My impression is that by numbers, we're moving from big projects -- like Linux, LibreOffice, Gnome, KDE, Gimp, gcc, etc. -- to smaller projects -- small JavaScript libraries on github that people fork, merge, etc.
GPL makes a lot of sense for the former. If you write the Linux kernel, a ton of companies would take it, enhance it, and not contribute back without GPL. That's a big part of what killed BSD. On the other hand, almost no one is going to reimplement Linux just to get around the GPL -- it's cheaper and easier to just give back.
For the little libraries, permissive makes more sense. If your JavaScript control has a license that isn't permitted in my project, I'll just write my own in a day or two. If I enhance it, that's not a core advantage to my business, so I'll likely contribute it back.
If you write the Linux kernel, a ton of companies would take it, enhance it, and not contribute back without GPL.
That is always touted by GPL advocates, but where is the proof? Where are all the companies enhancing non-GPL-licensed software and not giving anything back? Where are the companies making money selling private forks of enhanced FreeBSD, NetBSD, OpenBSD, Ruby, Python, Ruby on Rails, X11, Apache, etc.?
It doesn't make sense. Maintaining your own changes in a big software project is a pain in the ass. It's worth contributing changes upstream if only so you don't have to maintain your own patches and re-merge them every release.
> That is always touted by GPL advocates, but where is the proof? Where are all the companies enhancing non-GPL-licensed software and not giving anything back?
They're doing it to GPL software. Take a look at pretty much any embedded Linux project and you will find a GPL violation. For example, most ARM devices are unusable without binary drivers that rely on specific builds of specific Linux kernel versions (example - you can't get sound or accelerated video on the Raspberry Pi!). I've had one plug computer maker tell me they have a custom version of Linux and they won't provide the source. Whenever I come across anything like that I report it at http://gpl-violations.org/
> Where are all the companies enhancing non-GPL-licensed software and not giving anything back? Where are the companies making money selling private forks of enhanced FreeBSD
Sun Microsystems?
I think part of it has to do with a tipping point: if you can hire up a good chunk of the key contributors and run with it, then it's easy to make a proprietary fork, and at the same time weaken the open source project. The GPL prevents this. The other thing that prevents it is if it's impossible/difficult to hire up enough people for a proprietary fork to outstrip development of an open fork. So with permissive licensed projects, you want a big core team comprising people with diverse interests and incentives.
Also, I think things have changed over time - perhaps, 'back in the day', there was more the idea of not contributing back by default, whereas I think far more companies have made their peace with open source these days, and understanding that being involved and contributing are good things. This tilts things in favor of permissive licenses.
I think part of it has to do with a tipping point: if you can hire up a good chunk of the key contributors and run with it, then it's easy to make a proprietary fork, and at the same time weaken the open source project. The GPL prevents this.
No, it doesn't. Those key contributors are still the copyright holders of the code they contributed, and they are free to redistribute those contributions under different terms. If they all work for one company, they can just license copies of their code to that new company under non-GPL terms. The GPL fork still exists, but now a new, closed-source version of the code can be made with all of that (now-)employee-written code. If there are enough of those components, that company can just rewrite the code contributed by others that were only licensed under GPL, and now they have a mostly duplicate version of the same program, able to be extended and resold without source code.
Digium does this for the Asterisk project. They have a GPL version that everyone is free to use, but nobody else is allowed to redistribute it without the source code. However, they make all contributors to the GPL project license their code to Digium so that Digium more-or-less owns the code, which Digium then turns around and sells under a closed-source license to companies that don't want to give their changes back to Asterisk.
Certainly, but by and large, the GPL does make this a lot more difficult if you're not planning to do it from the outset. With something like Linux, it'd be completely impossible.
Apple's kernel/userland A.K.A Darwin is available from Apple's open source website.
Apple has also contributed a lot that they weren't required to contribute. Sure they are an example, but they are not nearly as cut throat as people like to make them out to be. Look for Apple.com on commits to the FreeBSD source tree...
Microsoft's Windows Services for UNIX Version 3.5[1] and earlier versions are based off of NetBSD[2]. Until recently, 2008-9, they contributed nothing back.
Not sure which pieces you're talking about. Code changes to various open source projects within OS X, iOS, and Xcode can be found here (and the referenced sites therein).
Those projects are often not in a state where they can be compiled, and when they are you find that they are heavily redacted. For example, none of the code required to make any of that run correctly on ARM devices is available. (Given the context from this thread about large projects, however, I feel the redactions of things like touch events from WebKit, are a more serious issue.)
On the other hand, for the i386 copies of FreeBSD (which the great-grandparent was talking about), Apple does release working copies of their FreeBSD-derived kernel.
The xnu kernel is pretty far from FreeBSD. It's based on CMU Mach 2.5 (mainly virtual memory and IPC), 4.3BSD (mainly networking and VFS) and the Apple/NeXTSTEP-developed device driver framework called I/O Kit (which is written in C++). I don't think any kernel changes have been merged back into BSD. At this point they've probably deviated too far anyway.
Building xnu from public sources is quite an undertaking. It does still seem to be possible (although it got a lot harder with the x86 transition due to more proprietary drivers). The PureDarwin distribution still seems to be based on the Snow Leopard kernel, I'm not sure why. http://www.puredarwin.org/
Fair enough, although the parent of that post just talks in general about larger projects (such as the toolchain) and the post I directly responded to talks about Xcode.
So here's my take, GPL is pretty much the de facto choice for full open source applications, and here it makes much sense as it's a 'finished' product, and in many cases the individual parts of that finished product which are reusable are licenced permissively.
Meanwhile components like libraries, frameworks, have since long leaned towards permissive or atleast LGPL style licencing due to them constituting only a small part of whatever program they are used in.
Like the edited article states, the author was wrong in saying GPL is declining or that projects are in any way switching, the thing is that these days we see lots of new open source developments in web technology frameworks and these frameworks are predominantly permissively licenced as they are basically components on which full web solutions are built.
