LGPL licensing?

[kierer]

Might you consider a switch to LGPL licensing for the library (e.g., toward improving/encouraging participation by commercial software developers), or is this something that has already been ruled out on principle?

Best, K

[johnbywater]

Thanks for the question. Nothing is ruled out, let's talk about it. If there is a policy example I could see, that's inhibiting what you describe, that would be interesting. The current licence was compatible with the open source policy of the places I've worked, but I don't have any data from which to form a general view.

[kierer]

Thank you for considering the possibility of alternatives. A company I do consulting work for essentially follows Google’s published OSS license policies (https://opensource.google.com/docs/thirdparty/licenses/). Specifically, if there is any chance that code containing proprietary competitively-sensitive information might be externally distributed, with respect to contact with projects under FSF licenses (other licenses are covered in the policy as well), use of and contribution of patches/extensions to libraries of benefit released under LGPL is encouraged, GPL-ed code can only be considered for use with/linked to from solutions that might only ever be internally used but not distributed (in which case developer contribution to projects is encouraged), and AGPL-licensed solutions are totally forbidden. They’ve been very good about underwriting time spent working on contributions to a number of OSS projects over the years, but the matter of avoiding “poison pill” licenses means we don’t even get to bring an interesting project to the table unless it’s under an acceptable license. I’ve been fleshing out an event sourcing implementation against a DynamoDB store and was hoping to run the idea of contributing team time to extending this project for DynamoDB up the flagpole since I see it on the roadmap, but licensing hurdles are non-starters that preclude even technical review. Thanks again and

kind regards, K

[johnbywater]

All the major dependencies of this project have a permissive licence. So perhaps it would make sense for this project to have a permissive licence. It happens that uwsgi has GPL v2, Unbit sells proprietary licences. I don't have the infrastructure to sell proprietary licences. I looked briefly for Python projects with LGPL, but couldn't find any.

SQLAlchemy - MIT Cassandra Engine - ‎Apache License 2.0 Django - BSD 3-clause Flask - BSD 3-clause "New" or "Revised" License Pycryptodome - some BSD 2-Clause, some Public Domain Redis - MIT Celery - BSD 3-clause uwsgi - GNU General Public License v2.0 (support and proprietary licences are available)

[kierer]

That makes sense. Apache, MIT, and BSD 3-clause certainly never seem to present a problem or get in the way of participation and contribution (at least with the teams I’ve worked with). The uwsgi GNU v2 is modified to add a linking exception (see https://github.com/unbit/uwsgi/blob/master/LICENSE), so I don’t believe it “poisons” upstream projects with more permissive licenses as long as the term of the linking exception apply.

[johnbywater]

This was discussed on the Slack channel. I propose to switch to the BSD licence. Have created #130 which changes the licence from GPL to BSD. Please post any objections here, or on that PR. I'll leave it for a few days at least, to give people time to respond if they want to. If there are no objections, the next release will have a BSD licence.

[johnbywater]

Hey @kierer maybe if you didn't see already, you would like to know the next release of this library will have a BSD licence. I hope that helps you feel more inclined towards contributing something DynamoDB-shaped to this library? All good wishes, John

[kierer]

Hi John, that's great news! Thank you- it opens the door to getting authorization to allot dev time for a code review/extension. They've tested a number of back end stores in their own implementations and are considering leveraging more than one due to the appropriateness of each to access patterns specific to their scenarios, so if the decision is made to leverage the project I could see contributions beyond DynamoDB over time. I'll go ahead and close this issue if that's alright. Thanks again! K