You’re entitled to your opinion but in open source licensing only the consensus of the community really matters.
In a recent conversation on the Apache Legal mailing list, a participant opined that “any license can be Open Source. OSI doesn’t ‘own’ the term.” He went on to explain “I could clone the Apache License and call it ‘Greg’s License’ and it would be an open source license.” Continue reading →
Facebook’s BSD+Patent license combo fails not because of the license itself but because it ignores the deeper nature of open source.
In July 2017, the Apache Software Foundation effectively banned the license combination Facebook has been applying to all the projects it has been releasing as open source. They are using the 3-clause BSD license (BSD-3), a widely-used OSI-approved non-reciprocal license, combined with a broad, non-reciprocal patent grant but with equally broad termination rules to frustrate aggressors. Continue reading →
The Apache Software Foundation has moved the “Facebook BSD+Patent grant” license combination (FB+PL) to its “Category X” licensing list, effectively banning inclusion of any software under FB+PL from Apache projects. That included RocksDB, which has consequently just dropped FB+PL and added the Apache License v2 on Github, and React.JS which does not look like it will resolve the issue so fast.
Update, 22 September: Facebook has announced it will switch React to the MIT license.
Here’s what we know so far (subject to updates, last day’s in green, latest marked 🆕): Continue reading →
Even near-perfect governance like Apache’s can get gamed by a determined and well-resourced player. What lessons can we learn from their experience?
I’ve previously written about the fact the Apache Software Foundation offers an exemplar of large-scale open source governance. Even with those supreme qualities, things can still go wrong. Apache offers some of the best protections for open source contributors but its mature rules can be manipulated by skilled politicians and/or determined agendas. What can we learn from their experience? Continue reading →
At FOSDEM 2017, Simon gave a well-attended talk explaining many of the things that could go wrong for a company trying to engage a large open source project over legal or governance issues. Based loosely on a mailing list thread at the Apache Software Foundation, the talk highlighted seven things to avoid and gave ideas on how to do so.
Starting a large-scale open source project? The Apache Software Foundation is the benchmark against which you will be measured.
We’re now well beyond the point where open source has “won”. We’re seeing the open source idea starting to mature beyond even adolescence into adulthood. As it does so, our understanding and expectations of open source communities need to expand. Continue reading →
In a thread on Twitter, the CTO at Chef Software defended the company against the accusation from an open source contributor that it demands copyright assignment from contributors. Chef’s CTO Adam Jacob explained that the company does copy Apache rules and thus requires a copyright license agreement (CLA) in addition to Apache’s open source license – not copyright assignment. He said:
we have never asked for copyright assignment. We do ask for a license, as Apache license requires.
That’s not actually correct, even if it’s a sufficiently common misunderstanding that Jacob really shouldn’t be called out for asserting it (especially as he was probably just suffering from Twitter’s 140 character limit!). Copying Apache’s license does not imply you should copy the rest of Apache’s CLA practice. The Apache License v2 (ALv2) is the best choice among non-reciprocal licenses for new projects, mostly because it includes explicit patent licensing. It is a perfectly effective license to use for any open source project where the community has no expectation of contribution on the part of users of the code, as it conveys all the rights you need to work with the code independently of others. Continue reading →
Samsung shuts down ChatOn – CNet – If only there was a way for their customers to uninstall their impotent self-defence against Google.
EU software procurement breaches rules more than ever before – OFE PDF – Because they really do prefer to feed what they perceive as corporate power brokers rather than work to create European value with European money.
EU allocates half million euros for testing open source – FSFE – It’s a rounding error on the budget, but at least it’s something. Let’s see who gets it.
Apache finally publishes a code of conduct – Blog, Code – Fine work, but no really defence against those gaming the system.