logo

blog

My website can't be that messy, right? git clone https://anongit.hacktivis.me/git/blog.git/

on-licensing.xml (5014B)

    

  1. <!--
  2. Copyright © 2014 Haelwenn (lanodan) Monnier
  3. SPDX-License-Identifier: LAL-1.3
  4. -->
  5. <entry>
  6. <title>On licensing, around hobbyist projects</title>
  7. <link rel="alternate" type="text/html" href="https://hacktivis.me/articles/on-licensing"/>
  8. <id>https://hacktivis.me/articles/on-licensing</id>
  9. <published>2025-09-17T02:13:12Z</published>
  10. <updated>2025-09-17T02:13:12Z</updated>
  11. <link rel="external replies" type="application/activity+json" href="https://queer.hacktivis.me/objects/2c5d292f-d555-412e-960c-b12a55aa6a0f" />
  12. <link rel="external replies" type="text/html" href="https://queer.hacktivis.me/objects/2c5d292f-d555-412e-960c-b12a55aa6a0f" />
  13. <content type="xhtml">
  14. <div xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en" class="h-entry">
  16. <h2>Suing and other legal processes</h2>
  17. <p>
  18. 	Hobbyists typically can't sue or even worse, afford to be sued.<br />
  19. 	That's a major weakness.<br />
  20. 	And it means licensing between hobbyists are more like code of honors.
  21. 	While a corporation can be a "copyright troll", sending a cease&amp;desist
  22. 	or worse without having the proper rights.
  23. 	Which in quite few cases has shut down hobbyist projects, at least temporarily.
  24. </p>
  25. <p>
  26. 	Yet because corporations can take over projects, either by forking
  27. 	them or acquiring the rights from the maintainers, <em>projects should
  28. 	still have appropriate licensing</em>.
  29. 	Otherwise it could horribly backfire on hobbyists, as frequently
  30. 	seen by either re-licensing to a proprietary license or adding
  31. 	a much more restrictive one than the current users of it can accept.
  32. </p>
  34. <h2>License compatibility</h2>
  35. <p>
  36. 	License incompatibility, unless there's an alternative implementation,
  37. 	forces to abandon the feature/idea, rewrite the software, or acquire
  38. 	a better license.<br />
  39. 	Hobbyist getting a better license from corporations is so rare
  40. 	there's a whole lot of excitement whenever that happens even for
  41. 	abandonned projects, meanwhile there's corporations almost entirely
  42. 	dedicated to acquiring appropriate licences.
  43. </p>
  44. <p>
  45. 	Rewriting software also being harder on hobbyists, specially if you
  46. 	need access to costy equipment or paywalled specifications to get
  47. 	part of the work done.
  48. </p>
  49. <p>
  50. 	That means license incompatibilities hurts hobbyists the most.
  51. </p>
  52. <p>
  53. 	Should also be noted that some corporations love using AGPLv3 combined
  54. 	with requiring a Contributors License Agreement (CLA) that tends to
  55. 	fully assign copyright to them or merely restrict to OSI/FSF licences
  56. 	(meaning MIT and 0BSD are possibilities).<br />
  57. 	And it's not exactly a new thing:
  58. 	<ul>
  59. 		<li>last paragraphs of <a href="https://lwn.net/Articles/541981/">SCALE: The life and times of the AGPL [lwn.net]</a> from March 13, 2013;</li>
  60. 		<li><a href="https://lwn.net/Articles/557820/">Debian, Berkeley DB, and AGPLv3 [lwn.net]</a> from July 10, 2013.</li>
  61. 	</ul>
  62. </p>
  63. <p>
  64. 	Note about the title of the last one:  It's not just Debian but effectively all
  65. 	distros which at best provide berkdb 6.0 or the latest version as another
  66. 	package which can be installed concurrently from berkdb 5.3.x.<br />
  67. 	cf. <a href="https://repology.org/project/db/information">https://repology.org/project/db/information</a>
  68. </p>
  69. <p>
  70. 	Also I think the GPLv3 not achieving consensus with existing GPLv2
  71. 	users while of course not being compatible with GPLv2-only was pretty
  72. 	much self-sabotage.
  73. 	And so since then, we got with the inability for some major projects
  74. 	to ever share code or even be used together without relying on dirty
  75. 	tricks like using IPC to circumvent copyleft.
  76. </p>
  78. <h2>Countering CLAs</h2>
  79. <p>
  80. 	One way you can oppose Contributors License Agreements (CLAs) is via
  81. 	creating a community fork.<br />
  82. 	And if it's originally under a permissive license, consider putting
  83. 	the changes under a copyleft license that's compatible with existing users
  84. 	(at least libre ones).  That way if they ever want to take code back,
  85. 	they would have to either weaken or abandon their CLA.
  86. </p>
  88. <h2>Warranty reminder</h2>
  89. <p>
  90. 	Also because of the horseshit of calling vulnerabilities on random
  91. 	projects "Supply Chain", reminder that virtually all public
  92. 	licenses comes with this kind of text (took this one from MIT,
  93. 	you can also pick your favorite):
  94. </p>
  95. <blockquote><pre>
  96. THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
  97. EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
  98. MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT.
  99. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY
  100. CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT,
  101. TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE
  102. SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
  103. </pre></blockquote>
  105. <p>
  106. 	Which is why to me, any corporation found whining about Supply Chain
  107. 	should be treated either as incapable of reading warranties meaning
  108. 	their products aren't trustworthy, or as wanting the equivalent
  109. 	of a support contract for free which is abusive.
  110. </p>
  112. </div>
  113. </content>
  114. </entry>