modification of the work for the customer's own use and reverse engineering for debugging such modifications.
@danielkerr Which is immediately followed by (note, your quote says "sections above" only!):
You must give prominent notice with each copy of the work that the Library is used in it and that the Library and its use are covered by this License. You must supply a copy of this License. If the work during execution displays copyright notices, you must include the copyright notice for the Library among them, as well as a reference directing the user to the copy of this License. Also, you must do one of these things:
...which means you are NOT excepted from that specific clause.
@danielkerr Is it still April 1st in your hometown? You can't be serious about this, can you?
it is also in Joomla
Correct, but they have this in the file at this function (source: unicode.php):
* Takes an UTF-8 string and returns an array of ints representing the
* Unicode characters. Astral planes are supported ie. the ints in the
* output can be > 0xFFFF. Occurrances of the BOM are ignored. Surrogates
* are not allowed.
* Returns false if the input string isn't a valid UTF-8 octet sequence
* and raises a PHP error at level E_USER_WARNING
* Note: this function has been modified slightly in this library to
* trigger errors on encountering bad bytes
* @author <[email protected]>
* @param string UTF-8 encoded string
* @return mixed array of unicode code points or FALSE if UTF-8 invalid
* @see utf8_from_unicode
* @see http://hsivonen.iki.fi/php-utf8/
* @package utf8
* @subpackage unicode
*/
Wether a header like this is anywhere, nor is it stated anywhere that OC is using code from someone.
Hi Daniel,
Not to be super aggressive or anything, but you are violating the spirit of open source software, and copyright law. I would prefer not to resort to legal options, but my hands are tied, so I reported this to the licensing folks at Mozilla (where both I, and the original author of code you have taken), so it's kind of out my hands at this point (that's also part of my job as a Mozilla employer, and part of my responsibilities as an open source consumer).
The easiest thing would be for you to save everyone time, and simply add the license terms so that your code moves from being an infringing use to a licensed use. Your argument was about wasting time, but the open source community has invested a huge amount of time in creating open software for public benefit, and you have spent more time arguing against license compliance than it would take to simply adjust your code to be in compliance.
Please do the right thing!
@silvinci Please keep the issue on track. We're finally back to technical discussion instead of ad hominem; don't revert that.
@damianb Sorry, keeping my mouth shut, until I have something valuable to contribute.
ygjb ,
thats not going to happen, because this really is a waste of my time. the next commit will be using php built in mb on iconv functions.
Either way, fixing the licensing, or updating the project to remove the infringing code is a viable solution. What is beyond comprehension is your opposition to appropriately licensing code that you have taken without attribution.
This... just made my day. Man, I love epic meltdowns.
Using open source licensed code? Keep it open source licensed properly. Simple as that. Not a waste of time.
its a waste of time for one small function that is licensed under gpl to be used in another gpl project has to be changed because of some half wits are want to wate a developers time with this shit!
@danielkerr This whole debate is a waste of your and everyone else's time. But we don't want to waste your time - we want to rescue this project.
This is what's gonna happen next: This project, as it currently is, violates various copyrights. Mozilla and the original authors can file a DMCA takedown request, to which GitHub will comply and will disable this repository.
I advise you to add the license notice or replace the function now.
i already told you im replacing the function so fuck off!
Unless I'm mistaken (still bringing myself up to speed with this), the license in question is here: opencart-ce/opencart-ce@dfaf2e8
Merge that code. Hell, copy/paste. 2 minute job.
So you prefer spend/waste some time testing new code which may take some time... instead of just appending the license text? You're wasting your time. But hey you're free.
the code in question is pretty old. changing maybe 30 minutes, arguing with time wasters 4 hours.
Magento keeps looking better and better. Then why not just change it instead of arguing? You are still arguing, you know that right?
add the license 2 minutes. You save 30 minutes replacing your code and those 4 hours arguing.