And given the sheer number of web oriented open source tech popping up these days it's no wonder we are seeing new permissively licenced code dwarfing new GPL licenced code these days. For example when I viewed the 'Popular Watched Repositories' list on github, the only ones I know are GPL licenced were Linux and Git, and the list was heavily dominated by web targeted projects.
Now there seems to be a strong anti-GPL sentiment in web dev, which is likely due to people working there relying heavily on open source components for their proprietary solutions and as such they simply can't use GPL, hence complaints.
Bottom line is that there is no 'one type fits all' licence, which is why we have licence proliferation. I've always held the belief that whatever the author chooses is the right option, be it permissive, GPL or even keeping it proprietary.
The LGPL addresses these concerns, and is in the sweet spot, I think: You can use the library without opening the code using the library, but any changes to the library itself must be given back.
It is very easy to work around the LGPL: the main thing it ends up protecting the user from is not being able to modify the exact functionality provided by the LGPL library inside of the surrounding software system.
As a case example: Apple has modifications to their version of WebCore (lower-level than WebKit, for context), a project shipped under LGPL (unlike WebKit, which is distributed under a modified BSD license).
However, they don't want to have to give out those changes, so they provide the source code to a WebKit with some minimal changes to call into new code that they then don't provide: it will compile, but you will get link errors.
Understand: this new code may be critical to the functionality of the library, and may be modifying the behavior of or even outright replacing key APIs and mechanisms of the LGPL library, in this case WebKit.
They then provide binary object files for the new functionality that they added, and the result is compiled together to form the unified WebCore dynamic library. Even though the result is a single linked-together library, this is totally legal under the LGPL, as I can still modify the original WebKit code if I wish and still manage to build Apple's modified WebKit binary.
In essence, the boundary around the LGPL code can be made very tight indeed, such that even code that is semantically required for the library to function does not fall under the redistribution requirements of the GPL part of the LGPL code.
(Every usage of "WebKit" in this comment that was not "lower-level than WebKit" and "unlike WebKit" should have been "WebCore". I wish I had noticed that mistake earlier. ;P)
You are correct that it is cheaper and easier to just give back, but that is generally true and isn't unique to the GPL. There are a great number of companies using the BSDs as the basis for their embedded projects, and they contribute their enhancements and bug fixes precisely because it is less expensive over time to do that than to keep those changes proprietary.
The USL lawsuit is what hampered the BSDs early on, and allowed Linux to get so much traction in mindshare, not the license.
Also, probably a first-mover advantage, early on. Linux, the GNU toolkit, etc. come on to the scene and are based on GPL, so a lot of developers's first experience with open/permissive/whatever software licensing was GPL. Over time, though, developers become aware of alternatives, and for various reasons, many use them.
I will write software that will be released under a GNU license because the entity that bought my time to do it can decide to put the result under whatever license suits their goal.
However, if the result of my work will be made available under a more permissive license i (most likely) demand less money since it ensures that i can reuse whatever i wrote.
I know the ruby and python worlds are almost universally BSD-ish licenses, and you will get a lot of flack for releasing something GPL. The reason is that most companies that use ruby or python libraries are totally happy to contribute back patches and be part of the open source ecosystem, but releasing something as GPL makes that impossible. And since there are a lot of companies doing ruby and python, there is a great deal of frustration when someone puts that block up.
Another interesting thing about that world is the level of quality and participation in an open source ecosystem that doesn't legally mandate participation. It leads me to think of the GPL as an exclusionary license.
I've taken to using LGPL for libraries, and GPL for applications. LGPL takes the stuff I like about BSD (everyone can use, including non GPL compatible stuff), and adds some more stuff I want (viral nature). For instance, I've been working on a platform for "competitive programming", where people write AIs to play games against each other. The game engines (programs that coordinate the game between players) are licensed under GPL, for they are my work, and I want people to contribute back if they use something out of them. The game libraries are LGPL however, as I don't want to dissuade people from using the libraries, but would like them to publish improvements they make.
Call me an idiot for saying it, but I would rather believe that people fundamentally aren't jerks and rely on community spirit rather then legally enforcing cooperation :)
I think the reason that happens for ruby and python is so many of the people using those platforms are startups where the technologists are the guys calling the shots, and it probably doesn't work universally, but I am glad I work in a part of the industry where we let people participate on their own terms, it just seems more meaningful.
I totally get that it isn't like that everywhere though, and the only way to get good cooperation is to hold a gun to the head of large corporations.
The reason is that most companies that use ruby or python libraries are totally happy to contribute back patches and be part of the open source ecosystem,
Then they should have absolutely no problem with the GPL.
but releasing something as GPL makes that impossible
Please explain how requiring distributors to include access to source code makes it impossible to contribute source code.
They are happy to contribute back the patches of a GPL library, but they don't want to open source their entire product just because it links a GPL library.
Because unless a software company is specifically structured to not make money off its source code, giving that away is pretty much the dumbest thing they can do. So when they want to build something and are evaluating options, if there is an MIT library that will get them most of the way, they will use it. If there is a commercial library that will get them most of the way, they will use it. If there is a GPL library, it doesn't matter how good it is, they will not use it and instead build their own thing from scratch.
I realize this website penalizes people for pointing out the obvious but I have to ask you, did you even read what you responded to because what you wrote has absolutely nothing to do with the question the GP asked. Getting your talking points in is one thing but at least try to put it in context.
>>>but releasing something as GPL makes that impossible
>>Please explain how requiring distributors to include access to source code makes it impossible to contribute source code.
> (me talking about how the requirement to distribute their source code will make companies not contribute to opensource)
I miss when I was a kid. If you made something cool and wanted to share it you'd just give it away as freeware on a BBS or magazine cover disk or something. You might include the source as well in case anyone wanted to hack on it. As comms technology evolved and two-way comms became more viable, a lot of people would publish an e-mail address, and if someone was interested enough to ask about how the author had achieved a certain effect or what sort of tools they used then they were often happy to start a discussion or share their code. No-one gave a damn about "licences" and "copyleft" or "freedom", we just hacked on code because it was fun and we shared it with fellow hackers because it felt good and we liked the healthy karma. The graphics/audio demo scene worked this way. Game modding communities worked this way. All kinds of useful little tools that helped the guy who wrote them and later helped other people as well got discovered and used this way.
