[jira] [Commented] (GORA-715) Gora uses a version of org.json:json jar that is not permitted by ASF
[ https://issues.apache.org/jira/browse/GORA-715?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=17820052#comment-17820052 ] ASF GitHub Bot commented on GORA-715: - pjfanning opened a new pull request, #293: URL: https://github.com/apache/gora/pull/293 https://issues.apache.org/jira/browse/GORA-715 > Gora uses a version of org.json:json jar that is not permitted by ASF > - > > Key: GORA-715 > URL: https://issues.apache.org/jira/browse/GORA-715 > Project: Apache Gora > Issue Type: Bug >Reporter: PJ Fanning >Priority: Major > > Up until late 2022, org.json:json used a nonsensical license that banned the > use of the jar for evil - no kidding. This is not within OSS principles and > is called out as a Category X license by the ASF. > See https://www.apache.org/legal/resolved.html - see `JSON license` part. > There are also security fixes in the public domain and permissable versions > released in the last year or 2. > https://github.com/apache/gora/blob/master/pom.xml#L864 -- This message was sent by Atlassian Jira (v8.20.10#820010)
[jira] [Commented] (GORA-715) Gora uses a version of org.json:json jar that is not permitted by ASF
[ https://issues.apache.org/jira/browse/GORA-715?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=17820053#comment-17820053 ] PJ Fanning commented on GORA-715: - https://github.com/apache/gora/pull/293 > Gora uses a version of org.json:json jar that is not permitted by ASF > - > > Key: GORA-715 > URL: https://issues.apache.org/jira/browse/GORA-715 > Project: Apache Gora > Issue Type: Bug >Reporter: PJ Fanning >Priority: Major > > Up until late 2022, org.json:json used a nonsensical license that banned the > use of the jar for evil - no kidding. This is not within OSS principles and > is called out as a Category X license by the ASF. > See https://www.apache.org/legal/resolved.html - see `JSON license` part. > There are also security fixes in the public domain and permissable versions > released in the last year or 2. > https://github.com/apache/gora/blob/master/pom.xml#L864 -- This message was sent by Atlassian Jira (v8.20.10#820010)
