Why reciprocal license restrictions in "Guide for Using Open Source Software"? #62
Comments
|
It's supposed to represent a decision tree. So you only get to points 3 and 4 if you answer Yes to Would the current situation or your department policies prevent publication of source code of modified OSS? If yes, and it's a Web application, don't use strong reciprocal (AGPL). If yes, and your going to be "distributing" the resulting software, use only permissive licences. |
|
Yes, I think we need to work some kind of graphics... The decision tree is
meant to go from 80% scenarios you should be able to use OSS under any open
source licence and then break out the remaining 20% scenarios.
Le mar. 7 mai 2019 07 h 55, Sébastien Lemay <[email protected]> a
écrit :
… It's supposed to represent a decision tree. So you only get to points 3
and 4 if you answer Yes to 2. Are there any reasons that would prevent
the release of the modified source code?. In most cases you should be
able to answer No.
Would the current situation or your department policies prevent
publication of source code of modified OSS? If yes, and it's a Web
application, don't use strong reciprocal (AGPL). If yes, and your going to
be "distributing" the resulting software, use only permissive licences.
—
You are receiving this because you are subscribed to this thread.
Reply to this email directly, view it on GitHub
<#62 (comment)>,
or mute the thread
<https://github.com/notifications/unsubscribe-auth/AAM4TZPHVH6SS6KWJPODBCLPUFU3JANCNFSM4HLCJCUQ>
.
|
|
We probably should add some nuance as well to help teams realize what would constitute a reason that the source code could not be published, linking to the conditions we mentioned in the white paper and publishing OSS. There's really little reason why we should modify existing OSS and introduce code that shouldn't be released itself. It may sound overkill, but we may need to add some additional disambiguation around difference of source code and software deployed. I still have to explain the difference to people I should not... (That's not just government by the way - it's a bit scary at times) |
|
Absolutely! Yes, definitely need graphics... Also, clearer introduction might help in the meantime! |
|
This is nice, but its not about reciprocal vs permissive, I think. Its about what OSS licences are acceptable for use by the GC. Not releasing or even contributing back. For example I think it should start with
Same for when you will make modifications and can share them. If you can't share modifications the follow the questions.. For the yellow boxes I propose the following changes to be less about permissive vs reciprocal (from the top)
|
|
Ah yes, the decision tree was more about the software used inbound. A decision tree should probably be done for licences applied to GC projects 🤔 For example, see this graphic from Heather Meeker's book Open (Source) for Business: |
|
In other words, if you use without modifications (or any derivative work), you shouldn't be worried about from the OSS licence perspective in most cases as long as it is a recognized OSS licence. However, if you do modify it, you have additional considerations to keep in mind, mainly that:
|
|
How is this in comparison? |
In the Guide for Using Open Source Software, in the section Verify Open Source Software License, it says that applications that are going to be modified can't use a "strong reciprocal" license if they're web apps nor any reciprocal license if they're going to be distributed externally.
This raises several questions/issues:
In general, one can never predict with certainty whether one will have to make modifications to an open source software application one is deploying. One may start out intending to make no modifications, and discover one year down the road that modifications are necessary (furthermore, one cannot predict whether those modifications would be of the sort that should be submitted upstream, rather than merely published, and whether upstream would accept them if they were submitted).
Since the Guide for Publishing Open Source Code says that work should happen in the open by default, in principle all modifications are intended for external distribution anyway (except for those which meet one of the rare exception conditions stated, but those do not concern us here).
What this all adds up to is that the Guide for Using Open Source Software effectively prohibits GC from using any reciprocally-licensed (i.e., copyleft / GPL'd) software at all.
Presumably this was not the intent?
What is the purpose of discouraging contact with reciprocal licenses, as specified in points 3 and 4 of the section "Verify Open Source Software Licence", anyway? Or am I just misreading the text somehow?
FWIW, the publication guide (a separate document) does not similarly discourage use of reciprocal licenses -- it just lists them as an option along with other types of licenses. Unless I've misunderstood something, the interaction between those two policies means that GC could easily end up publishing open source software that GC itself cannot re-use.
The text was updated successfully, but these errors were encountered: