search

Luxoft / gengen

Tool for generating models and Angular services based on OpenAPIs and Swagger's JSON.
MIT License
17 stars 8 forks source link

#1196 CodeSynthesis XSD #1

Closed jeremiah closed 4 years ago

jeremiah commented 4 years ago

There are two issues with the 1196 request;

  1. The project adds and exception to the GPL
  2. The request is ambiguous with regard to "derived work."

In the first issue, the license for the XSD software has an additional exception in front of the GPLv2 (GPL version 2 only). In general, additional restrictions are not allowed to the GPL; "Each time you redistribute the Program (or any work based on the Program), the recipient automatically receives a license from the original licensor to copy, distribute or modify the Program subject to these terms and conditions." However, the XSD program comes with an exception, not a restriction. The intent of the exception is here: https://git.codesynthesis.com/cgit/xsd/xsd/tree/FLOSSE

Question: Is this exception acceptable? I believe it is acceptable for our usage scenario.

In the second issue the output we create from the Luxoft web app reads; 

**Usage type**
 - [ ] Distributed separately - not bundled with proprietary software
 - [X] Distributed bundled with proprietary software
 - [ ] I will host the open source for access by clients
 - [ ] Modified
 - [ ] Embedded
 - [X] Linked

The problem is the term "bundled" has no legal meaning. Words matter a great deal in the law and our liability remains the same whether we're describing it correctly or not. In this case, we're not describing it accurately. The GPL uses the term "aggregation" to describe "bundling"; " In addition, mere aggregation of another work not based on the Program with the Program (or with a work based on the Program) on a volume of a storage or distribution medium does not bring the other work under the scope of this License." Therefor, I propose changing our wording to "Aggregated and distributed with proprietary software."

The same issue applies to the terms "clients", "embedded" and even "linked", at least with regard to the GPL and software development. Those I will file as separate issues.

jeremiah commented 4 years ago

After discussing the first issue a bit with colleagues it is my opinion that the additional wording to the license is not an issue as long as we comply with the all the terms as if the software was under the GPLv2. While no additional restrictions can be added to the GPL, this is more of a permission to do something or an exception for a given situation and doesn't change the compliance obligations one has on us. I plan to approve usage of this component upon discussion of the compliance internally.

jeremiah commented 4 years ago

With regard to the second issue I added, I was informed that we're moving more quickly now to replace internal tooling and that while there is an opportunity to change the wording to be closer to legalese, it will have an impact on training and documentation of OSS policy.

This will be turned into a separate issue.