Please remove all stolen PHPCompatibilily sniffs

Question

Please remove all stolen PHPCompatibilily sniffs

jrfnl opened this issue 2 years ago · 16 comments

... and use the PHPCompatibility standard as a Composer dependency like any normal project.

You are violating my copyright and violating the license of PHPCompatibility. You don't have permission for this. This is totally unacceptable.

Please remedy this as soon as possible!!!

Answer 1 · 2023-05-28T12:40:53.000Z

Hi @jrfnl. Thank you for your report.
To speed up processing of this issue, make sure that you provided sufficient information.
Add a comment to assign the issue: @magento I am working on this

Join Magento Community Engineering Slack and ask your questions in #github channel.

Answer 2 · 2023-05-28T13:01:26.000Z

@sidolov please can you ask your team to get this resolved this week, with high priority.

Answer 3 · 2023-05-28T13:12:04.000Z

Note: the PHPCompatibility project offers various dedicated CMS/polyfill based rulesets, like PHPCompatibilitySymfony, PHPCompatibilityWP etc.

There was a request for a PHPCompatibilityMagento ruleset quite a while back and we set up a repo to create it, but we never received the Magento community input to allow us to publish it.

Might be better if someone spend some time on that instead of stealing code.

Refs:

Answer 4 · 2023-05-29T12:15:13.000Z

@sidolov @bubasuma @victor-v-rad, please take a look at this issue. It's pretty important

Answer 5 · 2023-05-30T15:39:47.000Z

@jrfnl any plans to release PHPCompatibility in the nearest future? The last release was at 2019

Answer 6 · 2023-05-30T15:45:15.000Z

@viktym That's completely besides the point.

Answer 7 · 2023-05-30T15:59:18.000Z

@jrfnl sure, but this information will help us decide what to do next (use upcoming release or come up with other options ) So would be great if you share any information regarding the release schedule. Appreciate your answer.

Answer 8 · 2023-05-30T16:41:40.000Z

@viktym What to do next is a decision for after. First you need to acknowledge the problem, fix it and prevent blatant theft like this from ever happening in your repo again.

Answer 9 · 2023-06-02T16:32:23.000Z

Apparently my demand for this project to remove the code stolen from the PHPCompatibility project and written by me, is not being taken seriously as the only responses I see are blackmail attempts.

If this is not resolved and resolved properly within the next 5 days, I will submit a take down request for this repo to GitHub.

Answer 10 · 2023-06-02T17:48:39.000Z

I will follow suit with that. Licenses must be respected at all times, no exceptions.

This kind of behaviour is absolutely not acceptable.

Fix your problems, then ask about the next release.

The longer this situation takes, the more time is being diverted from development of PHPCompatibility in answering these messages.

Answer 11 · 2023-06-02T19:49:29.000Z

Hi @jrfnl
It’s never our intention to use any code without permission and we don’t believe that we are doing so here. Could you please let us know why you believe that our use of PHPCompatibility isn’t allowed under the license? If you would please help us understand the potential issues, we can work on our end to respond to your concerns. Thank you.

Answer 12 · 2023-06-02T20:07:28.000Z

Have you read the Licence that PHPCodesniffer is released under?

Answer 13 · 2023-06-02T20:30:55.000Z

@victor-v-rad

My copyright is being violated by passing the code off as if it is originally written by contributors to your project, while it is not.
The way this was originally done is especially grating. The "fix" made a couple of weeks ago, is not much better.
The license is being violated as you essentially re-licensed the code under another license without permission.
You do not give the required prominent notice of the code incorporated (without permission) and the fact that that code is licensed differently.
You do not distribute a modified version of the code as the code in its essential functioning hasn't been modified. You are shipping a copy which according to the license under which this code was published has to be done via a shared library mechanism - aka Composer.
You are namespace squatting on our namespace with code I wrote, which is a recipe for disaster.

etc etc. Do I really need to continue ?

Oh and by the way, the same largely goes for PHPCSUtils, though it looks like that stolen code has now been removed. Seriously, what are you people thinking ? Use Composer like a normal project and don't rip people's code off. This is months and months of work you are claiming ownership off and credit for, none of which you ever contributed one character of code to, nor contributed to in any other way.

Answer 14 · 2023-06-03T10:54:21.000Z

There's something which has been nagging at me about the sense of entitlement and denials I see in the responses to this ticket.

Aside from the legal (copyright, license) violations being perpetuated here, you also do not seem to actually have an understanding of what open source software means.

Something being open source gives you the right to use the software and to have access to the source code.

It does NOT give you the right to usurp ownership, or usurp authorship, it does NOT give you the right to relicense without permission, it does NOT give you the right to release software which the project of origin hasn't deemed ready for release, it does NOT entitle you to a release schedule, it does NOT entitle you to support etc etc.

This is open source 101 and just reading the license involved would have told you so.

What that doesn't touch yet, is the spirit of open source.

Open source, in its essence, is about sharing and collaboration.

If/when you see something in a library that needs improving, you make the modification and then GIVE IT BACK to the original source project.
It is then up to the original source project to decide whether they want to accept your modification or not, and if not, you are free to publish your modified fork (with the original copyright and license in place).

That is how open source is supposed to work. That is the kind of collaboration open source is about.

I see none of that here. You have never attempted to contribute in any form to either PHPCSUtils or PHPCompatibility.

If you think something should be auto-fixable/work differently: open a discussion about it and/or submit a PR!
If you want to influence the release schedule: start contributing on those tasks which are milestoned for the release!
If you want a modified ruleset which takes Magento specific things into account: that offer has been on the table for years, so send in a PR to make it happen.
If you cannot contribute, but still want faster releases: put your money where your mouth is to give maintainers the option to prioritize an open source project over other work.

Considering you all maintain this standard, I would think the people contributing to this project would have the skills to make meaningful contributions to other external PHPCS standards projects, so go ahead and do so!

Answer 15 · 2023-06-06T17:43:17.000Z

Hi @jrfnl,
Thanks for your patience with our reply on this matter. We appreciate your comments and your feedback. We are taking it seriously, which is why we asked for additional clarity. While we provided the notice and attribution that we believe is required under the license terms, we also respect your position and would like to resolve this disagreement. We will therefore proceed with the removal of the source code from our repository.

Answer 16 · 2023-06-07T20:49:15.000Z

@victor-v-rad Thank you for taking the appropriate action. I hope to see contributions to PHPCompatibility/PHPCompatibilityMagento from your community in the future so we can move forward in the spirit of open source.