OpenNTF : Don’t mix your licenses

Earlier today, Julian Buss released a new project on OpenNTF called YouAtNotes xCharting under the GPL license. I have absolutely no problem with his license choice, I fought hard to have the GPL license be a valid license type on OpenNTF so that some people, like Julian, can select it for their projects.

But it is important to know WHY your selecting the GPL license and what it means, basically the GPL license allows you to use the code in any of your own applications, however as soon as the GPL code goes into your application you application must then be licensed as GPL and the source code needs to be made available on request or be freely available online.

You might argue that your only going to use it in an internal application for your company, but the license still applies, your internal application and all the code it contains must now be licensed with the GPL license. If somebody, anybody, asks for the source then it must be supplied or your breaking the law. In 2006 D-Link were successfully sued because they used GPL code in their routers without releasing the source code and that is just one of many cases. If YouAtNotes use the xCharting code from OpenNTF in their commercial products then their commercial products are now GPL and anybody can request the source code for the ENTIRE product.

Even worse is mixing your licenses, and I’ll take an OpenNTF project as an example. The Bildr project by Patrick Kwintensson in it’s current V3.0 release is licensed as APLv2 however it contains a file upload control call PLUpload that is licensed as GPLv2. What this means is that Bildr is incorrectly licensed, it is not possible for it to be licensed as APL because of the GPL code in it. The OpenNTF IP Manager is aware of this and the project is in danger of being shut down if the license is not corrected soon. Of course the Bildr project also contains other code from other sources so simply changing Bildr to GPL won’t be sufficient.

The point that i’m trying to make is that you DO need to be careful about the licenses that you use for your open source projects and you also need to make sure that all code that you source from other places has a correct license. I looked at Bildr because of the file upload control, i was thinking it would fit in very well for another application that I’m writing and seeing the APL license on Bildr I would have thought I was in the clear, it wasn’t till I went to the PLUpload website that I found it was actually GPL.

So if your going to release stuff as GPL be aware that it is a restrictive license, while it does encourage sharing it can also stop people from using the code and in some cases, from even being allowed to look at the code.

Tagged with:
Posted in None
16 comments on “OpenNTF : Don’t mix your licenses
  1. Declan, it might also be useful to clarify GPL vs. LGPL projects as well. The notion of the Lesser(Library) GPL is simply that the originally GPL’ed code must be made available as source, not that the application using it must also be available as source.

    The intended principle is that GPL is viral, while LGPL is not. If you use GPL code, you must also adhere to the GPL. If you use LGPL code, you must simply admit that you used it and provide the original code on demand.


  2. Luke Kolin says:

    I don’t think you understand the GPL at all. It does NOT say that if GPLd code is used in an internal app, then the source must be made available to anyone who wants it; only that if you distribute the compiled app, the source must be made available to anyone who has the app. I use GPL code in my apps, as does my employer. We do NOT give the source code out because the compiled apps live on our servers, and no one outside our organization has standing under the GPL to request the source.

    Your post seems like a lot of FUD.



  3. Y’know Luke, it may very well be that Declan is mistaken, but claiming that he’s trying to cultivate fear and doubt is out of line. “FUD” is something that’s done intentionally, not by accident.

    His larger point about users of licenses not understanding their correct application has been proven on OpenNTF time and again.

    Anyway, I’m sure we’ll see quite the lively debate, as always, about the intended meaning of GPL and LGPL. Let the fun begin.


  4. Steve Smillie says:

    Good topic.


  5. Steve Smillie says:

    Luke that part of the GPL is fuzzy at best and corporate lawyers are not going to allow that risk into their companies.

    Whether the intent of the GPL is allowed for internal use or not is irrelevent when the license wording is too fuzzy to know how it would hold up in court, companies stay away.


  6. Luke, my apologies, you are correct, if the application is 100% internal and is never released or distributed then the GPL code is fine and somebody external to the company has no standing under the GPL to request the code, however if the code is ever released, even in just compiled binaries, then the GPL license does kick back in.

    Of course, there is an exception to this that is worth mentioning and that is the AGPL license that is designed to cover applications that run on servers. If you put AGPL code into an applications that runs on your servers and let external users communicate with it there, your server must also allow them to download the source code corresponding to the program that it’s running.


  7. Gregg Eldred says:

    @Nathan: His larger point about users of licenses not understanding their correct application has been proven on OpenNTF time and again. Does this point to a failure to properly educate the contributors by OpenNTF or that the contributors are left to decide on their own and need better guidance (spoken by a guy who doesn’t contribute to OpenNTF and doesn’t play a lawyer on TV)? Or some other reason? I can’t imagine that someone that wants to contribute wants to spend more time deciding the right license. A “cheat sheet” of some nature may help.


  8. John Head says:

    Gregg – Yes, we need to do better. We need a much clearer message about licenses. We need tools that walk the project owners thru the process. We need a cheat sheet, templates, and a whole slew more. We have an IP manager whose man job is to do IP scans of projects and work with authors to do proper attribution and documentation. I totally agree. will never be done on the licesnse issue and there will always be more to do – but that is no excuse. We are working on stuff to introduce to the community at the BOF at Lotusphere and on the site for general comment.

    That being said, there are projects with issues that we have reached out to many times who have never responded. So we can do everything asked for and if people still do not act or respond, there is very little more we can do.


  9. Lars Berntrop-Bos says:



  10. Bruce Elgort says:

    Lars – YES.


  11. yes please provide some licensing clarification in socalled ‘Jip en Janneke’ language, that means providing examples in simple language for ex.

    thanks, much appreciated


  12. Paul Withers says:

    Declan et al. thanks for raising this topic. I for one wasn’t fully aware of the intricacies of the various licensing options.


  13. Would it be possible to build a matrix where one can see what is allowed in APL/APLv2, GPL and LGPL?


  14. It’s worth noting that this conversation is exactly why the original plan was to only permit APL2 licensing. šŸ™‚


  15. Bruce says:

    @Karl – great suggestion.


  16. Devin Olson says:

    Way back in April 2007 Jeff Atwood (coding horror, area 51, stack overflow) wrote a pretty good post on the various major licenses available (worth the read):


Comments are closed.

%d bloggers like this: