This popular code library is causing problems for hundreds of thousands of devs

Broken projects are the least of the concerns for Ruby on Rails users

When you purchase through links on our site, we may earn an affiliate commission.Here’s how it works.

A license incompatibility in an extensively usedopen sourcelibrary has led to breaking the popularweb developmentframework Ruby on Rails (RoR).

A developer pointed out his GPLv2 licensed code was being improperly used inside a MIT licensed Ruby library calledmimemagic. The issue was quickly sorted by re-releasingmimemagicas GPLv2. To prevent further misusemimemagic’s developer also yanked the older MIT licensed releases of the library.

This however had the unfortunate side-effect of breaking not just the RoR framework but also snowballed to impact thousands of repositories that depended on the older MIT licensed version ofmimemagic.

Off the rails

According tomimemagic’s GitHub insights, the library is used by 172 packages and over 577,000 repositories.

In a discussion on GitHub, a developer cited these numbers and suggested the older MIT licensed versions ofmimemagicto be brought back. This however didn’t pass muster with the developer ofmimemagic, who suggested they just work with the RoR team to get to an amicable solution.

The bigger issue however is that larger projects that usemimemagicfor its permissive license will have to consider the implications of incorporating the more restrictive GPL code in their projects. The move will mean that many projects will have to change the licensing of their projects, which might not be feasible for some.

“Since so many applications are authored using Rails under the assumption that those applications are not copyleft under the GPL, it is likely that a great many of those apps would not be complying with the terms of the GPL since they were not deployed with those terms in mind,” summarized open-source licensing consultant Paul Berg toThe Register.

Are you a pro? Subscribe to our newsletter

Sign up to the TechRadar Pro newsletter to get all the top news, opinion, features and guidance your business needs to succeed!

Resolving the issue will take quite a lot of effort, and it’ll have a lasting impact on thousands of projects given the popularity of the RoR framework.

Via:The Register

With almost two decades of writing and reporting on Linux, Mayank Sharma would like everyone to think he’sTechRadar Pro’sexpert on the topic. Of course, he’s just as interested in other computing topics, particularly cybersecurity, cloud, containers, and coding.

iStorage Group acquires Kanguru Solutions as it looks to expand security offering

Phishing attacks surge in 2024 as cybercriminals adopt AI tools and multi-channel tactics

Arcane season 2 finally gave us the huge Caitlyn and Vi moment we’ve been waiting for – and its creators say ‘we couldn’t have done it in season one’