[Fedora-legal-list] Re: Review and Guidance needed - licenses transforming based on time

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 




Dne 17. 07. 24 v 15:45 Richard Fontana napsal(a):
On Wed, Jul 17, 2024 at 7:33 AM Michal Schorm <mschorm@xxxxxxxxxx> wrote:
Hello,

I'd like a review of 'MariaDB Business Source License (BSL)'.
Here is a specific instance of the license:
   https://github.com/mariadb-corporation/MaxScale/blob/24.02/licenses/LICENSE2106.TXT
Here is FAQ about it:
   https://mariadb.com/bsl-faq-mariadb/

TL;DR:
the license says it's non-free, but it becomes free (GPL in this case)
after a specific time.

--

Apart from this specific case, I'd like to hear your guidance in
similar cases in general - whether they are mostly accepted or rather
avoided (by Fedora), as more licenses with this idea exists, e.g.:
https://github.com/getsentry/sentry/blob/master/LICENSE.md
As noted, BUSL-1.1 is already not allowed. The only other distantly
conceptually related license that has been considered by Fedora AFAIK
is the historically significant, but largely unused, license formerly
known as the Transitive Grace Period Public License, which was
classified as "good" under the Callaway system. However, TGPPL is
quite different from BUSL in that it is a copyleft license (OSL
derivative I believe) with a temporary permission for *licensees* to
distribute original or derivative works under a proprietary license.
The BUSL-derived Sentry licenses (currently the subject of an SPDX
issue) have AFAIK not been considered by Fedora, and I hope that these
licenses have no impact on any existing Fedora package.

But you've also asked an interesting question that also hasn't come up before:

"once it reaches the condition to
transform to a free license, whether it is absolutely fine to add the
software to Fedora under that specific free license, or whether there
is any specific point of view the Fedora Legal team holds, or other
specific requirements how to list the license correctly."

  I think it's "fine" in theory, but somewhat risky. I imagine that in
some cases it won't be clear whether a particular version mixes BUSL
(at various stages of the process towards the "change date") and
post-BUSL licenses. And if we concluded that the change date had
occurred for everything, we might want to require some further action,
at a minimum documenting the conclusion (not just in the license tag)
and probably also at least including a copy of the post-BUSL allowed
license.


Chm, I wonder how to for example apply security fix? Imagine there is some security issue fixed in the most recent version, will we reimplement such patch?


Vít



I think we can cross the bridge when we come to it -- or have we come to it?

Also:

"Fedora package maintainers shouldn't try to guess
the resulting license(s) that applies to the user, they should only
list the licenses of the contents of the binary rpm.
In this case, assuming that the license already transformed to the
free one might be the guessing package maintainer shouldn't do."

I think this is alluding to the "no effective license" principle. But
in lots of situations we have to make guesses and interpretations of
various sorts. I can maybe see adopting the position that these
licenses are so odious that we don't want to distribute anything that
was even formerly under them (until the theoretical trigger to free is
reached) but that seems a little extreme to me if it's just a kind of
political gesture. There's already a license allowed in Fedora -- it's
pretty obscure and I can't remember the name offhand -- where the
license basically says something like "proprietary until the year
2000, then you have the following FOSS license" and this is allowed
because in that case the change date is clearly something that
occurred *long* ago.

Richard

Attachment: OpenPGP_signature.asc
Description: OpenPGP digital signature

-- 
_______________________________________________
legal mailing list -- legal@xxxxxxxxxxxxxxxxxxxxxxx
To unsubscribe send an email to legal-leave@xxxxxxxxxxxxxxxxxxxxxxx
Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: https://lists.fedoraproject.org/archives/list/legal@xxxxxxxxxxxxxxxxxxxxxxx
Do not reply to spam, report it: https://pagure.io/fedora-infrastructure/new_issue

[Index of Archives]     [Fedora Users]     [Fedora Desktop]     [Fedora SELinux]     [Big List of Linux Books]     [Yosemite News]     [Gnome Users]     [KDE Users]

  Powered by Linux