www-legal-discuss mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Kevan Miller <kevan.mil...@gmail.com>
Subject Re: XebiaLabs OverThere license
Date Fri, 30 Jan 2015 20:59:51 GMT
IMO, your options are:

1) leave it alone, or
2) make it an optional dependency and allow users to make the decision.

The license itself would fall under --
http://www.apache.org/legal/resolved.html#category-x (see the "special
exceptions to gnu gpl")

On Fri, Jan 30, 2015 at 7:04 AM, Richard Downer <richard@apache.org> wrote:

> Hello all,
>
> I'm from the incubating Brooklyn project and we have a query about the
> license on a software project that we would like to depend on.
>
> The project is XebiaLabs' "OverThere":
> https://github.com/xebialabs/overthere
>
> However it comes with a possibly troublesome license:
> https://raw.githubusercontent.com/xebialabs/overthere/master/LICENSE
>
> It seems their intention is that it's GNU GPL2, unless the software
> you are using it with is on a list of "approved" open source licenses,
> in which case they'll let you off most of the GPL requirements. Apache
> Software License v2 is on their approved list.
>
> Reading the license I still see some potentially problematic clauses -
> in particular 0.b.(ii) seems to say that source code must accompany
> all binary distribution of the combined software product (a
> requirement that ASLv2 doesn't have). Also, our project could
> potentially be combined by our users with closed-source components in
> a way that is permitted by ASLv2 but which then falls foul of this
> list of approved licenses.
>
> Possibly mitigating circumstances is that this dependency is not core
> to our project and could be made optional (i.e., source code could
> compile without error unless the dependency is specifically enabled,
> and the binary distribution would operate normally without it until a
> call for its specific functionality is made). Therefore we could push
> the decision to include this component onto the end users, and it
> would be their responsibility to comply with the license.
>
> If we *were* to depend on OverThere, then we would express that as a
> Maven dependency - so we would not be bundling any OverThere code in
> our repository or source distribution. However we would like to start
> making binary releases and therefore we may include the OverThere
> binary inside our binary distribution.
>
> Any opinions on this situation? Is there any way we can make this
> work, or should it leave OverThere well alone?
>
> Thanks for your comments,
>
> Richard.
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: legal-discuss-unsubscribe@apache.org
> For additional commands, e-mail: legal-discuss-help@apache.org
>
>

Mime
View raw message