GLWTPL – Good Luck With That Public License

GLWTPL is awesome!

GLWT Public License
Copyright (c) Everyone, except Author

The author has absolutely no clue what the code in this project does.
It might just work or not, there is no third option.

Everyone is permitted to copy, distribute, modify, merge, sell, publish, sublicense or whatever they want with this software but at their OWN RISK.

GOOD LUCK WITH THAT PUBLIC LICENSE
TERMS AND CONDITIONS FOR COPYING, DISTRIBUTION, AND MODIFICATION

0. You just DO WHATEVER YOU WANT TO as long as you NEVER LEAVE A TRACE TO TRACK THE AUTHOR of the original product to blame for or held responsible.

IN NO EVENT SHALL THE AUTHORS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.

Good luck and Godspeed.

GPL defense issues

A friend sent me a link to this email from Linus Torvalds to the Kernel Summit Discussion mailing list.  The subject of the conversation is the General Public License (GPL) and whether or not it should be enforced in courts.  Read the whole thing – it’s quite interesting.  Here are a few snippets just to get you started:

Let’s be clear about this: lawsuits destroy. They don’t “protect”.

Lawsuits destroy community. They destroy trust. They would destroy all the goodwill we’ve built up over the years by being nice.

And then this:

Because lawsuits – and even threats of lawsuits – makes companies way less likely to see you as a good guy. Even when you’re threatening
somebody else, everybody else around the target starts getting really
really antsy.

I talked to an Oracle lawyer a few months ago, and told him their
lawsuit just makes Oracle look bad. The lawyer was dismissive, and
tried to explain how it’s silly how people take lawsuits personally,
and talked about how layers _understand_ that lawsuits aren’t
personal, and that they are still friends outside the court.

I’m sure a lawyer can “understand” how lawsuits aren’t actually
something personal at all, but lawyers really seem to be the *only*
people who “understand” that.

The fact is, lawsuits (and threats of lawsuits) do not make for
friends. You just look like a bully.

GPL : Matt Mullenweg and Automattic vs. Wix

The General Public License (GPL) has been the source of many discussions since it was created in 1989 (with a few versions in following years) and applied to numerous Open Source Software projects.

Currently, there is one more such discussion going on.  It was kicked off by Matt Mullenweg, the founder and CEO of Automattic, the company behind WordPress:

Anyone who knows me knows that I like to try new things — phones, gadgets, apps. Last week I downloaded the new Wix (closed, proprietary, non-open-sourced, non-GPL) mobile app. I’m always interested to see how others tackle the challenge of building and editing websites from a mobile device.

I started playing around with the editor, and felt… déjà vu. It was familiar. Like I had used it before.

Turns out I had. Because it’s WordPress.

He proceeds with the open letter to Wix:

Dear Wix,

This explicitly contravenes the GPL, which requires attribution and a corresponding GPL license on whatever you release publicly built on top of GPL code. The GPL is what has allowed WordPress to flourish, and that let us create this code. Your app’s editor is built with stolen code, so your whole app is now in violation of the license.

What does Matt want Wix to do?  Very simple:

Release your app under the GPL, and put the source code for your app up on GitHub so that we can all build on it, improve it, and learn from it.

Did Wix respond?  Yes, they did.  First, one of their lead engineers, Tal Kol, wrote this blog post.  I think it’s quite sensible and boils down to a misunderstanding.  Or so I read it:

I apologize if I appeared to take credit for somebody else’s work. This was definitely not my intention. I think you guys are doing a great job.

Second one though is a bit less so, written by Wix CEO Avishai Abrahami.  While trying to appear friendly and casual, it does dodge the whole issue of the GPL violation, misrepresents the facts on the branding, and ends with an awkward invitation for a coffee.  WP Garage has a good summary of why this response is weak.

Here are a few more resources with commentary that help to understand the issue:

Personally, I am a big fan of GPL, Automattic, WordPress and Matt Mullenweg, who I had the opportunity to meet and talk to back a few years ago.  But as a CTO of a startup (and not for the first time), I have to admit that Open Source Software is difficult when it comes to business.  It requires a huge effort to make a company understand what Open Source Software is, what are the intricacies of the major licenses, and what are the consequences of using Open Source Software for different kinds of projects (internal tools, client projects, company products and services, etc).

