Hi Tiago,
Thanks again for the response.
I originally arrived at graph-tool because I was thinking about making a
wrapper around boost graph library for the functionality I need and found
that you already did that quite some time ago (and its mature, bug fixed,
and usable).
I wouldn't be maintaining two versions of the whole platform, only of the
graph analysis service (but yes, it still sounds like a headache!)
Since you asked "why would I do that?", I thought I'd explain myself a bit,
in-case you're curious or maybe have a different perspective you'd like to
share:
( TL;DR - As the only person I know of who has written a python wrapper for
BGL, would you be able to give me a few words about how 'hard' it is? Was
this a fairly trivial part of graph-tool or a pretty huge part of the work?
If I only need a few of the algorithms will this make much difference to
the overall effort? )
I wanted to go with a BSD license (among other reasons) because I believe
it paradoxically protects my project from being ripped off better than the
GPL would.
The system is a functional PoC for several interesting brand new ways of
analysing the security of system architectures, which I hope will live on
as a proper tool my colleagues will use and enjoy.
If my code is GPL then proprietary companies will, if use becomes
widespread, take the ideas and re-implement them (being unable and/or
unwilling to contribute back).
If my code has a BSD license then it would be more economical (and legally
feasible) for them to work off my code base and contribute improvements
back as they integrate it with their products/appliances etc.
Therefore I think if I use the GPL the ideas will flourish but my project
will become a footnote in the history of that, whereas if I use BSD license
I think it would live long and prosper. I think the Boost guys went with
BSD style license instead of GPL style license because it gave them the
best chance at being the de-facto libs for the things it covers. For
example, you certainly found it useful to be able to choose your own
license, and I suppose may not have used Boost graph libs if their license
terms forced you to use Boost's own license (as you want a GPL style
license).
Ideally my project could receive the support of proprietary vendors as well
as the public community, as I think this gives it the best chance.
* Metasploit had a BSD license and when bought by Rapid7 the source remains
open and the community very active (although there is an extra closed
source component - pro version). A pentester can still use everything they
need for free.
* Nessus had a GPL license and when bought by Tennable they closed the
whole thing and the community died, A pentester can't get any functionality
from it without a very expensive license.
* Nipper was written by one of my friends/colleagues and released under
GPLv3. Most of the security community use it to analyse firewalls but
no-one contributed code or even money for new devices so he can support
them etc. (even though a huge amount of money was being made by using it).
Because of this he had the choice of either stagnating the project or
turning it into a company, which is now very successful and all the
developments he dreamed of are being done. I believe he would have had more
code support and therefore perhaps have stayed open if he had originally
released with a BSD license, but no-one really knows what alternative
histories would have looked like.
I will have to think a bit more about this. Its quite likely that in future
I'd want to share datastructures with the graph service in future, or even
expose a direct API whereupon the GPL might start to 'infect' the rest of
the project.
Given what we have discussed I therefore have to decide between 3 options:
1. Don't worry about all the above thoughts, just go ahead and GPL the lot
so as to go back to not worrying about which components have which license
2. Do worry about the above, maintain two versions of the graph service
with different licenses, hope future architectural decisions don't land me
in the GPL trap.
3. Do worry about the above, write my own BGL wrapper and hope its not too
hard to make/maintain, but still retain ability to choose the license for
all my code (and not worry about which bits have which license).
As the only person I know of who has written a python wrapper for BGL,
would you be able to give me a few words about how 'hard' it is? Was this a
fairly trivial part of graph-tool or a pretty huge part of the work?
Thanks very much for your time,
Tim
On Mon, Aug 3, 2015 at 7:14 PM, Tiago Peixoto [via Main discussion list for
the graph-tool project] <[email protected]> wrote:
> On 03.08.2015 18:57, monkeynut wrote:
>
> > From what I understand I can keep the original networkx version of
> > this service and also develop a graph-tool version, the former staying
> > with a BSD license and the latter having a GPL license.
> > However, one of my friends said that many would see that as "cheating"
> > but it seems to be an intentional provision of the GPLv3 as far as I
> > understand.
> >
> > How would you view that scenario? Would you be OK with it or would you
> > be upset/feel violated? Would your position change if I couldn't keep
> > up maintaining both versions?
> There is nothing for me to feel violated about if you follow the terms
> of the license. If you develop a piece of software that does not use
> graph-tool in any way, there is absolutely no claim I can make. If you
> decide to make a version that uses graph-tool, it needs to follow the
> GPL. It is really very simple.
>
> It seems like a headache to develop two versions of your platform. To
> do so only in order to avoid the GPL seems really strange, in my
> opinion. I know it is annoying to think about licensing, but think a bit
> about this decision: You're going through the trouble of developing two
> alternative versions of your code, just so that someone down the line
> can avoid the terms of the GPL, i.e. turn it into proprietary code. Why
> would you do that?
>
> But it is up to you, of course.
>
> Best,
> Tiago
>
> --
> Tiago de Paula Peixoto <[hidden email]
> <http:///user/SendEmail.jtp?type=node&node=4026224&i=0>>
>
>
> _______________________________________________
> graph-tool mailing list
> [hidden email] <http:///user/SendEmail.jtp?type=node&node=4026224&i=1>
> http://lists.skewed.de/mailman/listinfo/graph-tool
>
> *signature.asc* (836 bytes) Download Attachment
> <http://main-discussion-list-for-the-graph-tool-project.982480.n3.nabble.com/attachment/4026224/0/signature.asc>
> --
> Tiago de Paula Peixoto <[email protected]>
>
>
> ------------------------------
> If you reply to this email, your message will be added to the discussion
> below:
>
> http://main-discussion-list-for-the-graph-tool-project.982480.n3.nabble.com/Please-help-with-my-licensing-headache-tp4026221p4026224.html
> To unsubscribe from Please help with my licensing headache!, click here
> <http://main-discussion-list-for-the-graph-tool-project.982480.n3.nabble.com/template/NamlServlet.jtp?macro=unsubscribe_by_code&node=4026221&code=dGltLmFuYWx5c3RAZ21haWwuY29tfDQwMjYyMjF8MTcyNTI2MzkzNQ==>
> .
> NAML
> <http://main-discussion-list-for-the-graph-tool-project.982480.n3.nabble.com/template/NamlServlet.jtp?macro=macro_viewer&id=instant_html%21nabble%3Aemail.naml&base=nabble.naml.namespaces.BasicNamespace-nabble.view.web.template.NabbleNamespace-nabble.view.web.template.NodeNamespace&breadcrumbs=notify_subscribers%21nabble%3Aemail.naml-instant_emails%21nabble%3Aemail.naml-send_instant_email%21nabble%3Aemail.naml>
>
--
View this message in context:
http://main-discussion-list-for-the-graph-tool-project.982480.n3.nabble.com/Please-help-with-my-licensing-headache-tp4026221p4026225.html
Sent from the Main discussion list for the graph-tool project mailing list
archive at Nabble.com.
_______________________________________________
graph-tool mailing list
[email protected]
http://lists.skewed.de/mailman/listinfo/graph-tool
