> Very interesting. And (though again, I'm more of a technical guy, not a > legal > guy) the implications seem to go deeper than this. Supposing a developer > on my team, who has no authority to enter into contracts for my company, > builds a portion of our product using a GPL'd product. Or, even further > down the food chain, supposing I license a product from a 3rd party vendor, > and a member of *that* company used a GPL'd product without company consent > (and thus their product is not GPL'd). > > Since my *company* has not consented on either occasion- does the license > hold?
If you have not agreed to the GPL, you may not legally distribute derivatives of GPL'ed software. You need to agree to the license for that. These kinds of inadvertent violations are one motivator behind the LIDESC system: http://www.mibsoftware.com/librock/lidesc/ (The rest here is kind of off-topic for click-wrap, because LIDESC is not a license-term enforcement system. It just reports the license terms of developed and acquired software.) By embedding short "stamps" into the sources (or binaries) you can use LIDESC to determine the licensing of all of the pieces. A LIDESC stamp can appear in source file comments and other places. The stamp for the GPLv2 looks like this: License text in <librock/license/gpl.txt> librock_LIDESC_HC=63c4046d603e0628fdae5b89c418ed01e4e4fdf1 You can generate stamps for other OSI approved and other licenses at http://mibsoftware.com/librock/lidesc/stamp.htm The LIDESC utility allows you to locally "unapprove" licenses and detect some licensing conflicts automatically. When the LIDESC stamps are embedded, even the 3rd party vendor will be propagating them. LIDESC is Free (libre) and free (no cost.) <shameless plug> If you want a library of open source software (from many sources) which is already stamped, see: http://www.mibsoftware.com/librock/ </shameless plug> -- license-discuss archive is at http://crynwr.com/cgi-bin/ezmlm-cgi?3
