search

Wulf2k / DeS-SaveEdit

Demon's Souls Save Editor
13 stars 8 forks source link

Add an open-source license and fix the webserver #2

Open C0rn3j opened 7 years ago

C0rn3j commented 7 years ago

Hi, someone pointed out your projects to me - and they look cool!

I see you even seem to release source code of all projects, which is great!

But I've noticed none of those projects I've checked have a license pointed out anywhere, would you be willing to officially open-source your projects by using some license like the GPL or AGPL license?

Also I've noticed your website allows HTTP instead of using HTTPS only - I've also noticed the header says "SAMBAR", which seems to be a server software last updated a decade ago, which sounds like a huge security issue(unless you're spoofing the header of course).

I'd suggest using Nginx for the server hosting and getting a Let's Encrypt certificate for free for the domain.

If you need a config example - here's one of my servers. https://gitlab.com/C0rn3j/configs/blob/master/sc2/nginx.conf

Sorry for posting all of it under this repo but I couldn't find one that was appropriate or some other way to contact you.

Also I'd point out on your website that your stuff is on this github repo.

Wulf2k commented 6 years ago

Thanks for the comments.

I am willing to officially open source my code, but I don't see myself taking the time to fully read and understand the GPL/AGPL any time soon. I agree with them from my cursory understanding of them, but there's that, and then there's what every detail of the license 'actually' says.

In the meantime, I'm not very litigious so I think this "it's open source because you can open the source" method is sort of working for me. Everybody that's copied my code (that I'm aware of) has been using it nicely. Of course that's probably a pretty shit thing to do when I'm eventually bought out by a corporation and retroactively tell people that it wasn't really open source while I'm sipping cry-stahl from my yacht, but that day seems rather far off.

I have been meaning to switch over to https for a while now. That header's not a lie, but a few years back I ripped out every feature that I thought could be a threat. Still long overdue for an upgrade, but I like its portability. Of course, there are probably tons of servers from this decade that are easily portable now too.

This may come across as apathy, but I assure you it's simply inertia. There are only so many hours in a day, so when I get a few to spare I spend them on the interesting things instead of the maintenance type things.

If you'd care to discuss anything further you can reach me at wulf2k@gmail.com.