I view the rise of EULAs and "terms and conditions" pages and all that junk to be one of the biggest retrograde steps in technological history, because most of the things in these documents are legal weasel words that don't have much to do with technology at all, or even with regular users who just want to use the software in a normal way for that matter. By playing the legal game, unfortunately the FSF has essential stolen the old embrace/extend/extinguish model from big business and applied it to hobbyist software development, legalificationalising it so that lots of people who just want to hack on code and share their results with anyone interested are now divided among fragmented communities and might not even know what they can and can't do any more. Way more time and effort gets spent worrying about licence agreements and how stuff can be used than anyone used to care about, and are we really any better off for it? I don't think we are.
It never seems to occur to anyone today that the reason things used to work well wasn't that hackers shared code because someone forced them to. It was that they shared code because they enjoyed it and other people often shared their own code in return for the same reason, without any formal obligation or having legalese bullshit plastered all over the top of every source file. I suspect if the only two licence agreements supported by law were "no copying without payment/permission" and "copy freely but give fair credit" no great harm would be done and a lot of people would waste a lot less time worrying about things other than building cool stuff with code. (Edit: Of course this is a simplification, but you get the idea.)
Without a license, someone who copied the code into their application could then be sued by the original developer.
This was fine in the demo scene, but if you want to expand FOSS to businesses and paid applications, you need licenses. It wasn't the FSF who introduced that - it's how copyright works.
Maybe using permissive licenses would've been better than introducing the GPL, but you'd still need some license.
That may all be true, but we used to get by on the most basic and plain English of agreements and a healthy dose of common sense, all of which is just as valid in court.
The world is not a better place because ordinary people with no legal training and better things to do with their time are subject to multi-page formal agreements, which most of them have never actually read, never mind understood. I don't care whether it's a software licence agreement or the terms for a network service, it's still the same basic problem.
we used to get by on the most basic and plain English of agreements and a healthy dose of common sense, all of which is just as valid in court.
Yes, but who's "we"? Did that include the thousands of business that nowadays use and contribute to OSS and also have lawyers to worry about those things?
The world is not a better place because ordinary people with no legal training and better things to do with their time are subject to multi-page formal agreements, which most of them have never actually read, never mind understood.
But it was copyright that created that, by prohibiting any redistribution and derivation by default. FOSS licenses are a way to counter-act that and give you rights.
And while the GPL is not as short as we would like, the reality is that it created a standard; you just have to read it once to know the license of more than 50% of the FOSS projects out there. That seems a time saver, not killer.
Did that include the thousands of business that nowadays use and contribute to OSS and also have lawyers to worry about those things?
You know it didn't. But I don't really see how that's relevant to my point. If it takes several pages of legalese to define what "freedom" you are giving someone, you might want to consider whether you're using the right word for what you're doing.
But it was copyright that created that, by prohibiting any redistribution and derivation by default.
No, it wasn't. It was bad lawyers who can't write plain English, and picky people at the FSF who tried to fine-tune everything instead of stating a clear guiding principle.
There are plenty of other licences that are very much shorter.
And while the GPL is not as short as we would like, the reality is that it created a standard; you just have to read it once to know the license of more than 50% of the FOSS projects out there. That seems a time saver, not killer.
Sorry, but that's just wishful thinking.
Firstly, I suspect that a lot of people use the GPL not because they like or understand it but because it was the peer pressure "what you do" option for a while. Those kids used to just give their code away as freeware and no-one was any worse off for it.
Secondly, it's not really a standard when there are at least three styles of GPL licence that come up reasonably often in discussions (GPL, LGPL, AGPL) and then there's the whole v2/v3 mess as well. In fact, this kind of fragmentation is probably a large part of why we're having this whole discussion on HN today.
Finally, while I respect the goal of trying to have some standardised licensing, the only standard I've observed in practice is that, unless you're working in an organsation where everyone values GPL-style licensing and uses it as an integral part of your business model, the lawyers and managers are likely to blanket ban any use of GPL'd code because the risk of the viral contamination effect is too high to justify any benefit from using it.
On the other hand, it's easy and feels safe to reuse code that comes with a no-nonsense BSD/MIT style licence that says in plain English that you can use the code without understanding several pages of legalese with subtle implications. That saves time.
No, it wasn't. It was bad lawyers who can't write plain English, and picky people at the FSF who tried to fine-tune everything instead of stating a clear guiding principle.
There are plenty of other licences that are very much shorter.
Well, unlike permissive licenses, the GPL is an hack on the copyright system; they probably wanted to make sure it would hold up in court.
But the GPL isn't really that long; the 2.0 is only 340 lines of 80 characters. Yeah, it's long compared to MIT, but it's still a fraction of most legal documents.
Firstly, I suspect that a lot of people use the GPL not because they like or understand it but because it was the peer pressure "what you do" option for a while. Those kids used to just give their code away as freeware and no-one was any worse off for it.
"Freeware" doesn't include the right to modify and re-distribute. Yes, we were certainly worse off for it. If you mean Freeware as a different concept, well, then it's easy to see why licenses are useful - they clearly define that stuff, so you can sleep at night knowing your business or webapp or whatever won't get sued to the ground tomorrow.
Secondly, it's not really a standard when there are at least three styles of GPL licence that come up reasonably often in discussions (GPL, LGPL, AGPL) and then there's the whole v2/v3 mess as well.
The differences between the three versions are minimal - a clause or two more, nothing else.
The v2 vs v3 issue is problematic, I agree. On the other hand, protection against software patents is important. MIT, for example, provides none.
It seems irrelevant 'till you get hit by a patent troll, like startups are already getting hit.
