Forgot your password?
typodupeerror
Open Source

Open Source Licensing Debate Has Positive Effect On GitHub 96

Posted by Soulskill
from the clearly-we-need-another-new-license dept.
New submitter Lemeowski writes "Critics have been pounding GitHub recently, claiming it is hosting tons of code with no explicit software license. The debate was thrust into the limelight last year when James Governor of RedMonk issued an acclaimed tweet about young developers being 'about POSS — post open source software,' meaning they disliked or avoided licensing and governance. Red Hat's IP attorney Richard Fontana explores the complaint saying there is a positive aspect of the POSS and GitHub phenomenon: Developers are, for the first time in the history of free software, helping inform each other about licensing and aiding in the selection process. The result is that it's becoming easier to suggest legal improvements to GitHub-hosted repositories."
This discussion has been archived. No new comments can be posted.

Open Source Licensing Debate Has Positive Effect On GitHub

Comments Filter:
  • by Marble68 (746305) on Tuesday August 13, 2013 @03:30PM (#44557487) Homepage

    Coding is a communal and collaborative effort for the most part, as almost all people reach out for help and give it when asked.

    That "legal licensing" would be treated any different than any other API by the tech community shouldn't be surprising, IMHO.

    • Coding is a communal and collaborative effort...

      Of course! Becuase laughing at a clueless newb is worth hours of derisive laughter.

  • by mveloso (325617) on Tuesday August 13, 2013 @03:31PM (#44557513)

    This should be the default github license:

    http://cr.yp.to/publicdomain.html [cr.yp.to]

    If you don't care enough to specify a license, you should abandon your copyrights to it.

    • by Desler (1608317)

      It can't be since "public domain" doesn't even exist in many countries.

      • Maybe not completely correct, but parent is right. A side effect of the Berne convention is that the public domain option is not possible until copyright has expired.
        "Do What the Fuck You Want to Public License" comes close to public domain, but it's not completely the same.

      • Git Hub is based in the USA where public domain dedications are well established (see the link in the post you are replying to) so it is very likely that source distributed by Git Hub can be in the public domian. If you are really paranoid you can use the CC0 to dedicate to the public domain or achieve as near as possible an effect [creativecommons.org].
        • by Desler (1608317)

          Doesn't really matter since Github can not make a non-US citizen enter into a contract that violates their local laws.

        • Git Hub is based in the USA where public domain dedications are well established (see the link in the post you are replying to) so it is very likely that source distributed by Git Hub can be in the public domian. If you are really paranoid you can use the CC0 to dedicate to the public domain or achieve as near as possible an effect [creativecommons.org].

          It doesn't matter where you store your stuff. What matters for which copyright laws to apply is where you (the author) live/what citizenship you have.

          You can't transfer ownership in germany at all. You can of course license your works under whatever terms you choose (for example CC0), but Public Domain like in the US where you basically give up any rights on your work forever is impossible here.
          That doesn't change just because I publish something in the US or even because I might stay there for a while.

        • by Wootery (1087023)

          Does it affect your liability whether you choose public domain or CC0?

      • Default License: WTFPL
        effect: Just the same as public domain, but with a license.

    • by WarJolt (990309)

      That takes effort. It's easier to slap bsd on it. Plus you'll get credit in the documentation if its used in proprietary apps..

      • Re: (Score:3, Informative)

        by Desler (1608317)

        It's also a violation of the Bern Convention. Github cannot legally strip a work of its copyright status just because a license wasn't chosen by the developer. In the countries with public domain it has to be explicitly declared as such by the author.

        • by Desler (1608317)

          Should be "in many countries" not "in the countries".

        • by allo (1728082)

          github can put it in its ToS: if you do not specify a license, your code will be published as public domain. You therefore give github the right to grant anybody any rights on your code. You can avoid this, by explicitly adding a license to your code.

    • by Anonymous Coward

      The only way to get something to the public domain is to wait until copyright expires.

      The copyright laws USED to have an expiry short enough that there was no need for an explicit public domain donation of code, because by the time it was well known enough and then progressed to "Can we have unfettered access to this?", the code was now out of copyright.

      When they extended the copyright terms, the need for a path to put things to the public domain explicity became necessary.

      However, this was not what those w

    • by Artraze (600366) on Tuesday August 13, 2013 @04:20PM (#44558149)

      Your link indicates that (among other things):
      1) Copyright abandonment is really only recognized in the Ninth Circuit, and remains unknown elsewhere
      2) Releasing into the public domain provides no liability protection to the author
      3) Copyright abandonment requires a formal, explicit statement

      If you have to provide something that is nearly indistinguishable from a license, why not just provide a well established license that can not only remove all uncertainty and provide explicit terms disavowing all use of the software?

      Something like the MIT License or Simplified BSD License is well established, takes only a minute to read, and achieves all the major goals of releasing into the public domain while avoiding many of the pitfalls. This whole POSS thing is ridiculous and seems to be driven by some combination of intellectual laziness, deliberate ignorance, and a desire to 'stick it to the man'. And as usual with rebellious ignorance, a whole lot of unnecessary crap occurs while 'the man' remains un-stuck-to and nothing changes.

