Open source license woes
-
Just FYI, from what I read it seems like CPOL isn't compatible with GNU GPL: - So if you have a GNU GPL dependency it might be illegal to use a CPOL license on your project, - and it might be illegal for anyone who uses a (viral) GNU GPL dependency to use your work under a CPOL license. license compatibility - Can I use CodeProject code in a GPL project? - Open Source Stack Exchange[^]
Quote:
CPOL is not an open source license according to the OSI definition. It has a clause which does not allow it to be used for any purpose as mandated by the GPL or MIT license:
Quote:
You agree not to use the Work for illegal, immoral or improper purposes, or on pages containing illegal, immoral or improper material.
If that's true it makes CPOL more restrictive than BSD, can anybody weigh in on this? Was this intentional?
I think the best person to answer that is @chris-maunder
Wrong is evil and must be defeated. - Jeff Ello Never stop dreaming - Freddie Kruger
-
Just FYI, from what I read it seems like CPOL isn't compatible with GNU GPL: - So if you have a GNU GPL dependency it might be illegal to use a CPOL license on your project, - and it might be illegal for anyone who uses a (viral) GNU GPL dependency to use your work under a CPOL license. license compatibility - Can I use CodeProject code in a GPL project? - Open Source Stack Exchange[^]
Quote:
CPOL is not an open source license according to the OSI definition. It has a clause which does not allow it to be used for any purpose as mandated by the GPL or MIT license:
Quote:
You agree not to use the Work for illegal, immoral or improper purposes, or on pages containing illegal, immoral or improper material.
If that's true it makes CPOL more restrictive than BSD, can anybody weigh in on this? Was this intentional?
I wonder how immoral or improper would end getting defined in court. They're not the same as illegal.
Robust Services Core | Software Techniques for Lemmings | Articles
The fox knows many things, but the hedgehog knows one big thing. -
I think the best person to answer that is @chris-maunder
Wrong is evil and must be defeated. - Jeff Ello Never stop dreaming - Freddie Kruger
Yes, it would be nice to have an official response. As you might imagine it's quite a huge risk to leave this sort of thing up to chance. I hope the SE post is incorrect. Maybe adding something to the license like the DUMB decoder did might help reassure people that CPOL can mix with GNU GPL, if it wasn't CPOL's intent to add breaking clauses: dumb/LICENSE at 396caa4d31859045ccb5ef943fd430ca4026cce8 · kode54/dumb · GitHub[^] Sadly there's not much room for "creativity" when it comes to compatibility with viral licenses. I can't afford the lawyers and I wouldn't know one who could answer this anyway (no precedent anywhere).
-
Just FYI, from what I read it seems like CPOL isn't compatible with GNU GPL: - So if you have a GNU GPL dependency it might be illegal to use a CPOL license on your project, - and it might be illegal for anyone who uses a (viral) GNU GPL dependency to use your work under a CPOL license. license compatibility - Can I use CodeProject code in a GPL project? - Open Source Stack Exchange[^]
Quote:
CPOL is not an open source license according to the OSI definition. It has a clause which does not allow it to be used for any purpose as mandated by the GPL or MIT license:
Quote:
You agree not to use the Work for illegal, immoral or improper purposes, or on pages containing illegal, immoral or improper material.
If that's true it makes CPOL more restrictive than BSD, can anybody weigh in on this? Was this intentional?
Yes, it was intentional. When the CPOL was created the legal climate around software was vague and, frankly, dangerous for developers. We were aware of cases against software developers who had given away code without any self-protection and we determined that it would be a disservice to our members not to offer them protection (and choice, obviously) Our lawyers highlighted one case in particular where a developer was sued because their code was used for malicious purposes. This motivated us to put the "don't be bad" clause. Further, things like being clear about the jurisdiction can be the difference between a developer getting treated fairly and a developer getting hung drawn and quartered. We're not a fan of GPL because while it's "open and free" in the sense you get to see the code and you can use it how you wish, you're not actually free to make proprietary extensions of the code. You add your own cleverness, do some amazing work using the code, and you MUST open it up to the world. That's not how the world works. So the CPOL is about 1. Protecting our members who share code by buttoning down the many legal agreements that were out there 2. Ensuring other developers can use our members' code freely, and to innovate with that code commercially 3. To ensure the code was open, in the sense that the source code must be available to read
cheers Chris Maunder
-
Yes, it was intentional. When the CPOL was created the legal climate around software was vague and, frankly, dangerous for developers. We were aware of cases against software developers who had given away code without any self-protection and we determined that it would be a disservice to our members not to offer them protection (and choice, obviously) Our lawyers highlighted one case in particular where a developer was sued because their code was used for malicious purposes. This motivated us to put the "don't be bad" clause. Further, things like being clear about the jurisdiction can be the difference between a developer getting treated fairly and a developer getting hung drawn and quartered. We're not a fan of GPL because while it's "open and free" in the sense you get to see the code and you can use it how you wish, you're not actually free to make proprietary extensions of the code. You add your own cleverness, do some amazing work using the code, and you MUST open it up to the world. That's not how the world works. So the CPOL is about 1. Protecting our members who share code by buttoning down the many legal agreements that were out there 2. Ensuring other developers can use our members' code freely, and to innovate with that code commercially 3. To ensure the code was open, in the sense that the source code must be available to read
cheers Chris Maunder
I understand, thanks for the response!