Here are the important points that I want to highlight in regards to this conversion:

  • If you are using Open Source Software, make sure you understand the licensing and the culture behind it.
  • If you made a mistake, admit to it and figure out a way to resolve it.  Dodging or finger-pointing is not a resolve.
  • Legal action is not the only option.  Often, it is not even the most preferable.
  • Be nice to people. :)

I’d like to finish with this tweet, which I think highlights the most important point.

P.S.: Some people say that GPL has not been enforced in courts.  This page lists a few cases in several countries, which provide examples of the contrary.

How Google Uses and Contributes to Open Source

Here is a good Open Source story – “How Google Uses and Contributes to Open Source“, which goes into some detail and history of how Google is working with Open Source community.

I’ve seen this before:

“There are companies and people who just take the software and say, “I didn’t have to pay for it. I can do anything I want. The license file is a big blob of text. I’m not going to read that,” Merlin said.

And I’ve this (quite a few times actually):

Back in its early days, around 1998, Google was a small company. It was using open source just like any other small company. While Google was abiding by licences, they were not giving back much due to several reasons. “Some of it was just run fast and make sure that we have money next month to pay everyone’s salary,” said Merlin.

Having been involved in open sourcing companies’ projects new and old, this is what I firmly believe now is the best strategy:

Go open source from the beginning

Google changed that by writing a lot of things from the ground up as open source or to be open source ready. That was a good lesson that they learned, and that’s a problem many companies face when they want to open source their stuff but can’t because the code was not designed to be open source from the beginning.

This, I think, is an interesting approach too (if  you are too small of a company to have research papers and algorithms, consider blog posts, tips and tweaks, case studies, and the like):

Even if Google can’t open source certain code, they found a way to bring that work to the public. “We wrote papers talking about the magic algorithm that we used. We can’t give you the code for the reason I just explained, but we’re giving you the way they work so you can rewrite them,” said Merlin. Google has published hundreds of such papers and people are using it to create projects based on those ideas.

This bit on Android is mind blowing:

Now virtually all of Google’s open source code is on GitHub, except for Android. “The Android distribution is so big and it gets released in big chunks. So, when it gets released, everyone wants to sync that,” Merlin said. “It’s so huge that if we put it on GitHub, it would completely kill GitHub. We use our own mirrors for that, to help out.”

A word of caution for the companies using Open Source software:

Companies have to be extremely careful when using open source. Different projects use different licenses, and you need to be in compliance with them.

[…]

Things become complicated when you have projects that you ship. In the case of open source, you need to list the projects that you use and their licenses. In the case of BSD and MIT, you need to list the name and the copyright of the person you got that project from.

You’ll probably need a set of tools to deal with issues like this.  For PHP-based projects, composer is indispensable.  You can run “composer licenses” command and instantly get information about the project’s license, as well as licenses for each and every dependency in use (thanks to this blog post).

There is a good section on Contributor License Agreements (CLAs).  I am slightly familiar with the subject (I signed a few myself), but my experience is limited, especially from the company perspective.  I found this part useful, for that distant time when I’ll need to set it up:

Google uses the Apache foundation ICLA, without modifying it or putting anything special in it. CLAs ensure that companies like Google “can re-license your code under a different open source (license) if we need to. Sometimes we need to merge with other projects and that’s what the CLA allows us to do,” said Merlin.

These are just bits and pieces which I found interesting.  I wish more companies shared their practices and experiences – in particular those larger businesses, with years of history and a wide variety of challenges.

Linus Torvalds loves GPL

Slashdot links to this CIO article, which quotes Linus Torvalds on the importance of the General Public License (GPL):

“FSF [Free Software Foundation] and I don’t have a loving relationship, but I love GPL v2,” said Torvalds. “I really think the license has been one of the defining factors in the success of Linux because it enforced that you have to give back, which meant that the fragmentation has never been something that has been viable from a technical standpoint.”

and:

“The GPL ensures that nobody is ever going to take advantage of your code. It will remain free and nobody can take that away from you. I think that’s a big deal for community management.”