logo

blog

My website can't be that messy, right? git clone https://anongit.hacktivis.me/git/blog.git/

on-licensing.xml (4918B)

    

  1. <entry>
  2. <title>On licensing, around hobbyist projects</title>
  3. <link rel="alternate" type="text/html" href="https://hacktivis.me/articles/on-licensing"/>
  4. <id>https://hacktivis.me/articles/on-licensing</id>
  5. <published>2025-09-17T02:13:12Z</published>
  6. <updated>2025-09-17T02:13:12Z</updated>
  7. <link rel="external replies" type="application/activity+json" href="https://queer.hacktivis.me/objects/2c5d292f-d555-412e-960c-b12a55aa6a0f" />
  8. <link rel="external replies" type="text/html" href="https://queer.hacktivis.me/objects/2c5d292f-d555-412e-960c-b12a55aa6a0f" />
  9. <content type="xhtml">
  10. <div xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en" class="h-entry">
  12. <h2>Suing and other legal processes</h2>
  13. <p>
  14. 	Hobbyists typically can't sue or even worse, afford to be sued.<br />
  15. 	That's a major weakness.<br />
  16. 	And it means licensing between hobbyists are more like code of honors.
  17. 	While a corporation can be a "copyright troll", sending a cease&amp;desist
  18. 	or worse without having the proper rights.
  19. 	Which in quite few cases has shut down hobbyist projects, at least temporarily.
  20. </p>
  21. <p>
  22. 	Yet because corporations can take over projects, either by forking
  23. 	them or acquiring the rights from the maintainers, <em>projects should
  24. 	still have appropriate licensing</em>.
  25. 	Otherwise it could horribly backfire on hobbyists, as frequently
  26. 	seen by either re-licensing to a proprietary license or adding
  27. 	a much more restrictive one than the current users of it can accept.
  28. </p>
  30. <h2>License compatibility</h2>
  31. <p>
  32. 	License incompatibility, unless there's an alternative implementation,
  33. 	forces to abandon the feature/idea, rewrite the software, or acquire
  34. 	a better license.<br />
  35. 	Hobbyist getting a better license from corporations is so rare
  36. 	there's a whole lot of excitement whenever that happens even for
  37. 	abandonned projects, meanwhile there's corporations almost entirely
  38. 	dedicated to acquiring appropriate licences.
  39. </p>
  40. <p>
  41. 	Rewriting software also being harder on hobbyists, specially if you
  42. 	need access to costy equipment or paywalled specifications to get
  43. 	part of the work done.
  44. </p>
  45. <p>
  46. 	That means license incompatibilities hurts hobbyists the most.
  47. </p>
  48. <p>
  49. 	Should also be noted that some corporations love using AGPLv3 combined
  50. 	with requiring a Contributors License Agreement (CLA) that tends to
  51. 	fully assign copyright to them or merely restrict to OSI/FSF licences
  52. 	(meaning MIT and 0BSD are possibilities).<br />
  53. 	And it's not exactly a new thing:
  54. 	<ul>
  55. 		<li>last paragraphs of <a href="https://lwn.net/Articles/541981/">SCALE: The life and times of the AGPL [lwn.net]</a> from March 13, 2013;</li>
  56. 		<li><a href="https://lwn.net/Articles/557820/">Debian, Berkeley DB, and AGPLv3 [lwn.net]</a> from July 10, 2013.</li>
  57. 	</ul>
  58. 	Note about the title of the last one:  It's not just Debian but effectively all
  59. 	distros which at best provide berkdb 6.0 or the latest version as another
  60. 	package which can be installed concurrently from berkdb 5.3.x.<br />
  61. 	cf. <a href="https://repology.org/project/db/information">https://repology.org/project/db/information</a>
  62. </p>
  63. <p>
  64. 	Also I think the GPLv3 not achieving consensus with existing GPLv2
  65. 	users while of course not being compatible with GPLv2-only was pretty
  66. 	much self-sabotage.
  67. 	And so since then, we got with the inability for some major projects
  68. 	to ever share code or even be used together without relying on dirty
  69. 	tricks like using IPC to circumvent copyleft.
  70. </p>
  72. <h2>Countering CLAs</h2>
  73. <p>
  74. 	One way you can oppose Contributors License Agreements (CLAs) is via
  75. 	creating a community fork.<br />
  76. 	And if it's originally under a permissive license, consider putting
  77. 	the changes under a copyleft license that's compatible with existing users
  78. 	(at least libre ones).  That way if they ever want to take code back,
  79. 	they would have to either weaken or abandon their CLA.
  80. </p>
  82. <h2>Warranty reminder</h2>
  83. <p>
  84. 	Also because of the horseshit of calling vulnerabilities on random
  85. 	projects "Supply Chain", reminder that virtually all public
  86. 	licenses comes with this kind of text (took this one from MIT,
  87. 	you can also pick your favorite):
  88. </p>
  89. <blockquote><pre>
  90. THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
  91. EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
  92. MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT.
  93. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY
  94. CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT,
  95. TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE
  96. SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
  97. </pre></blockquote>
  99. <p>
  100. 	Which is why to me, any corporation found whining about Supply Chain
  101. 	should be treated either as incapable of reading warranties meaning
  102. 	their products aren't trustworthy, or as wanting the equivalent
  103. 	of a support contract for free which is abusive.
  104. </p>
  106. </div>
  107. </content>
  108. </entry>