Bug 491790

Summary: Review Request: mediawiki-SpamBlacklist - An extension to provide a Spam Blacklist management system
Product: [Fedora] Fedora Reporter: John Guthrie <mathguthrie>
Component: Package ReviewAssignee: Nobody's working on this, feel free to take it <nobody>
Status: CLOSED NOTABUG QA Contact: Fedora Extras Quality Assurance <extras-qa>
Severity: medium Docs Contact:
Priority: medium    
Version: rawhideCC: fedora-package-review, notting, tcallawa
Target Milestone: ---   
Target Release: ---   
Hardware: All   
OS: Linux   
Whiteboard:
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2010-02-09 00:26:32 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Bug Depends On:    
Bug Blocks: 201449    

Description John Guthrie 2009-03-24 04:06:02 UTC 
Spec URL: http://www.guthrie.info/RPMS/f10/mediawiki-SpamBlacklist.spec
SRPM URL: http://www.guthrie.info/RPMS/f10/mediawiki-SpamBlacklist-0-0.3.20090318svn.fc10.src.rpm
Description: 
SpamBlacklist is a simple edit filter extension. When someone tries to save the
page, it checks the text against a potentially very large list of "bad"
hostnames. If there is a match, it displays an error message to the user and
refuses to save the page.

The list of bad URLs can be drawn from multiple sources, including a URL that
contains a list of bad URL regexes, a file that contains a list of bad URL
regexes, or a database location.  The last option will allow you to
manage a local blacklist from a wiki page.  By default, it used the blacklist
at http://meta.wikimedia.org/wiki/Spam_blacklist.

Whitelisting is supported as well.

Note from the author regarding stability:
 This extension has not been widely tested outside Wikimedia. Although it has
 been in production on Wikimedia websites since December 2004, it should be
 considered experimental. Its design is simple, with little input validation,
 so unexpected behaviour due to incorrect regular expression input or
 non-standard configuration is entirely possible.
Just to repeat, this is an *EXPERIMENTAL* extension.
Comment 1 John Guthrie 2009-03-24 04:28:12 UTC 
I should make a note regarding the value that I put in for the license field.

I have set the license field to "Freely distributable without restrictions" on the basis of the following URLs:

http://www.mediawiki.org/wiki/Extension:SpamBlacklist
http://www.mediawiki.org/wiki/Extension_talk:SpamBlacklist#Copyright
http://en.wikipedia.org/wiki/User:Tim_Starling
http://en.wikipedia.org/wiki/User:Tim_Starling/Free_software

I am also using the README file that is contained in the package as part of the basis for this value of the License tag.

I have also sent an email to the author to get a better clarification as well.
Comment 2 Jason Tibbitts 2009-07-09 02:40:07 UTC 
Did you receive clarification from the author?

Many of these mediawiki plugins suffer from terribly confusing licensing status.  
This one seems especially bad as the only thing we can really go on, the README file, says:

This extension and this documentation was written by Tim Starling and is 
ambiguously licensed.

I would argue that without clarification, there is no way this can go into Fedora.  It doesn't even seem that we have redistribution rights.  I guess I'll block FE-Legal.
Comment 3 Tom "spot" Callaway 2009-07-14 20:42:45 UTC 
I'm inclined to agree with Tibbs's assessment. There are two points to be made here:

1. There is no license on this code (and it is code, not content). Without a license, the code is non-free.

2. "Freely distributable without restrictions" is not an acceptable license for Fedora code.

You should get specific licensing terms from the copyright holder (aka, the author). Without that, this cannot move forward. His individual views on free software aside, the way that copyright law works is that the only right we are given simply by having access to his software is the right to use. We do not have the right to copy, modify, or redistribute. We need him to explicitly grant us (and anyone who gets the code from us) those rights.
Comment 4 John Guthrie 2009-07-26 17:12:28 UTC 
Alas, I have not received any kind of response from the author as yet.  I will try to contact him again.  If I still don't get a response, then we'll probably have to close the review request.
Comment 5 Tom "spot" Callaway 2009-12-01 01:03:40 UTC 
Just following up on this one, did you get any kind of response from the upstream author?
Comment 6 Jason Tibbitts 2010-02-09 00:26:32 UTC 
I'm going ahead and closing this given the AWOL status of the submitter.  Should anyone wish to resubmit, please address the legal issue first.