digitalmars.D.announce - pure D JPEG decoder, with progressive JPEG support, public domain
- ketmar (5/5) Jun 17 2016 finally, the thing you all waited for years is here! pure D
- John Colvin (8/13) Jun 17 2016 awesome.
- Kagamin (3/9) Jun 17 2016 Uh oh, a license is revokable? What happens when boost license is
- ag0aep6g (3/4) Jun 17 2016 No, it's not, but you can publish stuff under multiple licenses at the
- ketmar (7/13) Jun 17 2016 ah, i know about PD caveats. but the original source was PD, so i
- Rory McGuire via Digitalmars-d-announce (10/24) Jun 17 2016 Thanks for that info. I don't think it would help if ketmar made it MIT ...
- ketmar (3/7) Jun 17 2016 ah, just fork it and slap Boost license on top! i myself have no
- ketmar (4/7) Jun 17 2016 p.s. i'm pretty sure that somebody *will* fork it soon to get it
- ketmar (4/18) Jun 17 2016 i put it under unlicense[1], as some other works of the same
- Andrei Alexandrescu (4/9) Jun 17 2016 Nice, thanks for this work. I see it has 3213 lines. I take it the
- ketmar (17/20) Jun 17 2016 it's a complete port of jpegd.h+jpegd.cpp (so, no encoder). it is
- Observer (18/22) Jun 18 2016 This statement stands out as a problem. There are lots of
- ketmar (17/18) Jun 18 2016 no. i believe that it's all strongly overrated. don't run
- Adam D. Ruppe (6/8) Jun 18 2016 Not always though. The main case I'd use a little single-file
- Andrei Alexandrescu (3/8) Jun 17 2016 https://www.reddit.com/r/programming/comments/4oj7ja/public_domain_jpeg_...
finally, the thing you all waited for years is here! pure D no-frills JPEG decoder with progressive JPEG support! Public Domain! one file! no Phobos or other external dependecies! it even has some DDoc! grab it[1] now while it's hot! [1] http://repo.or.cz/iv.d.git/blob_plain/HEAD:/jpegd.d
Jun 17 2016
On Friday, 17 June 2016 at 13:05:47 UTC, ketmar wrote:finally, the thing you all waited for years is here! pure D no-frills JPEG decoder with progressive JPEG support! Public Domain! one file! no Phobos or other external dependecies! it even has some DDoc! grab it[1] now while it's hot! [1] http://repo.or.cz/iv.d.git/blob_plain/HEAD:/jpegd.dawesome. Without wanting to start a huge thing about this, see http://linuxmafia.com/faq/Licensing_and_Law/public-domain.html and http://www.rosenlaw.com/lj16.htm and please at least add an optional licencing under a traditional permissive open-source license (boost would be nice, who knows, maybe phobos should have jpeg support?).
Jun 17 2016
On Friday, 17 June 2016 at 13:35:58 UTC, John Colvin wrote:Without wanting to start a huge thing about this, see http://linuxmafia.com/faq/Licensing_and_Law/public-domain.html and http://www.rosenlaw.com/lj16.htm and please at least add an optional licencing under a traditional permissive open-source license (boost would be nice, who knows, maybe phobos should have jpeg support?).Uh oh, a license is revokable? What happens when boost license is revoked?
Jun 17 2016
On 06/17/2016 04:08 PM, Kagamin wrote:Uh oh, a license is revokable? What happens when boost license is revoked?No, it's not, but you can publish stuff under multiple licenses at the same time.