Finally, while I respect the goal of trying to have some standardised licensing, the only standard I've observed in practice is that, unless you're working in an organsation where everyone values GPL-style licensing and uses it as an integral part of your business model, the lawyers and managers are likely to blanket ban any use of GPL'd code because the risk of the viral contamination effect is too high to justify any benefit from using it.
True. But unlicensed or implied licensing is dangerous too - you need some kind of legalese.
On the other hand, it's easy and feels safe to reuse code that comes with a no-nonsense BSD/MIT style licence that says in plain English that you can use the code without understanding several pages of legalese with subtle implications. That saves time.
Wait till you base your company on someone else's MIT licensed code and then get hit by a patent lawsuit from them or a troll with their patents. Safe? I don't think so.
But the GPL isn't really that long; the 2.0 is only 340 lines of 80 characters.
Is that all?!
Out of curiosity, what proportion of people who choose to licence their own code under the GPL do you think have actually read all of that and consulted a lawyer to make sure they understood the terms they were themselves proposing? I'm not even considering the equivalent question for the wider population of users and downstream developers affected by the licence terms yet.
"Freeware" doesn't include the right to modify and re-distribute. Yes, we were certainly worse off for it.
In what way? We didn't worry about offering others formal rights in those days. People shared source code if they thought they had something worth sharing, without making a big deal about it. Such code frequenty came with comments to the effect that you could use it however you liked but please give credit, or words to that general effect, which would have just as much validity in court as a modern MIT or BSD licence for example.
The differences between the three versions [GPL, LGPL, AGPL] are minimal - a clause or two more, nothing else.
Wow. That's a mighty bold claim, and one I don't think a lot of software developers would agree with. The changes in wording may only be a small part of a vast document, but the implications are profound.
It seems irrelevant 'till you get hit by a patent troll, like startups are already getting hit.
The correct solution to patent trolls is not to allow things like software patents in the first place. It's a controversial subject and there is far from consensus internationally or even within some national governments on whether software should be patentable at all.
In any case, I think you are imagining a legal shield that is not there. Patent trolls typically don't contribute to a FOSS project and then go after other people who use it. In fact, patent trolls typically don't contribute much of anything to any project, which is one of the reasons they are... not well thought of. If you're using someone else's code and you don't have some solid legal agreement that they indemnify you fully against all the related IP threats, you're not safe, and no FOSS licence provides such indemnification; many explicitly state precisely the opposite.
For that matter, you don't have any real protection in a troll-friendly legal system even if you never use anyone else's code at all and you write every line yourself. I don't think there's much argument in favour of GPL-esque legalese to be found here. My personal view is that some of the GPLv3 stuff is basically the FSF trying to conflate two unrelated IP issues and leverage the viral nature of the GPL to advance other parts of their agenda. Which is a pretty scummy thing to do, actually.
Out of curiosity, what proportion of people who choose to licence their own code under the GPL do you think have actually read all of that and consulted a lawyer to make sure they understood the terms they were themselves proposing?
Not many, but I'd guess they didn't read MIT nor BSD either.
By the way, the original BSD licenses forced you to acknowledge the upstream project in any advertising materials for yours. How many people read that? Not many, I would guess.
In what way? We didn't worry about offering others formal rights in those days. People shared source code if they thought they had something worth sharing, without making a big deal about it.
As I said, that's fine in a community of hobbyists, not if we want businesses contributing. But that's a different issue.
which would have just as much validity in court as a modern MIT or BSD licence for example.
Do you have any example of a lawsuit where such freeform license was valid?
Besides, even if it was, I doubt people had enough trust in that to release commercial stuff based on it.
Wow. That's a mighty bold claim, and one I don't think a lot of software developers would agree with. The changes in wording may only be a small part of a vast document, but the implications are profound.
I was talking about the license text, not the implications.
The correct solution to patent trolls is not to allow things like software patents in the first place. It's a controversial subject and there is far from consensus internationally or even within some national governments on whether software should be patentable at all.
I'm sure the FSF would've ended software patents if they could, but it's hardly fair to criticize them for not doing so. They did what they could: route around them.
I would think the patent grant protects in the case the upstream developer sells those patents to a troll after you're already using the code, but I'm certainly not sure.
My personal view is that some of the GPLv3 stuff is basically the FSF trying to conflate two unrelated IP issues and leverage the viral nature of the GPL to advance other parts of their agenda. Which is a pretty scummy thing to do, actually.
This talk about the GPL being "viral" is just FUD. If the GPL "infected" your project if because you made the voluntary decision of including GPL-licensed code in it.
And why is it scummy? They provide a tool (the GPL) to whoever wants to use it. Advancing the Free Software Movement is obviously one of the goals of the tool, like mostly anything the FSF does.
That would require more data to conclude. The GPL is declining as a percentage of open-source licenses, but is that because more people are BSD/MIT-licensing their code, or because people who previously GPL'd their code (perhaps as part of a GPL/proprietary dual-licensing strategy) are just keeping it proprietary now?
One of the big misunderstanding of copyleft licenses is who they are aimed at. The allegedly "more permissive" licenses are only more permissive to the developer, but they say nothing about how permissive the software is to the end user. Such "permissive license" may manifest as very restricted or even malicious software, so it's really incorrect to call it such. The GPL is permissive for the intended audience of software licenses - the end users.
The GPL is permissive for the intended audience of software licenses - the end users.
Yes, precisely! And one of the ideals that Free software is designed around is that there are no end users - everyone can be a developer (or farm it out to anyone willing to work the job - ultimate free market capitalism). Unfortunately, there are still bills to be paid, and people are raised in the mindset of "I've got mine; who cares about anyone else?" and always grasping for more. So they think they can't make any money with GPL software, or it will expose them to legal worries, or they'll be forced to open source all their code. In the case of the first, this is categorically not true. In the latter two cases, no one has been able to bring up a credible example of when this has ever happened in the 20+ years the GPL has been in existence.
I'd be interested to hear from commercial developers of OSS how they chose their license, and about the business reasoning behind preferring copyleft or a permissive license.
I like @cpnks's thing about scale -- GPL making more sense for giant projects -- but I think of GPL as a legacy license from the days when open source was a radical idea.
