Usage of AP Icon and Name in related open source plugin?

Hi @dartrax!

Please do not use the icon (and I really wish you’d waited for my reply on this).

As for the name, I’m fine with it, though I think it would be better if it stated the relationship more clearly (i.e. that it is an integration layer between to separate ”products”). Hover, I’m not familiar with Flarum naming conventions. That aside, I’d suggest you ask the appropriate channels regarding the use of the WordPress trademark.

I’ve looked over your repository and I’ve noticed two things:

1. Your plugin uses MPL 2.0. This means you can’t reuse any GPLed code from the WordPress plugin, even with proper attribution, because the licenses are not compatible (at least not in that direction). (You are not doing that at the moment, but that brings me to my second point.)
2. The assumptions regarding hash generation will probably not hold forever and so the current implementation is very, very fragile. In fact, it will probably not work for some people today because Avatar Privacy up to and including 2.3.x encodes the “object type” (anonymous comment or registered user) into the subdirectory, without even considering local avatars, default avatars etc.

BTW, you have disabled the issues tracker in the repository (though the README says to open issues).

Hi @pputzer,
thanks for your reply!

• The extension is not yet released or made public to the flarum extension repository (extiverse), I would not have done that without your permission.
  Changing the icon’s color is not enough, I assume? I’ll use some font-awesome-icon, in that case.
• I’ll update the Tagline beneath the title to better express the relationship.
• Thank you for even looking into the repository and for pointing out the issue tracker, I’ll enable that.
• Can you explain how the object type is encoded into the subdirectory? In which file/line can I find that? I do only need the cached avatar urls for registered users, because anonymous avatars are not used at flarum.
• I know it’s fragile because I do not use an official, documented way to obtain the avatars. I’ve tried to get the avatar url by rest api call, but I’ve got “Sorry, you are not allowed to list users.” for non admins even if I just need the avatar of the logged-in user. So the current way is fast and works for me for now, may be I or someone else comes up with a better solution in future.
• Should I use any of your or wordpress’ code in future, which license do I need? GPL 2.0 I assume…

Hi @dartrax,

Unfortunately, changing the colors won’t be enough no. (GitHub is public, too.)

The subdirectory is generated here, though I’ve removed that logic from (the currently unreleased) version 2.4.0.

WordPress 5.6 includes application passwords as an authentication method for the REST API, so that may help you here? If not, I think there are plugins to add OAuth2 as an authentication method (in addition to the cookie-based authentication included with Core).

Using the REST API would certainly be the better approach, because the path to the cached avatars also depends on whether it’s a locally uploaded avatar, a cached gravatar or a default avatar generated for that user.

As for incorporating parts of WordPress plugins, please always have a look at the included LICENSE and any the licenses of any third-party modules (which may differ, although they must be compatible with GPL overall). WordPress plugins in the repository may be GPL 2.0, GPL 3.0 or GPL x.x-or-later (e.g. GPL 2.0+). If you do copy code, it should be documented in the source file (with original attribution and license provisions) and in the docblocks of the methods/classes/functions containing the re-used code, not just the README. (The classic answer to “May I …” is “It depends”.)

• This reply was modified 4 years, 2 months ago by pepe.

Thank you for your explanations. I hope I’ve changed or at least documented all the new aspects and ideas by now, if that’s the case, you may close the topic ??