-
Yeah, I need to decode Punycode in a project. So I find myself reading the RFC[^]. Oh look, there is a sample encoder/decoder right there in the RFC! It's my lucky day. But wait... LibIDN[^] has a verbatim copy of this code with almost no changes with the GNU license slapped onto it. But wait... the RFC is also 'Copyright (C) The Internet Society (2003). All Rights Reserved.' at the bottom which isn't mentioned anywhere on the GNU provided code. I can infer that I am not the first person to ask about this... the GNU header says the following:
/*
* This file is derived from RFC 3492bis written by Adam M. Costello,
* downloaded from http://www.nicemice.net/idn/punycode-spec.gz on
* 2015-03-02 with SHA1 a966a8017f6be579d74a50a226accc7607c40133, a
* copy of which is stored in the GNU Libidn version controlled
* repository under doc/specification/punycode-spec.gz.This is legal speak for 'We took this from a work in the public domain'. This is like following a spider web... let's keep following the threads. So let's check the original licence at http://www.nicemice.net/idn/punycode-spec.gz[^]
B. Disclaimer and license
Regarding this entire document or any portion of it (including the pseudocode and C code), the author makes no guarantees and is not responsible for any damage resulting from its use. **The author grants irrevocable permission to anyone to use, modify, and distribute it in any way that does not diminish the rights** of anyone else to use, modify, and distribute it, provided that redistributed derivative works do not contain misleading author or version information. Derivative works need not be licensed under similar terms.So without being a lawyer I interpret this as a guy named Adam wrote the Punycode RFC and put it into the public domain. Then the 'The Internet Society' slapped a copyright on the code. Then someone working on LibIDN copied the code and slapped a third lice
-
Yeah, I need to decode Punycode in a project. So I find myself reading the RFC[^]. Oh look, there is a sample encoder/decoder right there in the RFC! It's my lucky day. But wait... LibIDN[^] has a verbatim copy of this code with almost no changes with the GNU license slapped onto it. But wait... the RFC is also 'Copyright (C) The Internet Society (2003). All Rights Reserved.' at the bottom which isn't mentioned anywhere on the GNU provided code. I can infer that I am not the first person to ask about this... the GNU header says the following:
/*
* This file is derived from RFC 3492bis written by Adam M. Costello,
* downloaded from http://www.nicemice.net/idn/punycode-spec.gz on
* 2015-03-02 with SHA1 a966a8017f6be579d74a50a226accc7607c40133, a
* copy of which is stored in the GNU Libidn version controlled
* repository under doc/specification/punycode-spec.gz.This is legal speak for 'We took this from a work in the public domain'. This is like following a spider web... let's keep following the threads. So let's check the original licence at http://www.nicemice.net/idn/punycode-spec.gz[^]
B. Disclaimer and license
Regarding this entire document or any portion of it (including the pseudocode and C code), the author makes no guarantees and is not responsible for any damage resulting from its use. **The author grants irrevocable permission to anyone to use, modify, and distribute it in any way that does not diminish the rights** of anyone else to use, modify, and distribute it, provided that redistributed derivative works do not contain misleading author or version information. Derivative works need not be licensed under similar terms.So without being a lawyer I interpret this as a guy named Adam wrote the Punycode RFC and put it into the public domain. Then the 'The Internet Society' slapped a copyright on the code. Then someone working on LibIDN copied the code and slapped a third lice
I used to do R&D and some consultancy for a small firm, mostly for idiot bosses that didn't understand anything beyond billing people. One time, my boss handed me a "ready-to-go" project from "a really disruptive young developer" with the intent of having me do some minor visual tweaks and general QA. The project consisted out of a painstaking manual recreation of an existing proprietary UI, some GPL-3 source code, and 1 major project under a very dubious "you now owe us 10.000" custom license. My boss eluded that "he gave the developer a picture of the original software, so he would know what to build" and basically considered the entire thing a new and original work. Because he had asked a guy to build it for him. The stupidity of some people. :|