      • by OdinOdin_ (266277)

        > 3) Copyright abandonment requires a formal, explicit statement

        Because it is necessary for someone to have asserted their "Copyright" in the first place, to then provide a license to abandon those Copyrights.

        If no one asserts Copyright what stops an evil entity from claiming they hold Copyright (when they do not) and then announce they did not grant public domain status to this work. It needs the real Copyright holder to assert their claim on the work first.

    • I think BSD should be the default. It's close to public domain and has some boiler plate liability disclaimers.
      • GPLv3 has considerably better patent protections. The Apache 2.0 license eliminates all your copyright permissions to use Apache 2.0 licensed software if you file a patent lawsuit against anyone for any of your Apache 2.0 licensed software, even if the lawsuit of the target is not participating in or is in clear violation of the Apache 2.0 license. The GPL license, especially GPLv3, makes the patent protections much more clear. It allws lawsuits against parties who are in violation of the relevant GPL.

  • Just the other day I was adding files to GITHub for my portfolio since I'll be graduating soon, and I was thinking about this exact issue. I ended up putting an Apache license header to my source files, but wasn't sure if this was _really_ the one I should have used. I just wanted to put my stuff up for when I start job hunting, and honestly don't care if others use my work so long as I have a name on my stuff (not that anything I've posted has been earth shattering or special, just random demos to show tha
    • by amorsen (7485) <benny+slashdot@amorsen.dk> on Tuesday August 13, 2013 @03:56PM (#44557833)

      2 clause BSD. If you don't care about licensing, that is the license you should use. It is proven in the field and most other open source/free software licenses are compatible with it. It is pretty much as close to public domain you can get while still keeping your name on the source code and avoiding problems with implied warranties.

      • by Niris (1443675)
        Thanks, I'll check into this when I get home tonight and update my repo.
        • by Immerman (2627577)

          Be careful - IIRC the "BSD with attribution" is incompatible with the GPL, which still seems to be the most effective general purpose "getting stuff done" license (all due respect to the contributors of Apache products and the like). If that matters to you of course - no shame in demanding that your name stay attached to your creations.

          • by amorsen (7485)

            That is why you stick with 2-clause BSD [opensource.org] and avoid the fancy ones which talk about advertising or endorsements. It is difficult to find a standard license with wider compatibility than that.

  • by Todd Knarr (15451) on Tuesday August 13, 2013 @03:40PM (#44557631) Homepage

    The issue with licensing is that you can't avoid it when dealing with copyrighted works. If you don't deal with licensing explicitly, then there is no license and the code can't safely even be looked at. The rule when it comes to defending against a charge of copyright infringement is that if you've had access to it and similarity exists it's on you to prove you didn't copy it. That's why agents and publishers have their secretaries/assistants return unsolicited manuscripts unopened, so that if they publish something similar to that story later they can show that they didn't ever have access to it and couldn't've copied it. For a hobbyist it's not much of an issue but as a professional I need to be certain what the rules are for anything that could possibly make it's way into my work, so I can make sure that either I'm following the right rules or that it doesn't make it's way into my work. If you don't tell me what your rules are, I have to assume they're the ones laid down by copyright law (ie. no rights beyond fair use) which means I need to avoid it like the plague.

    • >but as a professional I need to be certain

      You could call the author and ask permission or do a deal.
      That is exactly what several companies did when they wanted to use my code.

      • by Todd Knarr (15451)

        Yep, but I noted that bit about publishers for a reason. It's happened before. An author sent in a manuscript to a publisher and the publisher looked it over, decided it wasn't something they wanted to publish and turned it down. A few years later another author submitted a similar story, done better, and the publisher bought it and published it. The first author then sued the publisher for having stolen his story. Well, there's the very similar story in that copy of the book right there, can't argue that i

        • It's not merely "a story" that this happens to. I've seen instances of copyrighted code, shown to developers and admins who rejected it or whose managers refused to approve a license, and who later were caught copying the code into their own projects. It also remains a serious problem for outsourcing projects, where inexpensive developers are hired to replicate an existing project but cheaper and usually without the subtler capabilities or safety checks of the original project.

      • by Xtifr (1323)

        You could call the author and ask permission or do a deal.

        Which may be expensive or difficult or even impossible in some cases. Ever tried to track down a random author to submit a patch? For anything but large/highly visible and/or very recent projects, it can be an utter crapshoot. Frankly, I would have to be really desperate to use that exact code to even consider attempting this. If there were any reasonable alternative, I would almost certainly use that instead.

        Next, assuming there's money involved, you almost want to make sure you've got a formal contract, w

        • Actually, my email was in the code. It was crypto code. Nothing special, but I go for simple interfaces which is what made the code useful.

          I got an email. I emailed back, a lawyer called asking politely if they could use the code, I said yes, I emailed them saying they could.
          This happened that way 3 times and some other times there wasn't a lawyer, just a couple of emails.

