On Wed, Aug 12, 2009 at 1:09 PM, Damien Katz<[email protected]> wrote: > Thank you Bernd. The CouchDB PMC and anyone else interested in contributing > to development should take this advice to heart. > > -Damien >
There's an interesting discussion of the Apache License in a few recent blog posts here, which digs into some of the nuances. It's from the perspective of the APL outside of the ASF, but touches on a lot of this pragmatic stuff. http://blog.opscode.com/2009/08/why-we-chose-the-apache-license.html Also has good comments. Chris > > On Aug 11, 2009, at 4:33 AM, Bernd Fondermann wrote: > >> Hi, >> >> I'd like to try and maybe provide some insights on the topic of >> licensing, dependencies, IP and so on. >> The current discussion mainly focuses on licensing, but this is only >> one aspect. If including some specificly licensed code is allowed or >> not is not always a binary decision. You can have very bad >> ASL-licensed code. >> >> At first, a quick example: Two developers, Mathilda and Sven start a >> cool open source project A. Sven finds some nifty third party open >> source library B which (as code) they include in their own repository. >> They make a release, they fix some bugs and their project quickly >> gains attraction. Company BigCo uses their product and they are very >> happy with it, they even hire Mathilda as a consultant for some time >> and release their own product "BigCo DB". >> Then, one day, small company Moronz & Sons sues BigCo for patent >> infrigement. Oops, library B implemented an algorithm which Moronz & >> Sons hold a patent on (or claim some other IP for). >> BigCo is no longer so happy and now sues poor developer Mathilda, >> because they can. The shit hit the fan. Mathilda is broke after >> fighting BigCo, Sven is scared away. Project is dead. >> >> To prevent anything like this, the ASF has put up all these processes >> and firewalls like being a foundation, having insurance, having a PMC, >> requesting CLAs and code grants, having licensing policies, holding >> votes etc. It's for the sole purpose to secure the code we are >> developing here to be freely distributed to our users. >> >> Often, these are only seen as tedious, bureaucratic overhead. And >> indeed they are. They aren't fun. But they can make you as developers >> and your users more relaxed that nothing bad comes out of it. >> >> So I suggest to be double careful. Don't discuss licenses only. Look >> at the code. Make sure the stuff you are distributing is your own and >> you know it is safe to distribute. Otherwise, back it out, check with >> the original developers, re-implement, request code grants etc. That's >> the task of the PMC. By +1ing a release you say that all this is >> properly checked. >> >> I like CouchDB quite a lot and when I use it I want to be absolutely >> sure I'm safe both using it and suggesting it to my customers. >> >> Thanks, >> >> Bernd > > > -- Chris Anderson http://jchrisa.net http://couch.io