Jun 17 2016
On Friday, 17 June 2016 at 13:35:58 UTC, John Colvin wrote:Without wanting to start a huge thing about this, see http://linuxmafia.com/faq/Licensing_and_Law/public-domain.html and http://www.rosenlaw.com/lj16.htm and please at least add an optional licencing under a traditional permissive open-source license (boost would be nice, who knows, maybe phobos should have jpeg support?).ah, i know about PD caveats. but the original source was PD, so i don't feel like adding any other license on top of it will be good. not that it is legally impossible, i just want to keep it as the original author intended. after all, anybody can just fork it and add any license he wants. it is unlikely that the thing will get extensive upgrades anyway. ;-)
Jun 17 2016
On Fri, Jun 17, 2016 at 3:35 PM, John Colvin via Digitalmars-d-announce < digitalmars-d-announce puremagic.com> wrote:On Friday, 17 June 2016 at 13:05:47 UTC, ketmar wrote:Thanks for that info. I don't think it would help if ketmar made it MIT / Boost licensed or any other, if the original authors relatives chose to dispute the license it the fact that the code is based on the PD code would make it hard to protect. I think that source code under PD might get exception to the laws in those articles because of the way PD is used globally and what its intent is, and what our common understanding of it is. However that would probably go to court to settle.finally, the thing you all waited for years is here! pure D no-frills JPEG decoder with progressive JPEG support! Public Domain! one file! no Phobos or other external dependecies! it even has some DDoc! grab it[1] now while it's hot! [1] http://repo.or.cz/iv.d.git/blob_plain/HEAD:/jpegd.dawesome. Without wanting to start a huge thing about this, see http://linuxmafia.com/faq/Licensing_and_Law/public-domain.html and http://www.rosenlaw.com/lj16.htm and please at least add an optional licencing under a traditional permissive open-source license (boost would be nice, who knows, maybe phobos should have jpeg support?).
Jun 17 2016
On Friday, 17 June 2016 at 14:28:52 UTC, Rory McGuire wrote:Thanks for that info. I don't think it would help if ketmar made it MIT / Boost licensed or any other, if the original authors relatives chose to dispute the license it the fact that the code is based on the PD code would make it hard to protect.ah, just fork it and slap Boost license on top! i myself have no objections, and i doubt that the original author will object too.
Jun 17 2016
On Friday, 17 June 2016 at 14:33:41 UTC, ketmar wrote:ah, just fork it and slap Boost license on top! i myself have no objections, and i doubt that the original author will object too.p.s. i'm pretty sure that somebody *will* fork it soon to get it to code.dlang.org. i won't do that myself, but again, i have no objections.
Jun 17 2016
On Friday, 17 June 2016 at 13:35:58 UTC, John Colvin wrote:On Friday, 17 June 2016 at 13:05:47 UTC, ketmar wrote:i put it under unlicense[1], as some other works of the same author is using it, and it is basically the same PD. [1] http://unlicense.org/finally, the thing you all waited for years is here! pure D no-frills JPEG decoder with progressive JPEG support! Public Domain! one file! no Phobos or other external dependecies! it even has some DDoc! grab it[1] now while it's hot! [1] http://repo.or.cz/iv.d.git/blob_plain/HEAD:/jpegd.dawesome. Without wanting to start a huge thing about this, see http://linuxmafia.com/faq/Licensing_and_Law/public-domain.html and http://www.rosenlaw.com/lj16.htm and please at least add an optional licencing under a traditional permissive open-source license (boost would be nice, who knows, maybe phobos should have jpeg support?).
Jun 17 2016
On Friday, 17 June 2016 at 22:15:47 UTC, ketmar wrote:i put it under unlicense[1], as some other works of the same author is using it, and it is basically the same PD. [1] http://unlicense.org/Unfortunately, using unlicense is just as problematic as using public domain: https://programmers.stackexchange.com/questions/147111/what-is-wrong-with-the-unlicense The next best thing is the CC0 license (Creative Commons Zero) which is better written than unlicense but it's currently not recommended for software / source code. http://copyfree.org/content/standard/licenses/cc0/license.txt After that, the most-open licenses with good legal standing would be Boost and MIT but then you run into the same issues again with incompatible licenses. I don't have any recommendations but I thought it was worth pointing out that unlicense isn't the solution here.