Gonna have fun reading the posts about opencart's leadership coming over
the weekend
"also from what I understand the code is not owned by Mozilla. but a side project by one of its employees"
Uh... you do realize that pretty much every developer at Mozilla writes stuff for Mozilla or as a part of a project at Mozilla? I am not going to dignify your comment with the effort it would take me to find references in existing Mozilla code, I will leave that for one of the other people who are committing their time and effort into giving you the full Streisand Efffect :) The simple reality is that you have infringing code, and you are insulting people who are trying to get you to do the right thing.
i don't really give a shit m8, the few here posting have caused a shit storm over a very small amount over 100 lines of code out of probably over 100k worth of code. as a quick solution. i have never seen the site it came from. you would still need to contact the original author and have them send me a request to add attribution before i would consider doing it.
Do you realize you are inducing copyright liability on your users? Do your users realize that you are?
Right, cause that's the way licenses work: the original author has to hunt every ripoff of their work down and ask that the license be put back. Sounds reasonable.
good luck in that!
Daniel, instead of being a good guy and good developer and admit the mistake, say sorry and fix it in 10 min tops, you are supporting this argument and you are embarasing yourself and OpenCart. Be ashamed! I hope I never have to work or have anything in common with people like you !
@ygjb And their issues don't stop with copyright, search this repository's closed issues and pull requests for "security" and see what else is being pushed on to OpenCart's users.
@danielkerr Mozilla also owns the rights to the code you've ripped off. Apparently they have been informed and they most likely will take action. You can still prevent this.
actually ygjb i suggest you stop speaking on behalf of your company and ask your companies legal department to get in touch with me via the <opencart.com> contact us form if you are serious about this!
i personally would go nuts if one of my employees threaten another company on behalf of opencart!
I personally would fire you immidiately only for the way you act and treat your company clients and users.
@danielkerr He has not threatend you in any way. He has only listed the likely consequences of your behaviour. Mozilla doesn't need to contact you. They can directly turn to GitHub and then contact you afterwards.
As a small aside (apologies for derailing the issue for the moment), I would like to recognize @opencarthelp, which has in fact patched in the copyright & attribution themselves in their fork opencart-ce. They should be touted as a responsible developer and used as an example of how every developer should react when an issue like this is brought forward.
That's... not how it works. An original author shouldn't need to hunt down every user of their shared code to make sure the proper license is used. It just shouldn't have been removed in the first place.
Jeez, want me to paste the license back in myself & send a pull request? I know it's my precious 5 minutes, but I think I could manage.
@danielkerr I am not speaking on behalf of my employer. Also, I filed a request with our legal team yesterday after your infringement. I don't know that it will be a priority for them, but your attitude and lack of respect for generally accepted principles of open source is very disappointing.
no because i'm pissed with the way this GPL license has been carried on. i'm pretty sure some of this code has been pulled by Mozilla from some linux repo.
@pixleight Go for it! He'd rather spend all day arguing here than 5 minutes accepting it though.
@pixleight I believe that it has been done more than once already and ignored
" i'm pretty sure some of this code has been pulled by Mozilla from some linux repo."
Projection!
its replaceable code!
@vita10gy actually, it does. There is a reason there are companies that specialize in identifying infringing code in both open and closed repositories. In any case, it's not my issue, it's @danielkerr and OpenCarts issue.
its replaceable code!
Windows can also be replaced with Ubuntu and I still have to pay for Windows. That's not how it works.
"Windows can also be replaced with Ubuntu and I still have to pay for Windows. That's not how it works."
anybody else want to jump in on that statement?
@danielkerr Shut up and code.
I believe he is trying to say that just because something can be replaced, it doesn't give you a right to steal it
@damianb +1
@toazron1 Exactly.
are you saying Ubuntu stole code from windows or should they pay patent protection?
Lolwat
@danielkerr You are purposely being obtuse about the analogies here.
@danielkerr I think we both know exactly what I meant.
@Emilylol @toazron1 I agree, I'm sure it'll be ignored, but simply out of principle... #1304
@pixleight +1 karma for being cool.