I think you could argue that it took radical people with radical opinions to make open source what it is today, but GPL is overkill for modern development and (in my opinion) completely unnecessary.
Attempting to control what people do with the software they create is, in my opinion, not only wildly inappropriate but also very self-defeating, as it limits the number of people who can do anything with your license. Likewise, there's this:
"Take a look at pretty much any embedded Linux project and you will find a GPL violation. For example, most ARM devices are unusable without binary drivers that rely on specific builds of specific Linux kernel versions (example - you can't get sound or accelerated video on the Raspberry Pi!). I've had one plug computer maker tell me they have a custom version of Linux and they won't provide the source."
(from @sedachv's comment)
The sheer number of GPL violations out there in real life point to the fact that the license is unenforceable in practical terms, because of the legal budget a project would need in order to prosecute what is essentially an epidemic of victimless crime. If your project uses GPL, you're more likely to see an increase in corporations shrugging off open source licenses (or laughing at them) than an increase in corporations contributing code back. GPL violations are not a criminal matter. You can only enforce them with civil lawsuits. Who's going to pay for that?
Imagine if Linux aggressively asserted its rights under the GPL against every violator out there. it'd be a full-time job for a whole team of lawyers -- an astronomical expense which absolutely nobody would benefit from, except for the lawyers themselves.
There's absolutely no reason to expect companies to comply with the GPL, other than good manners and good ethics, both of which are rarer than they ought to be. The GPL just encourages those qualities to become even rarer. It's self-defeating and it's bad for open source in general.
>There's absolutely no reason to expect companies to comply with the GPL, other than good manners and good ethics
Nonsense, they are legally bound by the licence to provide source code when distributing binaries should the recipient request it. Obviously there are violators counting on not being taken to court but they are still violators and are running the risk of being being sued.
Let's say that Oracle would stop releasing the source code to the enhancements they make on Linux for their distribution, do you think Red Hat, IBM and other large contributors would just let Oracle use their enhancements while violating the GPL by not releasing their own? Hardly, they would take them to court.
GPL works well for this kind of cooperative project where lots of different players pool their resources as everyone is legally bound to release their enhancements. This obviously doesn't mean that every licence violation will be brought to justice, but the important thing is that they are in their right to so should they find it necessary.
However the fully open source development of Linux doesn't fit all projects, looking at FreeBSD it seems it's mainly being used by companies who wants to incorporate it into proprietary solutions where they make changes to the kernel/system which are used as a competitive edge and thus don't want to open source those.
Again, there is no 'one size fits all' solution and as such it's a good thing there's choice.
This happens because people don't understand the GPL and its unique ability to empower developers to write software or something really interdesting like that.
I'd have to second this; there is a lot of FUD being put out about how the GPL "takes away" "freedoms" from the developer, when the truth is that if someone is writing something from scratch, they have de facto copyright and can relicense the code any way they want, at any time. Only versions released under GPL are out in the wild as "lost sales", and are more likely to garner good will than cause a loss of profits. As for BSD, well you wouldn't want your competition locking up your code and selling it back to you, now would you? And all the other licenses, while more finely nuanced to different needs, are also not as straightforward. I don't understand why GPL isn't more widespread.
My cynical view is that at some point in the past few years, the perfect storm of outsourcing, funny money bonanzas aka IPOs, and the standing mindset of corporations to focus on their self interest (and not but) got us to this point. The winners have been the corporations (surprise) and a few (very few) rock star OSS developers. Everyone else is being taken for a ride, in my opinion.
I release OSS software myself. So far, Apache 2 only, but decided to switch for everything new to (L)GPL a couple of months ago. GPL makes sense economically, socially, and politically.
>I don't understand why GPL isn't more widespread.
Honestly, for me? Viral nature. I don't want to put off a company using my code (well, for most things I do) because they don't want to be bound by the requirement to give away the source.
That's kind of why I'm a fan of Creative Commons, attribution share-alike, with possibly noncommercial depending on what it is and my mood at the time.
The GPL is just a pain in the ass for all involved. At least that's how I see it.
The GPL is just a pain in the ass for all involved. At least that's how I see it.
You are not alone.
I find the GPL, but more so variants like the Affero GPL, to be ticking time bombs. And I have followed the development of FOSS over the years and occasionally helped out a project, so I probably have more interest than most people who aren't in the FOSS community.
The lawyers and managers at companies where I've worked were far more pragmatic: it's not worth the time and risk to analyse the licensing implications of every bit of GPL'd code we might consider using as part of our own project, so just blanket ban any development use of such code across the entire organisation and avoid any potential legal risks. In short, using GPL'd code is fine, but doing any kind of development with it is a firing offence, end of discussion.
I think this is a very sad state of affairs, but knowing how complex the legal issues can become, how militant certain FOSS groups can be, and how much damage such a group could cause in PR terms even if they had no legal case at all, I can't say I blame the lawyers and managers for their "not touching it with a 10' pole" policy.
I think it's mainly the burden of tracking everything.
If all your code is either written in house or source you've explicitly licenced on some commercial basis then chances are there's no problem borrowing a bit from somewhere and reusing it somewhere else.
But suppose you've got GPL'd code floating around, and then someone builds something based on it that's used perfectly legally in-house, and then someone later borrows some excerpts from the GPL'd code and reuses them in another part of the system, and then someone else later decides the GPL'd library/whatever isn't needed any more and cuts it out. Now you've got code floating around that you think your organisation owns, but really it doesn't.
Of course it's possible to comply with the rules by diligently noting any reuse of GPL'd code, and of course there are somewhat related issues with giving due credit even with permissive licences or code you've licenced commercially. But in reality, things go wrong, particularly on long-lived projects where developers come and go. Having GPL'd stuff integrated into your dev process if you're not an all-GPL house just seems like a lawsuit/PR nightmare waiting to happen if you run into one of the more militant groups, and short of imposing expensive and time-consuming audit processes there's not really much that management can do to mitigate that risk.
