Possible Non GPLv2 compatible code in ExpectDeprecationTrait

Edit: Correction on the provenance, it started as CC BY-SA 3.0 not 2.5 (no change in statements above regarding compatibility concerns)

Yep we need to re-write this code.

I;ve looked for other links to stackoverflow in our code base. There are a few the others seem to involve much less code but I guess need to be reviewed as well.

Saw blog post that the next Alpha will be released in the near future.

Should this be classified as an Alpha blocker and release blocker?

The monthly security window I believe is tomorrow, doss this have any impact on that window?

Do we even need this function? It's only used when throwing this exception:

throw new \RuntimeException(sprintf('%s registered its own error handler (%s) without restoring the previous one before or during tear down. This can cause unpredictable test results. Ensure the test cleans up after itself.',
  $this->name(),
  self::getCallableName($handler),
));

Wouldn't it be enough without self::getCallableName($handler)?

Should we not seek an opinion from a the licensing working group?

The monthly security window I believe is tomorrow, doss this have any impact on that window?

I don't think so. This is an existing issue that has already been released. If it would be the first release with it in maybe but that's not the case.

I agree with #6 let's just remove the code. We can open an issue to reimplement if we like.

Agree, let's just remove the offending code for now, we don't strictly need it here. If we want to reintroduce it again by rewriting it in the future we can do that in another issue.

Makes sense to just remove it, the error message is decent without it.

Please take that into account that while the comments below are not intended to be an 'alarmist' reaction, I am well aware that this particular incident is minor at the moment (and overall is one of the least significant I've encountered in my history with software), the goal is to ensure it does not become more significant and to ensure any future incidents also have a well grounded base in place to avoid them possibly becoming significant.

Should we not seek an opinion from a the licensing working group?

I would suggest no matter what the Core Team/The Project Lead (Dries) will want to run this past legal to ensure they properly unwind this to ensure no future legal entanglement.

I don't think so. This is an existing issue that has already been released. If it would be the first release with it in maybe but that's not the case.

The phrase "Knowingly, willfully, and repeatedly" could be used to describe publishing additional releases or commits after the core team is made aware of the issue. It is one thing for something like this to happen without knowledge there is some room for compassion and more lenient mitigation.

The Linksys GPLv2 case is one of the most notable example of case law on this subject. The platform went from being Closed Source to Open Source GPLv2. An equivalent scenario for the Drupal Project in this case could be that the code no longer qualify as GPLv2 and would be GPLv3 only, not the worst situation that could happen, however I also suspect this is not desired by the Core Team.

Agree, let's just remove the offending code for now, we don't strictly need it here.

Seems reasonable.

In the migrate_plus module, I credited StackOverflow: https://git.drupalcode.org/project/migrate_plus/-/blob/6.0.x/src/Plugin/...

    // @see https://stackoverflow.com/a/47718734/3130080
    return array_map(NULL, ...$table);

Does that seem problematic? Once you know to look for it, that usage of array_map() is also documented in the PHP docs: https://www.php.net/array_map#example-5199. Unlike the code in this issue, it is a one-liner.

For me personally, Creative Commons licenses are not software licenses at all. That means we should treat StackOverflow as documentation (or a discussion forum etc.), and if code follows that documentation and references the documentation it comes from, that is compatible with with a Creative Commons license and does not imply that using the code itself adopts that license.

Code on stack overflow is not released as code, it's embedded in a text document as an example, it's not even like a gist which might be a small standalone program.

Obviously I am not a lawyer, and also I have zero interest in whether this argument would stand up in court, and doubt it would ever need to.

Discussed with @longwave and we agreed to put this back to 11.0.x in case we do a security release on 11.0.x.

Committed and pushed 405ac9dad3c to 11.x and 7769a956fbe to 11.1.x and 902e7a8c57a to 11.0.x. Thanks!