@danielkerr Please, this discussion is going nowhere. You have admitted, that you've ripped of the code, but you don't feel any guilt or responsibility for fixing your mistake by attributing the original authors.
I beg you to avert more PITA for you, us and all users of OpenCart by just replacing the function, if you're not willing to attribute the authors.
@ygjb You and I commented at the same time. My comment regarding "developers have to ask for their licenses to be added" was directed at @danielkerr making the comment that he'd only keep the license intact if the original author directly and personally asked for it.
And, for the record, no, that is absolutely not how they work.
Licensing and attribution is what it is. You used it, thats okay. Removing licensing is not.
i don't need to add attribution because the 100 lines of code are getting replaced. the fucking code is from 2003.
If the code in question is more than a trivial few lines, then it doesn't really matter what the license says about attribution. U.S. law itself says you cannot remove or alter copyright management information. 17 U.S.C. 1202(b). It's a lesser-known part of the DMCA, and was used in the Jacobsen v. Katzer case, wherein Jacobsen, an FOSS developer, succeeded on a 1202 claim against Katzer who had removed attribution information in Jacobsen's code. So, stop arguing about what the license requires. Good manners and U.S. law both require you not to remove people's attribution information. P.S. I am a copyright lawyer.
"the 100 lines of code are getting replaced. the fucking code is from 2003."
Well OK. /Now/ the code isn't good enough for you?
it does come up with errors noe and again
@danielkerr And you've been meaning to change it for a long time already, huh? That's why you "fucked off" the issue when it first came up.
i never said i need to change it for a long time. it was not a major issue
i don't need to add attribution because the 100 lines of code are getting replaced. the fucking code is from 2003.
But as the code stands, in the current release, right now, the license does need to be there. I might replace every line of the code in a project 3 years from now, doesn't mean I don't have to properly license what I'm currently using.
Daniel, if I fork this code off, relicence it, and remove all attribution to you, will you tell me to take it down?
its not a few lines of code. to be-honest i don't care what you do with the code as long as you dont restrict others from using it!
why do you think its open sourced! im giving it away! not charging for it!
So the licence is meaningless? I can claim this code as 100% mine then?
and provide free support.
am i claiming the code is mine! NO!
@ColinKeigher I am with you. Now releasing ClosedCart. We won't attribute code, we won't listen to issues or pull requests, and we are toxic Oh wait, that sounds exactly like OpenCart...
We should provide the code but encrypt every file and sell the key to decrypt it. That way we're distributing the code but making a profit off of it still.
@danielkerr Yes, you are, because there is no notice that it isn't. Start using your brain and logical thinking, will ya?
am i claiming the code is mine! NO!
It's getting better with every comment. :D
@ColinKeigher You'd be looking for ioncube, iirc.
@cmgriffing @ColinKeigher I already had that idea and you failed to attribute it to me. I think you're off to a great start maintaining ClosedCart...
and yet i bet you guys have to get up in a morning and go to work for some body else!
@danielkerr Actually, you are claiming it is your code because there is no attribution
@ranok "Fuck off!", just kidding, only emulating daniel from earlier.
@danielkerr Are you saying you are financially supported by Opencart?
we are the 3rd most popular eCommerce solution in the world so i would say yes!
never spent a penny on advertising!
Do you tell your customers to "fuck off" too?
Would be a shame, if people saw what's going on behind the curtain.
@silvinci "Is it still April 1st in your hometown? You can't be serious about this, can you?" http://en.wikipedia.org/wiki/April_Fools_Day ??
@ncang This was meant ironically.
why woudl it be a shame!
how much money do you think i have saved business across the world by providing them with free software? how many thousand would it cost a company to write a shopping cart script from scratch with the functionality of opencart?
as well as provide free support to users who want to start an online business? 10 mill, 50 mill 100 mill, yet im being criticised!
Yeah, I honestly would not use, nor recommend OpenCart to anyone else due to the fact that it's code does not respect GPL licenses.
