Github Finally Agrees Public Repos Should Have Explicit Licenses

WebMink writes "After strong criticism last year, Github has finally accepted the view that public repositories with no open source license are a bad thing. Self-described as the 'world's largest open source community,' a significant number of GitHub projects come with no rights whatsoever for you to use their code in an open source project. But from now on, creators of new repositories will have to pick from a small selection of OSI-approved licenses or explicitly opt for 'no license'. In Github's words, 'please note that opting out of open source licenses doesn't mean you're opting out of copyright law.'" A quick scan of their new choose a license site reveals at least a few flaws: they present simplicity, caring about patents, and sharing improvements with others as mutually exclusive points when they clearly are not (e.g. the Apache license and the GPLv3 both help with patent concerns, but only Apache is mentioned; and the MIT/X license is listed as the simple license when BSD-style is more prevalent). They also imply it is entirely optional to actually note your copyright in your files, when it is really bad practice not to unless you really want to make it impossible for people to understand the copyright history when e.g. merging your code into another project. Their list of licenses does provide a nice overview of the features of each, but regrettably encourages the use of the GPLv2 (without the "or later version" clause), listing the GPLv3 and all versions of the LGPL in league with seldom used licenses like the Perl Artistic license.

I'm surprised

[msobkow]

I'm surprised GitHub didn't require one to specify a code license of some kind when publishing code. The default if no license is specified is not "public domain", but private with all rights implicitly reserved for the owner of the code.

Re:I'm surprised

[Anonymous Coward]

"Public domain" is not a thing in many countries. In the UK for example, it is simply impossible to give up your copyrights while inside their term. The closest you can come is to license them under the WTFPL.

Re:licence choices hard to be non-ambiguous

[Anonymous Coward]

you shouldn't use the Lesser GPL for your next library

Yes, because when I'm writing a library, what I want most of all is for fewer people to be able to use it.

If anything, the LGPL should be used more often; it's a nice balance between the onerous GPL and the overly permissive BSD license.

Re:No, you can't use it.

[VGPowerlord]

Forking is a "use" right.

Re:Simple...

[ta_gueule]

Not sure they can. I don't think Github get to decide what license to apply to the code they host. The code belongs to the author until he grants Github a license. If the user doesn't do it explicitly, I'm afraid Github is distributing the code illegally. I don't think Github is allowed to add a public domain license file by default.

Re:No, you can't use it.

[nedwidek]

From their terms of use:
"We claim no intellectual property rights over the material you provide to the Service. Your profile and materials uploaded remain yours. However, by setting your pages to be viewed publicly, you agree to allow others to view your Content. By setting your repositories to be viewed publicly, you agree to allow others to view and fork your repositories."

So yes you can view and fork, but you don't get clone rights. The instant you do that, you infringe the copyright. So if you have no license that allows you to put out on your machine and use it, how useful is it? Until copyright or the Berne convention are changed, this is the world we live in.

Re:No need for copyright notice on every file

[TheRaven64]

Not having a license on every file is a colossal pain for people wanting to take part of your code and integrate it into something else. I recently went through this with OpenIndiana: they wanted to take some of my code from another project and include it in their libc. This is fine - the license I'm using is more permissive than their libc so there's no legal problem - but I'd forgotten to include the license text in the file, I'd only put it in a LICENSE file in the repository root. Keeping track of the license for one file that is different from the others in the project imposes a burden for them and, without the copyright in the file, potentially means that others will grab that file and think it's under a different license.

In short: Please put licenses in files. It makes life much easier for anyone wanting to use your code. If you don't want people to use your code, then you can save effort by not publishing it in the first place.

No, copyright is about copying

[dwheeler]

Distribution is only part of the story. IANAL, but let's focus on US law, starting with the software-relevant portions of 17 USC 106 [cornell.edu]:

"The owner of copyright under this title has the exclusive rights to do and to authorize any of the following: (1) to reproduce the copyrighted work in copies or phonorecords; (2) to prepare derivative works based upon the copyrighted work; (3) to distribute copies or phonorecords of the copyrighted work to the public by sale or other transfer of ownership, or by rental, lease, or lending;"

A common interpretation is that copies from storage to RAM are copies, and thus, you have to get a copyright holder's permission to run the software. I HATE this interpretation, I think it's a vile distortion of the original intent. However, it was upheld in "MAI Systems Corp. v. Peak Computer, Inc., 991 F.2d 511 (9th Cir. 1993)". For more about this controversial but widespread interpretation, see A new perspective on temporary copies: The Fourth Circuit's Opinion in Costar v. Loopnet (Band and Marcinko) [stanford.edu]. After the MAI decision, Congress then added 17 USC 117 [cornell.edu]: "it is not an infringement for the owner of a copy of a computer program to make or authorize the making of another copy or adaptation of that computer program provided: (1) that such a new copy or adaptation is created as an essential step in the utilization of the computer program in conjunction with a machine and that it is used in no other manner, ..." Basically, Congress said that even if copying to RAM would be considered a copyright violation (which it pointedly did not rescind), there's a special exception that it's okay to do if you're the owner of a copy of a computer program.

But wait! That means you have to be the "owner of a copy of a computer program" to use the program (or get the owner's permission). Did github say you were the owner of a copy? No, it said that you could "view" and "fork". "View" sure isn't "owner of a copy", and it's dubious that "fork" means that either. Note that the github TOS doesn't define "fork", so it has no clear legal definition. Yes, technically there's no "use" right in copyright law, but under at least some common US law interpretations you can't use the software in US if the code is just posted on github. Many software EULAs claim you aren't the owner, and then grant you permission to run the program through contracts, but if there's no license you can't claim that a license gave you such permission.

If you don't clearly give a right in a copyrighted work you create, then some judge gets to decide what rights (if any) are granted to users. You will probably not like what the judge says, especially since most judges don't understand software at all (there are glorious exceptions, but they're exceptional). Maybe "fork" gives users enough rights... but I wouldn't count on it. And since legal cases cost a lot of money, wise users will avoid software without licenses; they're not worth the legal risk. I hope that the "RAM copy as copy" interpretation is completely overturned someday, but that has not yet happened, and I wouldn't count on it happening soon.

Lots of people have worked out software licenses for sharing software. Just pick a common open source software license (MIT, BSD 3-clause, Apache 2.0, LGPL 2.1 or 3, GPL 2+ or 3+).