If all your code is either written in house or source you've explicitly licenced on some commercial basis then chances are there's no problem borrowing a bit from somewhere and reusing it somewhere else.
"Chances are" isn't much of a legal defense. If you're concerned about the costs of auditing and compliance for copyleft software, why not more so for software under less permissive licenses?
Firstly, if you're paying actual money for something, someone in authority has necessarily approved its use and any necessary review by lawyers should already have taken place (and this does actually happen IME).
Secondly, if you're paying actual money for the source code to a library and it wasn't very obviously provided for another reason, it is extremely likely that what you were getting for your money was the right to reuse that code as part of your own project. That's just how the industry works. It's not a 100% guarantee, of course, and standard disclaimers about consulting a lawyer apply, but even if you didn't do that the practical risk here is very low, while numerous places have got caught out when a developer "borrowed" some GPL'd code and didn't tell anyone.
What distinction do you see between CC-SSA and GPL? They say essentially the same thing. CC-SS has the same viral nature as the GPL/LGPL (it's about halfway in between the two).
The GPL has a lot of FUD about it, but there's very little actually offensive about it.
I should have been more clear. The neat thing about the entire CC class of licenses is that it's easy to pick from what you want to do based on what you're doing. A license framework if you will.
The GPL doesn't have that - and as you said, CC-BY-SA is probably the closest - but I don't have to use CC-BY-SA if I don't want to. Maybe I don't care as long as my name's on it. Then I can just use CC-BY.
The FUD you speak of is another reason I tend to shy away from GPL - both in terms of enforcement (shown to be tricky, thought the SA CC license would have the same issue), and it's association with RMS and the culture and FUD surrounding it.
Another thing is that CC lends itself better to things that aren't computer code.
Ah, the inevitable "bad GPL analogies" portion of any GPL discussion thread.
I personally don't feel I'm under any ethical obligation to give away my source code. Sometimes I don't release it at all, at least not unless you're paying for it. Other times I license it under a permissive license, usually when it's something smallish.
And other times I choose to GPL or AGPL it. I see the latter case as a quid pro quo: you can use my code as long as you let me use yours. Unlike in the ham sandwich example, it's not some arbitrary restriction imposed out of taste or spite, but a proposal of what seems to me to be a fair exchange. In return for using my code, you let me use your code, pretty simple and symmetric.
If you don't like the idea of a reciprocal code exchange, we could agree on a different exchange, like you paying me money for a license, or we could fail to reach an agreement and no exchange happens. But I don't feel particularly obligated to give you unrestricted free use of my code with no reciprocation. I could choose to do that out of charity or idealism, but I don't think I'm obligated to.
The trouble is that even in that simple post, where I think your real point is perfectly reasonable, you have completely mischaracterised the GPL and AGPL.
The GPL doesn't actually say "you can use my code as long as you let me use yours", or anything very similar really. I expect you knew that and didn't mean any deception by what you wrote, but we're talking about a legal document and lawyers are not known for their folksy interpretation and sense of humour.
And the AGPL is a particularly dangerous document that shouldn't be directly associated with any of the other GPL-related licences IMHO. Its scope is broader, because it can have profound implications for anyone even using software distributed under that licence, not just those developing the software.
True, they're not specifically licensing me to use their code in exchange, but I still think conceptually it's within my rights to offer that sort of exchange. I make a blanket offer to let you use my code, if in return you offer your own code under the same blanket offer. It's even more limited than that in that I'm not demanding you offer all your code that way, only the stuff that directly derives from and/or links with mine.
I don't see what's particularly dangerous about the AGPL, though. It's not that hard to comply with: if you build a webapp on some AGPL'd software, you need to AGPL the whole webapp. If you don't want to AGPL the whole webapp, you can just not build it on top of AGPL'd software. Pretty easy to avoid! And in any case the usual alternative to the AGPL is not releasing code at all, or releasing it under a "no commercial use" clause, which certainly doesn't give you more freedom. Compare Gitorious's code (AGPL) to GitHub's code (not released) for example. In both cases they're worried that if they MIT/BSD'd or even GPL'd their code, a rival SaaS could leapfrog them starting from their own code.
The example that really got to me with the AGPL was when the Opa programming language was being discussed on sites like HN a while back. IIRC, both the language and its standard library/runtime were AGPL'd. That would potentially mean that not just the compiler itself but any program you wrote in the language would automatically be AGPL'd as well.
As with all of these GPL-style licences, there's a lot more risk if you're not an all-GPL house, and quite modest risk if you're intending to GPL your code anyway. But the AGPL is different because it can affect not just developers building on the code for redistribution but also those who are just using it internally.
I can understand why they did that, in the context of network-enabled services, but nothing in the AGPL seems to restrict the implications to only that context. As the example above demonstrates, people do use it for other things with potentially profound implications that aren't obvious to anyone who knows about the much more common GPL and LGPL but doesn't realise why AGPL is fundamentally different. For that reason alone, I don't think the AGPL should have used a similar name.
I agree on the name, yeah, and I was also surprised by Opa. My assumption in infrastructure-code cases like that (not sure if actually true with Opa) is that they want to leave the door open to a dual-licensing solution, so if Opa ends up being a killer technology, the AGPL poison-pills it enough for commercial customers that they'll be able to sell paid licenses.
Not sure what a cleaner alternative would be in that case. Perhaps just state that explicitly? "You can use the free version of Opa to build open-source webapps [define appropriately], but need a commercial license if your app is not open-source."
What is "bad" exactly about this analogy? GPL is a strongly conditional permissive licensing that carries an agenda. Compared to an unconditional license, it clearly has a lesser appeal to those not caring or not aligned with an agenda.
That's a poor GPL analogy. I think most of us know what the GPL says, and it does not restrict what you as a developer can make with the code (or regenerating bread in your analogy).
You can make all the regenerating ham sandwiches you want from the regenerating loaf of bread. The GPL only restricts what rights you have to pass along to anyone you give ham sandwiches to, basically ensuring that you do not have a monopoly on regenerating ham sandwiches.