@cmgriffing You should totally do it, I mean if OpenCart steals other developers code and does not give credit where credit is due, who said that there is no room for ClosedCart?
rgaspary,
good for you, i recommend for all future ecommerce projects that you use magento!
Im removing the code!
I would rather pay a fee for a shopping system then risking a lawsuit.
this is why i don't nor ever will live in the USA
"yet im being criticised!"
Some things will always be a mystery!
Copyright law is (almost) international. Besides that, GitHub hosts in the USA and most of your business also resides in the USA, therefore you can be held accountable.
This is not just for the USA. This applies for Europe as well and for several other parts of the world. At the rate this is going, developers will think twice before installing OpenCart in their eCommerce solutions because they won't want to risk getting sued, and if you haven't figured it out by now, those are your users.
none of my business is in the USA! web hosts can be moved!
and who are you kidding here! this is showing the maturity of your argument! the what if!
this is the real world. no one is going to sue me for 100 lines of code that has just been replaced with in 1 hour!
It would have been 1 minute if you didn't make such a terrible fuss.
1 hour
yes, yes the can because while you can replace them in 1 hour you chose to have this argument. Also, Github records all changes so even if you change it in 1 hour, your code is forever stored in servers hosted in the USA.
@Emilylol It'd be less than a minute with the pull request that's pending which would fix the problem.
@danielkerr Even if you remove the code violation - it is clear to me that you do not understand how licensing works and the spirit of OSS, or simply do not care.
The unprofessional way you handle your issues and complete unwillingness to work with others, coupled with a blatant disregard for basic licensing and lack of respect for authors is enough for me avoid anything you have "created".
I urge people to pick an alternative - or at the very least, support the opencart-ce project over this one.
this is showing the maturity of your argument!
AHAHAHAHAHAHAHAHAHAHAHA :D
Wow, @danielkerr very mature of you to delete my previous comments even though you "agreed" with me. Guess I'll be making screenshots from now on.
@cmgriffing What I wrote before it was deleted was that since @danielkerr does not respect the open GPL from someone elses code, why not do the same. Fork OpenCart and call it ClosedCart.
@danielkerr do yourself a favor and stop talking. You are not doing anything for your reputation and whining about how people are wasting your time just makes you look foolish given that adding attribution to your code would take all of 30 seconds whereas you've been arguing this point for 4 hours despite overwhelming and clear evidence that you're in the wrong. Very professional.
This is not how free software works, this is not how licensing works, and this is not professional behavior.
@rgaspary All comments are being recorded into a gist by @uppfinnarn - @danielkerr seems to forget that any comments made generate an email from github to everyone subscribed.
Friendly reminder that I'm logging everything to https://gist.github.com/uppfinnarn/9956023. @danielkerr can't delete my gists, after all. Even if he will probably delete this comment for linking it.
so now people arr not happy i removed the code!
@danielkerr No, I personaly thank you that after 4 days you decided to remove the code and correct your ways, but it shouldn't have come to this. Please do us all a favor and respect the GPL and the spirit of Open Source.
@danielkerr I implore you to seek professional medical help. Your public behavior exhibits troubling mental health.
it was not 4 days, i have only looked at this topic again tonight!
"damianb opened this issue 4 days ago"
FFS this is what I mean by closing a topic
But you first knew of it 4 days ago. This isn't a difficult concept.
@danielkerr are you also part of http://www.opencart.us/ ?
no
Update: @danielkerr is apparently blocking commenters he doesn't like now.
EDIT: @damianb's screenshot.
Ladies and gents, I'd like to introduce you to ClosedCart
A completely stolen idea from, well, who honestly cares. Using code from me and only me. Yup, definitely didn't get it from anywhere else.
Please note, ClosedCart®™ is not responsible for any misuse of any of its code. Especially if it physically harms you. Besides, it's just a joke
@pixleight Now this is a product I can trust. XD
actually plan to block every one on this thread so i dont have to waste my time in the future.
pixel light seriously if you had any back bone you would stand by your convictions and use magento!
see how long it takes you in f the future to complete projects
This is some 10/10 PR right here.
