Licensing issues with JUnRar

[GoogleCodeExporter]

ebookdroid is said to be licensed under GPLv3. That's actually very strict 
license which requires compliance from all components of the application. But 
ebookdroid includes 3rd-party components, and that's where issues araise. MuPDF 
and DjVuLibre are both GPL software, so it's ok.

But JUnRar is a problem. It's not only not GPL, it's not even Open Source 
license. Just to remind, crucial difference of Open Source license is that they 
mat define conditions for binary/source (re)distribution and attributions, but 
the never place restriction on usage which is allowed for source code. However, 
JUnRar does just that - it places arbitrary restrictions on kind of usage 
allowed for source code, quoting 
https://github.com/edmund-wagner/junrar/blob/master/license.txt :

"The UnRAR sources may be used in any software to handle RAR archives without 
limitations free of charge, but cannot be used to re-create the RAR compression 
algorithm, which is proprietary."

So, its inclusion really invalidates GPL as assigned by yourselves to your 
product. We would like to hear your stance on this issue.

Submitted on behalf of F-Droid.org project, which strives to be fully compliant 
Open Source software repository for Android devices.

Thanks.

Original issue reported on code.google.com by pmis...@gmail.com on 20 Feb 2012 at 6:14

[GoogleCodeExporter]

[deleted comment]

[GoogleCodeExporter]

[deleted comment]

[GoogleCodeExporter]

[deleted comment]

[GoogleCodeExporter]

Вынужден повторить еще раз: мы строго 
против включения приложения под названием 
EBookDroid в ваш проект. Основание - вы 
выкладываете нечто с именами известных 
программ под своей подписью. 

Со своими проблемами мы разберемся сами.

И еще: подписывайтесь настоящим именем. 
Аноним хуже пидораса.

Original comment by Alexander.V.Kasatkin@gmail.com on 21 Feb 2012 at 8:37

• Changed state: Invalid

[GoogleCodeExporter]

Кстати, с чем связано такое резкое 
изменение языка, тона, и и удаление 
сообщений?

К сожалению или к счастью, отношения вашего 
проекта с его пользователями (любыми, в том 
числе и проектом F-Droid) регламентируется 
лицензией, которую вы (как проект) сами же и 
выбрали. Впрочем, как мы знаем, выбора особо 
и не было, ну кроме ухода в варез, что блещет 
новизной. Это одновременно и боль, и 
гениальность открытого программного 
обеспечения. Например, может быть, авторам 
MuPDF или DjVuLibre тоже не нравитесь лично Вы и 
Ваш мат, но они оставляют Вам право делать 
на основе их продукта ваш. При том, без их 
продуктов вашего бы и не было. Поэтому 
попробуйте быть выше мелочности в духе 
"они! используют маё!". Ну или написать PDF 
рендерер сами, или лицензировать у Adobe.

Далее, по поводу F-Droid - проект строится на 
тех же принципах, что и любой дистрибутив 
Linux - там тоже выкладывают "известные 
программы" а сверху - пишут название 
дистрибутива. Кому такое не нравится - не 
пишут открытые программы. Остальным либо 
все равно, либо у них это в резюме записано, 
на которое Google'ы, Facebook'и и даже Wexler'ы 
толпятся, чтобы посмотреть. Цель опять же 
та же самая что и у дистрибутивов - сделать 
программы еще более известными и 
доступными для пользователей.

Далее, какая подпись имеется ввиду? 
Электронная? Ну конечно же, ведь чтобы ее 
сделать, нужен приватный ключ, а он не 
раздается, поэтому у F-Droid своя подпись, у 
вас - своя. В остальном, в программах все то 
же самое - в окне About оригинальные авторы, 
кнопка donate, если она есть, ведет ту да же. И 
есть есть какие-то пожелания, F-Droid уверен из 
выслушает (обещать не могу, я просто 
contribute'чусь время от времени).

Ну и насчет последнего вообще пальцем в 
небо: я использую для логина свой обычный 
email. Ну не такой он у меня, как у Вас, и что? 
Если есть желание продуктивно и прилично 
пообщаться - связаться не должно составить 
проблемы.

Original comment by pmis...@gmail.com on 21 Feb 2012 at 9:27

[GoogleCodeExporter]

I found answer for this issue in the GNU license FAQ:

Can I write free software that uses non-free libraries? (#FSWithNFLibs)
If you do this, your program won't be fully usable in a free environment. If 
your program depends on a non-free library to do a certain job, it cannot do 
that job in the Free World. If it depends on a non-free library to run at all, 
it cannot be part of a free operating system such as GNU; it is entirely off 
limits to the Free World.

