I understand your concern... obviously it's my belief that 100% of the code in ColdSpring is not part of any other project or work, but I'm guessing that my *word* isn't what you're looking for.
I know Sean is using ColdSpring @ Adobe, which is a pretty big company and since any use, even internal, of a codebase means said codebase is contributing to revenue, I think that would be a good example of commercial use. -Dave On 8/25/06, Matthew Lesko <[EMAIL PROTECTED]> wrote:
Dave, Understand the point you're making and I agree with you; however, I am tasked not with understanding the license, which I do, but rather attempting to identify potential exposure to liability. My point is that with *any* open source project there is the possibility of a contributor taking code from something licensed in a more restrictive manner, unwittingly or not, and adding it to the project. And, that offending code, if present, may effectively poison the pond. The best proxy I can think of to achieve my end, short of line by line research of the code base, which may not bear fruit anyway, is identifying others companies using Coldspring and distributing it with their product or utilizing it to deliver a service *that others pay for*. That information provides a reasonably strong justification that patent trolls are not waiting in the wings to sue, because if someone is using an open source project and charging for work that incorporates it, then trolls would probably have come out of the woodwork already if they saw an opportunity. This is the issue I am trying to address. From my view, I think this type of vetting - if you will - is a positive step. Because my company is not the only one who is going to have a similar question. So any response indicating usage helps build momentum for adoption. If there is a negative response (i.e. for instance someone says it contains closed source) then hopefully that issue it comes to light sooner than it would have otherwise and is addressable by myself or others. Regards, Matthew Lesko Dave Ross wrote: > Matthew, > > ColdSpring (and Spring) uses the Apache 2.0 License, which is probably > the most commercial-friendly open-source license out there. Because > the code is licensed that way TODAY means that the code as it stands > TODAY will always be free to use in any project. I'm not saying that > there's any plans to change the license, I'm just saying it's > impossible to retroactively change the license of distributed code. > > http://www.apache.org/licenses/LICENSE-2.0 > > "Grant of Copyright License. Subject to the terms and conditions of > this License, each Contributor hereby grants to You a perpetual, > worldwide, non-exclusive, no-charge, royalty-free, irrevocable > copyright license to reproduce, prepare Derivative Works of, > publicly display, publicly perform, sublicense, and distribute the > Work and such Derivative Works in Source or Object form." > > That pretty much says it - you can do whatever you want with > ColdSpring. The license prevent me from suing you for using code I > wrote, and the license prevents you from suing me if you think the > code I wrote caused you harm. > > The only thing I'm allowed to point to that uses ColdSpring (because > the project itself is opensource), is something called FMDRL, which > you can read about here: > > http://www.fmdrl.org > > thanks, > > Dave > > > On 8/25/06, Matthew Lesko <[EMAIL PROTECTED]> wrote: >> The risk, or management concern if you will, I am trying to address is >> liability. Think SCO & Unix. The thought process here is: how do we know >> it's truly open source and we won't be sued at some point down the line >> for infringing someone's commercial copyright? This would make our >> exposure large because we're looking at Coldsrping for inclusion within >> a commercial product. >> >> So what I was hoping to see from posting to the Coldspring list is >> several larger players step forward to say they're using them. Then if >> the legality came into question, there is safety in larg(er) numbers. At >> least so goes the thinking here. >> >> As far as quality and functionality are concerned, I've implemented >> consulting projects with both Reactor and Coldspring without issue. So >> that is not a concern for me nor others here I think. In that case, the >> liability question is not a concern, because the projects are one-offs. >> >> So I need to justify Coldspring specifically, not Spring, in order to >> implement in my environment. >> >> Regards, >> >> Matthew Lesko >> >> >> Scott Arbeitman wrote: >> > First, I am using Spring in a very high-traffic banking site in >> > Australia. The results have been pretty good. I use it to handle >> > pluggable bits of a small framework I wrote: basically for XML-based >> > configuration. >> > >> > I think more of an argument comes from who is using Spring for Java. >> > There you'll find heaps of big players in the enterprise space. A >> > quick search on a major employment site will no doubt turn up many >> > positions with Spring, Struts, and or Hibernate as a required skill. >> > >> > Kind Regards, >> > Scott Arbeitman >> > >> > On 25/08/2006, at 12:10 AM, Matt Williams wrote: >> > >> >> Search through Sean Corfield's blog (corfield.org). I'm pretty sure >> >> he's made mention of some apps he uses MG, ColdSpring and Reactor in >> >> there. Mostly internal stuff at adobe I think. >> >> >> >> On 8/24/06, Matthew Lesko <[EMAIL PROTECTED]> wrote: >> >>> I am trying to convince my manager to use Coldspring in our product. >> >>> Toward that end I am attempting to identify other commercial >> >>> services or >> >>> products that use Coldspring. Can anyone on the list tell me >> about what >> >>> they're doing along these lines or point to people who are? >> >>> >> >>> Regards, >> >>> Matthew Lesko >> >>> >> >>> >> >>> >> >>> >> >> >> >> >> >> --Matt Williams >> >> "It's the question that drives us." >> >> >> > >> > >> > >> >> > >
