murdos
commented
6 years ago If we agree on the removal, I'll prepare a PR.
Closed murdos closed 6 years ago
murdos
commented
6 years ago If we agree on the removal, I'll prepare a PR.
jdubois
commented
6 years ago You are totally right about the license...
And who decides what is good or evil? That depends on the country, on the period in time? What a lot of bullshit. I'm really angry, because that's a huge issue, for a lot of people, and one of our goals is also to protect our users from this kind of wrong doing (yes, for me that license itself is evil).
So big +1 from me to remove this, but we really need to be sure those are not used anywhere (or we'll need to find some Open Source alternative).
murdos
commented
6 years ago FWI I'm working on an PR for generator-jhipster and jhipster-framework.
My conclusion is that the library is simply not used:
mvn dependency:tree -Dverbose | grep -E 'org.json|json-org' (on both generator-jhipster and jhipster-framework) shows that there's no real compile or runtime dependency on org.json.
Overview of the issue
Each generated project by JHipster indirectly declares a dependency to org.json:json that is considered non-free because of its license clause "The Software shall be used for Good, not Evil."
Motivation for or Use Case
This org.json:json dependency is pulled by com.fasterxml.jackson.datatype:jackson-datatype-json-org that adds support for org.json data types. Since these date types are not used in JHipster, there's no reason to keep this dependency in default generated project (it has been added 5 years ago).
Reproduce the error
Generate a JHipster project and check pom.xml or build.gradle
Related issues
None found.
Suggest a Fix
JHipster Version(s)
5.2.1
JHipster configuration
Not relevant.
Browsers and Operating System
Windows 10