@pixleight Please include the gist link in the repo's README. It might be the only way to keep it making sense some time from now.
Makes me wonder how he treats his customers..
@toazron1, Like this:
Customer: "Hey I have a problem with the configuration..."
@danielkerr "FUCK OFF!"
@griwes Good plan. Done.
(in character) And thanks for not opening a pull request for that update. Not that it'd actually use it.
Everyone in this thread is wasting his time, haha.
The simple solution is to recognize that removing license and attribution is legally and ethically wrong and to add it back in - and this would have came and gone in a matter of seconds. Now this will live on in the history of this project and draw criticisms around the globe (I wandered in here from both a tweet and Reddit - I don't even use this project).
Same here.
"actually plan to block every one on this thread so i dont have to waste my time in the future."
that's ok. i don't think anyone will waste their time with anything short of full disclosure from now on.
i have 2 choices attribution or remove the code.
those were always your only 2 choices
I don't use opencart either. Or Magento. I hardly have any ecommerce projects (aside from a tiny portion of a WP site that uses WooCommerce), so I have no need of either, though this just made the decision easy if I ever do.
I too wondered in from reddit. I just love a good meltdown, and I believe in open source.
problem solved. the only 3rd part code now is js which has all the licenses and read me included!
If the attributions are in place. This thread should be closed. Everyone involved is just inciting negativity at this point.
This thread was pretty metal
@castis This issue has been “closed” for nearly a day. Good to see progress has only just been made, now about those security issues...
Only took you four days and a lot of pressure.
This thread is now history and required reading for anyone considering using OpenCart in the future.
My work here is done :)
I would prefer it if my comments regarding the security issues were not being constantly deleted but okay.
masking the issues by deleting everyones comments is just going to piss them off even more...
Are we really also going to remove the comment about removing my comment about the security issues you keep closing?
Daniel, you're just making things worse. Close the browser and just walk away.
@NekomimiScience to be fair, your comment about security issues belongs in a new issue.
@castis been done. guess how it turned out?
@NekomimiScience, your comments are being stored (along with everyone else's) here - https://gist.github.com/uppfinnarn/9956023#richard-raybould-7
@NekomimiScience - they are not over here. https://gist.github.com/uppfinnarn/9956023
Deleting all links to the gist now? Not gonna help you, it's posted in too many places outside of your control already.
https://gist.github.com/uppfinnarn/9956023
LOL! Deleted my comment? Here it is again!
@NekomimiScience, your comments are being stored (along with everyone else's) here - https://gist.github.com/uppfinnarn/9956023#richard-raybould-7
Also, here is another very interesting read on this matter - http://tinyurl.com/lumhxbn
@danielkerr You are an embarrassment to the open source movement. Your behaviour and attitude is unbecoming of a developer with morals.
Oh, and... this is not a link to the gist
Folks, I just came across an interesting read along these same lines: http://goo.gl/gC7VDl
Hopefully it will change your view for the better.
http://i.imgur.com/xgHhC6z.gif
@danielkerr you need to take a chill pill.
i think this is bug tracker ??
fahmi182,
you OC account will now banned!
Wow, a giant chunk is gone... Is it permanent? NOPE!
Lol. He's systemattically deleting all the comments...
Love this stuff.
banning your users? classy.
@danielkerr you seriously have a large ego to feed
Large ego to feed? Have some popcorn. http://tinyurl.com/lumhxbn will help wash it down.
danielkerr trying to hide all the comments
not my users! they are trolls
I'm Baaaack!!!!
Here's a link for you huge ego - https://gist.github.com/uppfinnarn/9956023
If you think I'm trolling, you don't understand how the internet works.
Really? Isn't the point of the open source community to not rip people off and allow as many people to use your code as you can? You seem to be doing neither
You know, the comments don't really go away when you delete them.