Comment 7 for bug 1287726

On Mon, Apr 14, 2014 at 06:10:31PM -0000, Mads Martin Jørgensen wrote:

[...]

> ...All of
> the services provided on a Ubuntu system will potentially break, since
> it does not conform to the json standard that everyone else does.

That doesn't really give me a helpful real world understanding of bug
impact. Instead of "it will potentially break", I'd prefer to hear
something like "it will break in the specific case X, which is widely
deployed because of popular framework Y, so Z% of users will see a
regression".

Without an understanding similar to this, I am not informed enough to
prioritise this at all.

[...]

> Do not forget the fact, that the reason it was removed was that it had
> this line together with its license: "The Software shall be used for
> Good, not Evil." which makes it 'non-free' software. Have a look at the
> entire license here, and see for yourself.
>
> http://www.json.org/license.html

I'm not interested in debating legals in this bug. Please take your
argument to Debian, or to ubuntu-devel if you want Ubuntu to differ from
Debian on this point. It would not be reasonable to unilaterally make a
potentially legal-impacting change on the basis of a few proponents in
this bug. We should not do it without consulting the wider community.

> It's still a possibility to simply ship the php-json included in php,
> instead of potentially breaking thousands of server setups that rely on
> a php-json conforming to the json standard.

Sorry for responding to this after Trusty's release. I had to take some
time off for personal reasons. But three days before release was not a
reasonable timeframe to achieve consensus and make the change anyway,
had I responded earlier.

The two options you have now are:

1) Convince the Debian or Ubuntu projects to take a different legal
stance on whether the json module embedded in upstream php is
redistributable. This bug is not the appropriate venue for this; please
take it to mailing lists.

2) Fix the replacement json module to match php upstream's behaviour.
This approach seems much easier to me. It sounds like upstream would be
happy to accept patches, and there will be no legal minefield or
flamewar to negotiate either. We can certainly include such a fix in the
next release, and I think a fix to Trusty may be reasonable, too.