Hi, >> Let me give an example: I need to write a plugin for authentication, >> because we use own authentication routines, and this code is not useful >> for nobody else. > > Are you really using a proprietary means of authentication? > > I'd be curious about that use case, to be honest. :)
We release some plugins that we make as open source, but we do have some plugins that connect our RC installation with other internal systems (like a semi-homegrown OTP system, and a homegrown anti spam system), and we prefer not to release that source because it gives away information about our internal systems. We see that as a security and/or privacy risk. Spammers could abuse it to game our systems for instance. Now, I know all about security by obscurity, and probably it won't hurt to be forced to release those sources, but we'd rather not if we don't have to. These plugins are pretty much of no use to anyone but people trying to gain knowledge of our internal systems. RC was created with plugins in mind. They are an integral way for people to expand and integrate RC into other systems. At some point you have to let go and allow people to use it, without trying to dictate how they can use it. > Please note that the GPL does not mandate you release all source code all the > time, neither does the AGPL, for that matter. Sorry? I think AGPL does mandate you to release all source code the moment you change 1 byte in the original code. Basically the moment RC would become AGPL, everyone that changed 1 line of code in their source would have to provide a full source link or not be compliant. Right? Regards, Cor _______________________________________________ List info: http://lists.roundcube.net/dev/ BT/8f4f07cd