You might consider that restriction to be just as onerous as restrictions on what you can make with the bread, but I think there is a categorical difference. The GPL only affects transactions with other people. You can use the loaf of bread for making ham sandwiches or biological weapons and the GPL has nothing to say about that.
Not only can you make the ham sandwich, but when you give ME the ham sandwich I can put mustard on it, and when I give it to some one else THEY can put cheese on it.
Because that's what the GPL does . It ensures that the right to modify the (sandwich)program never gets taken away from the next user in the chain.
>You either want gift the code to the world or you want to do it conditionally. Do tell me which one comes across as a more genuine gesture.
Making a moral judgement as to the license I release my creations under? This kind of idiocy is why I don't want anything I do to be associated with Stallman and his ilk.
"What's that? I'm evil because I sell software and don't give away the source code? Go fuck yourself."
And yet I've no doubt you'd be happy to call somebody who knowingly sold you a car you could not service "evil" (or something to that effect). Or what about companies that sell you content with DRM, preventing you from even doing legal things with it?
Now, perhaps you are fine with both of these things. And that's not an entirely unreasonable position to have. But not being fine with DRM or unmodifiable products is also fine, and disliking companies that sell these is completely valid. Disliking proprietary software is just taking the same idea and extending it, which is also entirely reasonable.
>Id yet I've no doubt you'd be happy to call somebody who knowingly sold you a car you could not service "evil" (or something to that effect).
Actually, I'd not buy such a car in the first place. But you're really not resorting to car analogies right?
>Or what about companies that sell you content with DRM, preventing you from even doing legal things with it?
Same thing - I don't buy it for the most part.
However, being anti DRM and being a FOSS zealot are two different things.
You'd be surprised how much "unmodifiable" software indeed ends up modifiable when enough people get interested.
In any case, I take great offense at the notion that I am somehow a bad person for not letting everybody in the world use my product for free, hence the notion at the end of my previous post. Which still stands, downvotes be damned.
It's more like donating a loaf of bread but stipulating that the person you donated to cannot sell it for profit.
So really, using the GPL is like donating to a non-profit where using a BST/MIT license is like donating willy nilly to any person or corporation regardless of their aims or practices.
Erm, isn't "share-alike" closer to the GPL than MIT/BSD licenses? That is, the whole point of the GPL is that anybody who uses your code has to release the product under the same license; this is exactly what the "share-alike" licenses do as well.
In academia my impression is that the decline of the GPL is due to business models more than ideals. There was a period of popularity in the 1990s and 2000s where dual-licensing GPL/commercial was used as an attempt to both open-source the code while still making money from commercial users who would pay for a non-GPL license. The copyleftness in that strategy wasn't really about agreeing with RMS, but about making sure you'd get paid if the next version of Matlab shipped with your code in it. But only a handful of projects that've tried that have been successful at making any money from it (the Stanford Parser is one example that has been).
My anecdotal impression is that the trend is therefore towards picking either openness or money as the goal, instead of trying the dual strategy. If openness is the goal, you pick MIT/BSD, because they're simpler and you hope lots of people will pick up your code, and maybe you'll get paid in citations and PR. If money is the goal, go for a full commercial licensing strategy, and either don't release the code publicly at all, or release it with a research-use-only/no-commercial-use clause.
What I've found is that open sourcing components that are not central to your business, but that your business depends upon, provides you with free stress testing, bug fixes, and enhancements. That's a huge win, and leaves you with more resources to concentrate on things that ARE central to your business.
In order to maximize uptake on your open sourced component, it makes sense to have an uncomplicated license. Take a look at the following licenses:
When I'm looking to use some component I found on the internet, part of my decision is based on the potential for legal pitfalls. I suspect that others feel the same way.
"The described trend is caused by consciously rejecting GPLs ideals,"
I very highly doubt that.
There are 3 cases I can think of:
1 - Business related models: "we're scared of GPL, we don't know what it is, but force devs to use smth else or code it from scratch"
2 - We're devs and due to 1, and possibly startups, we'll want non-GPL code. We'll also start to spam the community how GPL is bad in any possible way.
3 - All the devs are telling me GPL sux. I'm a cool and hip new person I'll do what they say to fit in. (I don't even care about what the GPL is made for).
Now, one could wonder, why'd they want to even use BSD or similar licenses? They could just go with public domain. THat's "real" freedom to their ears isn't it? Anyone does anything they want with it. Perfect.
Not so. They use BSD for credits. BSD forces you to retain copyright in the code, and that means if your name is in the code, you're getting a job very, very easily.
So you see, all the above only tells me one thing:
People who know are misleading others (like you just did) on purpose for financial reasons, not because GPL ideals are wrong.
It would be OK if they at least mentioned the reasons in these simple terms. But that wouldn't help them achieve their goals, if others keep on using the GPL.
"Public domain" is an unclear concept, I am under the impression that in many countries there is no such thing as "public domain" from a strict legal perspective. BSD is (for me) the closest thing to a clear legal "public domain", and that is why I use it.
Also, the GPL is incompatible with the iOS store, which is a serious problem for many people.
This is correct. For example, German law is based on the concept of 'Urheberrecht', ie 'creator's rights', instead of 'copyright'.
This is the reason why copyright notices (which were mandatory in the US until 1989 according to Wikipedia) were never necessary in Germany and why there's no direct equivalent to public domain:
As soon as you create something worthwhile, you gain creator's rights, and as you remain the creator no matter what you do or what usage rights you grant to others, you can't give them away completely. There's a somewhat recent, rather embarrassing quote by German politician and lawyer Volker Kauder, who claimed to have acquired creator's rights to some images he used on his homepage without having the appropriate usage rights.
I don't quite understand....why is it shameful if a developer wants to retain ownership/claim authorship over the code that he spent time and effort in developing?
If there was a GPLed project for every paranoid rant on how anyone interested in any other license is trying to mislead people and destroy the GPL, TFA would never have been written.