Jun 17 2016
On Friday, 17 June 2016 at 23:17:56 UTC, Xinok wrote:On Friday, 17 June 2016 at 22:15:47 UTC, ketmar wrote:alas, that is all i can do without breaking the "spirit" of the original terms. i'm ok with it, and people still can fork the code and relicense in under Boost/MIT.i put it under unlicense[1], as some other works of the same author is using it, and it is basically the same PD. [1] http://unlicense.org/Unfortunately, using unlicense is just as problematic as using public domain: https://programmers.stackexchange.com/questions/147111/what-is-wrong-with-the-unlicense
Jun 17 2016
On 06/17/2016 09:05 AM, ketmar wrote:finally, the thing you all waited for years is here! pure D no-frills JPEG decoder with progressive JPEG support! Public Domain! one file! no Phobos or other external dependecies! it even has some DDoc! grab it[1] now while it's hot! [1] http://repo.or.cz/iv.d.git/blob_plain/HEAD:/jpegd.dNice, thanks for this work. I see it has 3213 lines. I take it the source is https://github.com/richgel999/jpeg-compressor. How many lines from there are reflected in the D code? -- Andrei
Jun 17 2016
On Friday, 17 June 2016 at 13:51:29 UTC, Andrei Alexandrescu wrote:Nice, thanks for this work. I see it has 3213 lines. I take it the source is https://github.com/richgel999/jpeg-compressor. How many lines from there are reflected in the D code? -- Andreiit's a complete port of jpegd.h+jpegd.cpp (so, no encoder). it is almost 1:1 to c++ code, including fancy templated row/col decoders and 4x4 matrix mini-class. mostly sed work, and after i made it to compile (and fixed silly bug in CLAMP that i introduced) it "just works". i replaced stream reader class with delegate (we have such a great delegates in D, so let's use 'em! ;-), but otherwise the code is unmodified. ah, i also put `.ptr` to array access to skip bounds checking -- i love to build my code with bounds checking on, and i don't feel that i need it in this decoder -- it should be fairly well-tested. so you may assume that all of the lines there are came from c++ (sans some curly brackets). of course, one can do much better work by writing "idiomatic" D code, i guess, but that would be much greater work -- not a "port", but "rewrite".
Jun 17 2016
On Friday, 17 June 2016 at 14:20:14 UTC, ketmar wrote:ah, i also put `.ptr` to array access to skip bounds checking -- i love to build my code with bounds checking on, and i don't feel that i need it in this decoder -- it should be fairly well-tested.This statement stands out as a problem. There are lots of security notices out there that refer to media-decoding problems. Remember, in the context of image decoding, you're often handling untrusted data from external sources. The security notices often talk about "carefully crafted" files; here's just one simple example: http://www.videolan.org/security/sa0702.html Here are a couple more, regarding the infamous Adobe Flashplayer: https://hackerone.com/reports/30567 https://hackerone.com/reports/36279 Not convinced? Let's not stop there; let's look specifically at what has happened with JPEG in the past, such as: http://download.oracle.com/sunalerts/1000310.1.html http://www.theregister.co.uk/2004/09/24/jpeg_exploit_toolkit/ You need to think not just about your own code, but also about the overall environment in which it will operate.
Jun 18 2016
On Saturday, 18 June 2016 at 19:52:20 UTC, Observer wrote:Not convinced?no. i believe that it's all strongly overrated. don't run software with full access to your system, don't feed it with untrusted data, use sandboxes and such, etc. this is the way to go, not adding endless checks for all possible corner cases. still, anyone is free to undo that: just replace all `\.ptr\b` with empty string -- and voila! all the bounds checking (and mind you, there is little, as many arrays are just malloc'ed anyway) is back. it's way easier to do than to put `.ptr` into vanilla code. for my use cases `.ptr` access is ok: i prefer to leave bounds checking on for all builds, and manually escape it in the code when i feel that it is necessary. in other words: i believe that validating data and loading/processing data should be separated. first validate all your jpegs with some tool, then use loaders to actually load and process 'em.
Jun 18 2016
On Saturday, 18 June 2016 at 19:52:20 UTC, Observer wrote:in the context of image decoding, you're often handling untrusted data from external sourcesNot always though. The main case I'd use a little single-file thing is for files that I created and packaged with the application myself, but wanted to be small for distribution. If I wanted my program to do something naughty, I wrote it, I'd just make it do something naughty!
Jun 18 2016
On 06/17/2016 09:05 AM, ketmar wrote:finally, the thing you all waited for years is here! pure D no-frills JPEG decoder with progressive JPEG support! Public Domain! one file! no Phobos or other external dependecies! it even has some DDoc! grab it[1] now while it's hot! [1] http://repo.or.cz/iv.d.git/blob_plain/HEAD:/jpegd.dhttps://www.reddit.com/r/programming/comments/4oj7ja/public_domain_jpeg_decoder_with_progressive/ Andrei
Jun 17 2016