So please consider: can you find a way to get the job done without using this 
library? Can you write a free replacement for that library?

If the program is already written using the non-free library, perhaps it is too 
late to change the decision. You may as well release the program as it stands, 
rather than not release it. But please mention in the README that the need for 
the non-free library is a drawback, and suggest the task of changing the 
program so that it does the same job without the non-free library. Please 
suggest that anyone who thinks of doing substantial further work on the program 
first free it from dependence on the non-free library.

So, we will try to solve this issue by fining replacement for the library, but 
until then I fear that you can not use EBookDroid in your F-Droid project.

Original comment by Andrei.K...@gmail.com on 21 Feb 2012 at 3:05

• Changed state: Started

[GoogleCodeExporter]

Yes, exactly, as written in FAQ. And all I wanted is suggest of such issue, not 
cause alarm and strife. Thanks for paying attention to such issues.

I'm still would like understand cause of dissatisfaction with F-Droid, it is 
intended first of all as a project by developers for developers, so we take 
Open Source and license compliance seriously, and want to be friends with 
developers besides that, because without software developers' attention such 
project can't survive. So, any issues you see/improvement you may suggest - 
we'd (myself in particular), would like to hear.

Original comment by pmis...@gmail.com on 22 Feb 2012 at 10:19

[GoogleCodeExporter]

Main dissatisfation: F-Droid uses not-genuine apk files, so end-user can not be 
100% sure that he downloads what he want. 

Why do you need to recompile applications?

Original comment by Andrei.K...@gmail.com on 22 Feb 2012 at 11:21

[GoogleCodeExporter]

I already tried to answer that question - by the same reason why Debian or 
Ubuntu recompile the application they ship users. The whole idea here is that 
if you trust Debian, you can trust any package it provides. Why is it important 
to recompile applications? Because it's the only way to ensure that binaries 
correspond to the source supplied. And people can review that source indeed 
does what's advertised, and doesn't contain any malicious code and backdoors. 
Of course, such review is barely possible with binaries.

And you talk "genuine apks", but how do you know that randomly downloaded 
hundreds of apks from hundreds of different sources on the Internet are 
"genuine"? How do you know that particular software author is not black hat 
which planted a worm or steals personal info? How do you know that none of 
these hundreds source has a virus in their system which doesn't infect APKs 
with backdoors without them even knowing that?

The solution is a written in the beginning - centralized entity is established, 
which is entrusted to do the compilation (and code review of course, to make 
sure that malicious or otherwise non-compliant code doesn't get into). That's 
what Debian, Ubuntu, other distros do for Linux packages, that's what F-Droid 
wants to establish for Android - trusted community source of readily usable 
package.

So, why would you trust Debian or F-Droid? Because they work in open manner, 
the code is Open Source, everyone is welcome to share new ideas and work 
towards implementing them. But what's important is that you don't have to trust 
them! You can just take their open code, review it yourself for quality, make 
any changes you deem necessary, compile on your own, and use only those 
packages.

The ideas above are the essence of Open Source. The code is Open not when users 
allowed to look at it, but when they are allowed to do anything with it, that's 
what GPL and other Open Sources licenses warrants to users. Then next natural 
step to recompile it, then to figure out that it's not so easy to do that 
single-person for hundreds/thousands of packages, so get together to establish 
a trusted community.

Original comment by paul.sok...@linaro.org on 22 Feb 2012 at 1:11

[GoogleCodeExporter]

Fixed as using binary unrar from www.rarlab.com

Original comment by Andrei.K...@gmail.com on 23 Feb 2012 at 8:16

• Changed state: Fixed

[GoogleCodeExporter]

Great work! As for F-Droid issues, let me open another bug regarding that some 
time later. In the meantime, we're considering how we can improve to not stomp 
on independent developers' releases.

Original comment by pmis...@gmail.com on 23 Feb 2012 at 9:48

[GoogleCodeExporter]

I don't see the conclusion here:  Is it ok for F-droid.org to distribute apks 
it builds itself with this "binary unrar", (which I can't seem to find mention 
of in the source code)? Anyway, there are technical difficulties with providing 
seamless updates for multi-apk apps and in this case there probably would need 
to be improvements in the F-droid client before the app should be included.

Original comment by david8bl...@gmail.com on 6 Nov 2012 at 3:06