-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Martijn Faassen wrote:
> Stephan Richter wrote: >> On Wednesday 16 August 2006 09:42, Martijn Faassen wrote: >>> Anyway, nothing is said about dependency on GPL-ed code. That's a >>> different debate. It's strictly not against rules, but it does mean one >>> expectation is broken: one might want to expect that all code in the >>> repository is freely usable without having to worry about >>> GPL-provisions. This is not the case for code that depends on GPL-ed >>> code. Even though this may be already a grey area for other reasons, it >>> still makes sense to think about the intent and people's expectations >>> when checking in a codebase. >> >> My expectation is that I have to read all included license files and >> the licenses of the dependencies. > > If the GPL is one of those included licenses, the whole package falls > under the provisions of the GPL, not just the dependencies. This is what > the GPL requires. I'd prefer to have somebody at the foundation pay for advice on this: I have consulted to one very Zope-and-Python savvy IP lawyer (Ron Chichester) who has subsequently made his analysis of the interaction of GPL and Python's import public (at the Plone Symposium in New Orleans last March). He noted first that the GPL cannot restrict more than what copyright law permits, which is why "mere aggregation" of GPL and non-GPL software does not trigger the GPL. He then dissected the process of importing one Python module from another, in terms of the actual operations (including copies made in RAM) which take place, and argued from this analysis that the GPL does not govern a program / module which merely imports code from a GPL'ed module. I bring this up not to argue for Ron'd analysis, but only to say that assuming that you know what the GPL means in the context of Python might need to wait until the issue has been adjudicated. In the meanwhile, it is probably *not* going to be within the ZF's IP policy to allow checking in code which forces users of the repostiory to deal with the GPL at all; I would consider such a checkin now, in the interregnum period, to be particularly ill-advised. >> Remember, we are talking only about a dependency here, not even an >> inclusion. This case is much weaker than a lot of others. > > I know we're talking about a dependency here. I'm not saying what you > did was wrong, but I do also think Benji brought up a good point that > should be carefully considered. The Zope repository as managed by ZC has had a clear anti-GPL policy; I don't think that the foundation's policy is likely to be more favorable to code which might, in theory, trigger the provisions of the GPL. The appropriate thing here would be to remove the code which depends on the GPL, and then ask the foundation's permission before readding it. In the meanwhile, codespeak.net might provide a reasonable place from which to continue development of said code. Tres. - -- =================================================================== Tres Seaver +1 202-558-7113 [EMAIL PROTECTED] Palladion Software "Excellence by Design" http://palladion.com -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.2.2 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iD8DBQFE4/qQ+gerLs4ltQ4RAsNFAJ0eYNbPL7ryaHvqSHELI5ZUqG95KgCeMGBs R3Sv0rbyHDEAXXRgWTPkc/A= =Aieu -----END PGP SIGNATURE----- _______________________________________________ Zope3-dev mailing list [email protected] Unsub: http://mail.zope.org/mailman/options/zope3-dev/archive%40mail-archive.com
