This popular code library is causing problems for hundreds of thousands of devs

News
By
published

Broken projects are the least of the concerns for Ruby on Rails users

developers
(Image credit: Huawei)

A license incompatibility in an extensively used open source library has led to breaking the popular web development framework Ruby on Rails (RoR).

A developer pointed out his GPLv2 licensed code was being improperly used inside a MIT licensed Ruby library called mimemagic. The issue was quickly sorted by re-releasing mimemagic as GPLv2. To prevent further misuse mimemagic’s developer also yanked the older MIT licensed releases of the library. 

This however had the unfortunate side-effect of breaking not just the RoR framework but also snowballed to impact thousands of repositories that depended on the older MIT licensed version of mimemagic.

Off the rails

According to mimemagic’s GitHub insights, the library is used by 172 packages and over 577,000 repositories. 

In a discussion on GitHub, a developer cited these numbers and suggested the older MIT licensed versions of mimemagic to be brought back. This however didn’t pass muster with the developer of mimemagic, who suggested they just work with the RoR team to get to an amicable solution. 

The bigger issue however is that larger projects that use mimemagic for its permissive license will have to consider the implications of incorporating the more restrictive GPL code in their projects. The move will mean that many projects will have to change the licensing of their projects, which might not be feasible for some.

“Since so many applications are authored using Rails under the assumption that those applications are not copyleft under the GPL, it is likely that a great many of those apps would not be complying with the terms of the GPL since they were not deployed with those terms in mind,” summarized open-source licensing consultant Paul Berg to The Register

Resolving the issue will take quite a lot of effort, and it’ll have a lasting impact on thousands of projects given the popularity of the RoR framework.

Via: The Register

Mayank Sharma
Mayank Sharma

With almost two decades of writing and reporting on Linux, Mayank Sharma would like everyone to think he’s TechRadar Pro’s expert on the topic. Of course, he’s just as interested in other computing topics, particularly cybersecurity, cloud, containers, and coding.

Read more
Holographic representation of cloud computing over open businessman's hand
Businesses are struggling to address vulnerabilities hidden in phantom dependencies
GitHub Webpage
A cracked malicious version of a Go package lay undetected online for years
software developer
Open source software users are being hit by AI-written junk bug reports
Pirate skull cyber attack digital technology flag cyber on on computer CPU in background. Darknet and cybercrime banner cyberattack and espionage concept illustration.
Huge cybercrime attack sees 390,000 WordPress websites hit, details stolen
hacker.jpeg
VSCode extensions pulled over security risks, but millions of users have already installed
An abstract image of digital security.
Hundreds of GitHub repositories hijacked to trick users into downloading malware
Latest in Pro
Homepage of Manus, a new Chinese artificial intelligence agent capable of handling complex, real-world tasks, is seen on the screen of an iPhone.
Manus AI may be the new DeepSeek, but initial users report problems
healthcare
Software bug meant NHS information was potentially “vulnerable to hackers”
Hospital
Major Oracle outage hits US Federal health record systems
A hacker wearing a hoodie sitting at a computer, his face hidden.
Experts warn this critical PHP vulnerability could be set to become a global problem
botnet
YouTubers targeted by blackmail campaign to promote malware on their channels
A computer screen showing a spreadsheet in use.
This entire nation's public health department was found to be running on a single Excel spreadsheet
Latest in News
Apple's Craig Federighi demonstrates the iPhone Mirroring feature of macOS Sequoia at the Worldwide Developers Conference (WWDC) 2024.
Report: iOS 19 and macOS 16 could mark their biggest design overhaul in years – and we have one request
Google Gemini Calendar
Gemini is coming to Google Calendar, here’s how it will work and how to try it now
Lego Mario Kart – Mario & Standard Kart set on a shelf.
Lego just celebrated Mario Day in the best way possible, with an incredible Mario Kart set that's up for preorder now
TCL QM7K TV on orange background
TCL’s big, bright new mid-range mini-LED TVs have built-in Bang & Olufsen sound
Apple iPhone 16e
Which affordable phone wins the mid-range race: the iPhone 16e, Nothing 3a, or Samsung Galaxy A56? Our latest podcast tells all
An image of a Jackbox Games Party Pack
Jackbox games is coming to smart TVs in mid-2025, and I can’t wait to be reunited with one of my favorite party video games
More about pro
Ryzen AI Max+ 395

Race to launch most powerful AI mini PC ever heats up as GMKTec confirms Ryzen AI Max+ 395 product for May 2025
Whirlwind I Computer

Happy birthday, Director! The first operating system in the world turns 70 today
An image of a Jackbox Games Party Pack

Jackbox games is coming to smart TVs in mid-2025, and I can’t wait to be reunited with one of my favorite party video games
See more latest
Most Popular
An image of a Jackbox Games Party Pack
Jackbox games is coming to smart TVs in mid-2025, and I can’t wait to be reunited with one of my favorite party video games
Google Gemini Calendar
Gemini is coming to Google Calendar, here’s how it will work and how to try it now
Ryzen AI Max+ 395
Race to launch most powerful AI mini PC ever heats up as GMKTec confirms Ryzen AI Max+ 395 product for May 2025
Apple iPhone 16e
Which affordable phone wins the mid-range race: the iPhone 16e, Nothing 3a, or Samsung Galaxy A56? Our latest podcast tells all
Apple's Craig Federighi demonstrates the iPhone Mirroring feature of macOS Sequoia at the Worldwide Developers Conference (WWDC) 2024.
Report: iOS 19 and macOS 16 could mark their biggest design overhaul in years – and we have one request
Whirlwind I Computer
Happy birthday, Director! The first operating system in the world turns 70 today
Lego Mario Kart – Mario & Standard Kart set on a shelf.
Lego just celebrated Mario Day in the best way possible, with an incredible Mario Kart set that's up for preorder now
Tesla Model 3
Tesla's EV sales are plummeting – as used Model Y and Model 3 prices crash to bargain levels
TCL QM7K TV on orange background
TCL’s big, bright new mid-range mini-LED TVs have built-in Bang & Olufsen sound
A computer screen showing a spreadsheet in use.
This entire nation's public health department was found to be running on a single Excel spreadsheet