License incompatiblity mongoose and swiften

[coldtobi]

Hi,

I'm currently trying to package spectrum2 for Debian (see "Intent to package bug")

I've uploaded the package already, but it has failed the license review by the Debian FTP masters.

Hi Tobias,

this package is mixing GPL-2 software (spectrum_manager/src/mongoose.) with GPL-3 software (include/Swiften/).
According to [1] this is not allowed.

[1] https://www.gnu.org/licenses/gpl-faq.html#AllCompatibility

I fear the assessment of the FTP team is correct: mongoose is GPL2 only and the swiften includes are GPL-3, which are not compatible.

Unfortunatly I haven't find time to deeply analyse it completly, e.g if spectrum2_manager is using swiften includes, or there are other incompatible licenses mixes. Any hints would be appreciated!

Thanks

[vitalyster]

#436 see previous discussion

[coldtobi]

#436 is not really the same issue I've brought to your attention.
OpenSSL is now available with Apache 2.0, so this isn't an issue anymore.

Mongoose is the problem, as it is GPL-V2 only.

I was researching a bit, there is a mongoose fork which is MIT. This would solve the problem
https://github.com/civetweb/civetweb

I've not checked how much the API is different, or if there are othe reasons why civetweg would not be suitable.

[vitalyster]

After the quick look I see API is very different and updating to any other http server library will need a same amount of developer time. I may prefer to use Boost.Beast in the future as we already use Boost to reduce number of dependencies.

For the quick solution you can just disable server command of the server_manager for Debian packages, HTTP interface is a work-in-progress feature anyway.

[vitalyster]

See #467 for the progress on -DENABLE_WEBUI=OFF option