I don't think that most people understand the GPL. Everybody understands the basic spirit of it, but there are lots of details spread throughout that huge document. The preamble is longer than many permissive licenses. .That there is a preamble at all speaks to the complexity. It's too much for a small group or individual without access to a lawyer, and I don't think people in these cases are going to use a license that they don't fully understand.
I just took the time to read the GPL both versions 2 and 3. It is pretty cut and dry as far as licenses go. Do you have any actual evidence that small groups or individuals are having trouble understanding it to the extent that it would have a statistically significant impact on its uptake?
The religious war of "free" versus "open" is what turns a lot of people off.
Previously, when posting code I wrote, I'd pick MIT license which would allow users to do what they wanted. Picking GPL would mean that many potential users would be prohibited by company policy from using it.
Exactly. I'm one of those who honestly doesn't mind if anyone comes along, forks, closes the source, and makes a million off my code. I think it's a lot about money. There's also this rejection of the FOSS ideals. The GPL puts a lot of people off because it can be perceived as being more about ego and anti-profit rather than true freedom. For me personally, I prefer open source to free because I'm against restricting anyone's usage of my code and don't mind if they don't contribute back.
I think people's intentions have changed too. It was once all about paying things forward and now the importance seems to be placed on simply sharing with no regard to how the code is used or by whom.
The approaches are different, but in terms of licenses and rights, Open Source and Free Software are mostly the same. MIT and BSD are Free Software too.
Really? I mean, I know they're very close but correct me if I'm wrong here:
First, let me be clear that I'm talking about Free in terms of how the GPL codifies it.
So Free software a la the GPL always begets more free software. Open source on the other hand is free but you can close that source up and make a nice profit without contributing back. I'm for the latter and that's the distinction I was getting at. I know all the licenses have their nuances but generally speaking free GPL style licenses forbid not contributing back whereas open source generally let's people do as they please as far as contributing your changes go.
Free Software, as defined by the FSF, includes both copyleft like the GPL and permissive licenses like BSD. Open Source, as defined by the OSI, does the same.
Essentially, it's Free Software any license that provides the following four freedoms:
The freedom to run the program, for any purpose (freedom 0).
The freedom to study how the program works, and change it so
it does your computing as you wish (freedom 1).
The freedom to redistribute copies so you can help your neighbor (freedom 2).
The freedom to distribute copies of your modified versions to others (freedom 3).
Copyleft (like the GPL has) is a way to ensure that the four freedoms are transfered to any derivative work, but:
A free license may also permit other ways of releasing them;
in other words, it does not have to be a copyleft license.
I'll answer that - because only the developer can enforce it. Let's say you're an end user and you know for a fact that a library in a proprietary app is GPLed and the seller is not complying with the terms of the license by not coughing up the code.
You don't have the legal standing to take the the seller to court and demand they comply with the terms of a license between them and the original developer of the GPL'ed code, even though you're technically a party to it as the release of the code benefits you.
I agree in the literal sense, but couldn't you look at the GPL as an agreement between the original developer and all downstream users that the developer will enforce terms when violations are brought to light?
One would think - but the obligation is not there (nor should it be really, this would only hamper its further adoption even more than it already is)
Agreed it's the right thing to do, but if I write a GPL module which is later used in say, a Microsoft product, I don't have the desire, the time, or even the money to take them to court.
> How exactly are you going to enforce GPL compliance when a Chinese company uses your library in their proprietary product?
Depends if it's hardware or software. If it's hardware, Customs gets involved. Software's harder, but the fact that there is a set of circumstances which make enforcement difficult do not make enforcement in general impossible, nor does it invalidate the concept behind the GPL.
> Bonus question - what exactly will you be gaining by spending your time on enforcing the GPL compliance rather than on something else (like coding)?
You'll be gaining GPL compliance. That's the point.
Nothing. That's why the GPL can be easily seem as being all about ego and anti-profits rather than freedom. Even if the company in your scenario violates the GPL it doesn't do anything to hurt software freedom. The GPL seems to be a tool to force FOSS ideals down people's throats rather than the nice sounding ideals that are the official party line. A GPL violation doesn't stop free software advocates from paying it forward and sharing and the original source is still available to anyone who wants it. But few people really want freedom. The goal of the GPL can easily be mistaken to be to turn all software into GPL software. In fact the existence of the GPL itself can also be mistaken as a clever ploy to infect non-free software and make it free.
Sorry, but how don't see how the GPL forces anything nor does it "infect" anything. That kind of loaded terminology is just BS.
The GPL offers you a deal that you can accept or refuse, just like any other license. The terms are definitively more onerous than permissive OSS licenses, but that's it.
An infection implies invasion. Until GPL'ed code starts copying itself to your projects, it's not an infection.
As RMS himself said:
The GPL's domain does not spread by proximity or contact, only by deliberate
inclusion of GPL-covered code in your program. It spreads like a spider plant,
not like a virus.
it's generally accepted that the GPL has a viral nature
It's generally accepted after the smear campaign by GPL haters, just like the "General Public Virus" expression and the "cancer" remarks by Ballmer. It's still a pejorative and, in my opinion, defamatory term.
A willful infection is still an infection. Whereby an invsasion is always unwanted. You can't willfully invade your own code, but you can willfully infect it - whether that be with other code, or licenses.
To be clear, I really wanted to point out that it can easily be perceived the way I described. I wasn't really trying to say that it's actually so. Honestly, I'm not a big fan of the GPL myself so it probably came out that way but the bigger point wasn't about my personal preferences but just how the GPL lends itself easily to that kind of thinking.
GPL makes a lot of sense for the former. If you write the Linux kernel, a ton of companies would take it, enhance it, and not contribute back without GPL. That's a big part of what killed BSD. On the other hand, almost no one is going to reimplement Linux just to get around the GPL -- it's cheaper and easier to just give back.
For the little libraries, permissive makes more sense. If your JavaScript control has a license that isn't permitted in my project, I'll just write my own in a day or two. If I enhance it, that's not a core advantage to my business, so I'll likely contribute it back.