          In the end someone wanted to put it in a linux driver, so I GPLed it.

          Not making a big deal of things that are not a big deal is a good wa

          • by Xtifr (1323)

            Actually, my email was in the code.

            One of the most common sources of the not-able-to-contact-the-author problem. I can't tell you how many times I've had emails to the address-of-record bounce, when trying to send in a patch to some little utility that I happen to like.

            a lawyer called asking politely if they could use the code

            Just as I expected. Some poor developer who wants to use your code is either A) going to have to get lawyers involved somehow, or B) take foolish risks. For many developers, option A is going to be seriously unappealing. Lawyers cost money. Even if your company has lawyers on

            • >I'm not quite sure how slapping a BSD/MIT or GPL statement on your code is a "big deal".
              I think I stated the opposite. It wasn't a big deal.

  • First time? (Score:5, Informative)

    by Bogtha (906264) on Tuesday August 13, 2013 @03:56PM (#44557835)

    Developers are, for the first time in the history of free software, helping inform each other about licensing and aiding in the selection process

    Huh? In the 17-odd years I've been using Free Software, I've never known there not to be an ongoing public discussion amongst developers about licensing.

    • Yeah, I can't believe anyone even tangentially involved in software even thought of making that statement. That it's an IP lawyer... from REDHAT... that's just plain embarrassing.

    • by Xtifr (1323)

      Indeed, that's the only reason that people started using free software licenses. Who but developers would have been informing people about them? It's pretty much developers all the way down.

    • No, it's pretty much been flame wars and accusations about penis size.

  • by sl4shd0rk (755837) on Tuesday August 13, 2013 @04:02PM (#44557899)

    Until someone pastes all of your Github into their complier, makes some edits and uploads to an app repo to make $10k/year on a .99 app you wrote. Yeah, that kind of sucks. Especially when your boss asks where you happened to store all of that code you've been writing for project XYZ the past year.

    Don't get me wrong, Open Source is awesome (FOSS , POSS, et al) and there are far too many lawsuits about copyrights/patents these days but understand that without GPL or it's ilk, you basically have no recourse should someone use your code. Also, it's feasible that someone could take your code and claim *you* stole it from them.

    Is tacking on the GPL(or equivalent) to your source code really that problematic?

    • by exomondo (1725132)

      Is tacking on the GPL(or equivalent) to your source code really that problematic?

      A permissive license that is compatible with restrictive licenses like the GPL is probably a better choice. Unless of course your intention from the outset is to restrict usage of that code but given that most people aren't bothering with a license at all it seems restrictive licenses are probably not the ideal choice.

    • You've got it backwards. Anything without an explicit license is all rights reserved. That guy who took your code and sold it is guilty of copyright infringement.

      Licenses explicitly license some of your rights to someone else. In the case of the GPL the app collection guy has NOT committed a crime so long as he makes the source code available to his customers.

    • by exomondo (1725132)

      Until someone pastes all of your Github into their complier, makes some edits and uploads to an app repo to make $10k/year on a .99 app you wrote.

      But if they make $10k/year selling support for the code you wrote that's ok?

      • by dkf (304284)

        But if they make $10k/year selling support for the code you wrote that's ok?

        If that's their personal income from doing that, they'd better have another job too. It's not very much, only like $200 a week on average. Maybe above the bread line, but only just.

        And in any case, they can be undercut by someone else. It's not like they have an exclusive right to make money from supporting that piece of code.

  • I think a license it is important. How are you going to contribute code without knowing the conditions. Maybe today the original author is a hipster that like to share, but maybe tomorrow he will change his mind. Is it going to close the source on the future?, is it going to take all other commits for his own personal gain? Is it going to sue you for changing his code?

    A license in the source code reduce the risk of being trolled, sue or blackmailed in the future.

    Even if it is public domain, the author
  • GitHub should be mandating that a license be either selected from a pool of licenses, or a license be typed in for every project. The default in most jurisdictions is either public domain or all rights reserved, and because they're a global-serving entity, they have to deal with the all-rights-reserved case, which doesn't even allow publication by GitHub itself.

    • by pavon (30274)

      Code on GitHub is no different from comments on slashdot or images on Flicker any other website in that regard. All the posts are covered by copyright, which is held by the original poster. All the sites have TOS which state that the poster gives the site permission to reproduce the content. Furthermore, even if the user didn't read the TOS, they intentionally made the posts knowing full well it would be republished (that is the entire reason for posting on any of those sites), so they have already given im

  • It's great that more and more developers think about licenses. Though, there's one aspect that I find... underdocumented.

    From time to time there may arise a need to fork a project. Either changes are out of the scope of the original project and they wouldn't ever be accepted upstream, or the upstream maintainers are not as responsive as community requires or for whatever other reason there may be. It's counter-productive to keep the original name (and have basically two diverging projects with the same name

The most exciting phrase to hear in science, the one that heralds new discoveries, is not "Eureka!" (I found it!) but "That's funny ..." -- Isaac Asimov

Working...