I agree that many companies have that attitude towards BSD versus GPL, but is there actually a rational basis for it? Given that you've apparently already gone through the legal process and found out that the GPL means what you think it means, why are you holding it to a higher standard than BSD?

If one of your employees accidentally copies even a single bit of GPL-licensed code into your privately licensed code or statically links against such code even once, and it gets ‘outside’ in any way, you legally have to release that version of your code under the GPL. Worse, the source code of all versions from _before_ that checkin automatically become GPL-licensed (because they contain code that, transitively, becomes GPL because it later was linked with GPL-licensed software)

Yes, that may not hold up in court if it is a tiny non-essential fragment or, if you revert to old code soon, etc. but that’s not the point; if you end up in court, you already lost.

With BSD-licensed code, that risk is way smaller. The worst you have to do is add a few (or quite a few thousand. Go check Setting/General/About/Legal for an example) attribution lines to the versions of your code that use the BSD-licensed code.

(Also, even if you choose to license your code under the GPL, you have to track licensing, as it isn’t legally possible to combine GPL2 and GPLv3 or APGL and GPLv3 licenses or any GPL with ApAchexlicensed code in a single binary. See https://www.gnu.org/licenses/license-list.en.html. If you want to troll GPL aficionados, license your code under GPLv1)

Thats incorrect on many points:

1: A single-bit is not copyrightable. True and false is not copyrightable. No one in history have ever been sued for a single bit. No one has ended up in court for a one-bit GPL code.

2: If it get "outside" accidentally, there is a direct remedy that do not include releasing anything. You stop redistributing the program. Practically all GPL related lawsuits started with the words "please stop infringing my work", and when that did't work, "Judge, please stop them from infringing my work". The only companies that have ever been "forced" to do anything is when the option is between a full stop in production and sale, or releasing source code. One such company chose to not cut revenue, not stop production, and instead gave us the code which the OpenWrt project was created on. I wouldn't call that "forced".

3: Code do not transform from being non-GPL to GPL. That is not how copyright work. Code is only under GPL if you explicitly release a piece of code under GPL. If you put MIT code and gpl code together, the MIT will still be MIT. The combined work must explicitly be under GPL to be compliant, but you can still use the MIT code in isolation under MIT. The MIT code do not transform into different licenses just because you combine it with other code. Only explicit action counts, and the worst thing that can happen from code getting ‘outside’ in untended ways is copyright infringement where you legally have to stop distributing code.

> If one of your employees accidentally copies even a single bit of GPL-licensed code into your privately licensed code or statically links against such code even once, and it gets ‘outside’ in any way, you legally have to release that version of your code under the GPL.

> With BSD-licensed code, that risk is way smaller. The worst you have to do is add a few (or quite a few thousand. Go check Setting/General/About/Legal for an example) attribution lines to the versions of your code that use the BSD-licensed code.

Accidentally copying GPL-licensed code into non-GPL-licensed code puts you in exactly the same legal position as accidentally copying BSD-licensed code without attribution: you are now, technically, violating copyright, and in theory liable for statutory damages of $150,000. You're never forced to release your code under GPL; the GPL copyright holder might insist that you either release your code under GPL or pay the $150,000, but equally the BSD copyright holder might insist that you pay the $150,000 - they're within their rights to do that.

In practice the author will most likely be willing to work with you to sort it out in either case.

> Worse, the source code of all versions from _before_ that checkin automatically become GPL-licensed (because they contain code that, transitively, becomes GPL because it later was linked with GPL-licensed software)

This is simply false.

Where do you get the $150,000 figure from?

I would disagree that the situation is the same. The way to remedy the BSD situation is simple attribution. The way to remedy the GPL situation is release of the entire source code.

>> Worse, the source code of all versions from _before_ that checkin automatically become GPL-licensed (because they contain code that, transitively, becomes GPL because it later was linked with GPL-licensed software) >This is simply false.

Is it? If you are forced to release all your source under GPL any new release of that software will contain software released under GPL, even if the GPL specific changes are rolled back.

My interpretation is this: If you have two functions, A() and B() where A() is released under GPL. If you then release software where B() is defined as :

B(): ... A()

You now have a product which is a work derived from GPL code so you must release the source code for B(). Now you release B() under GPL. So you go back to the commit right before including A() and make a new branch with a new commit:

B(): ... C()

BUT! B() is now source code released under GPL so any changes to it must also be released under GPL.

How have I misunderstood?

> Where do you get the $150,000 figure from?

Years of conversation about this kind of stuff, I don't remember specifically. Looking it up wikipedia says $150,000 is the upper limit for wilful infringement, accidental infringement is lower, but that doesn't affect the argument.

> The way to remedy the BSD situation is simple attribution. The way to remedy the GPL situation is release of the entire source code.

The damages are statutory plus actual damages (almost certainly $0 for someone who doesn't make money off their software directly), not "what you would have done". You have the same options in either case: reach agreement with the person whose copyright you infringed, or go to court and pay the damages. So your worst-case liability is the same either way.

> BUT! B() is now source code released under GPL so any changes to it must also be released under GPL.

As you acknowledged in your reply, you still hold all the copyrights on B and can still release B under any terms you please.

(Aside: it doesn’t matter whether B calls A; linking with it is sufficient. In your example, B’s source became GPL licensed because it was linked with a publicly released A)

My logic was incorrect. I assumed that the exact same source code for now GPL licensed B from earlier revision revisions would have to be GPL licensed, too (and because of it, anything linked with that, linked with code linked with that, etc.).

However, licensing (unlike copyright) doesn’t work that way. Copyright owners can even release the exact same set of source code 7nder multiple licenses.

My conclusion still stands, though. Companies are right to worry about using GPL-licensed software.

Or you can stop using it, and talk to the copyright holder of the GPL'd code and ask what they want.

Or if it's GPL v3 you have additional rights, fix it in 60 days etc.

http://www.softwarefreedom.org/resources/2008/compliance-gui... section 5.2

The process was figuring out that we in no way mix any GPL code with our own code. As long as we don't do that it's fine but we still have to make sure every time we touch anything GPL'ed.

My personal opinion is that it's because the term 'a work' which is used liberally in GPL is a legal term and can potentially be interpreted quite broadly. This means that we have to ensure - every time - that what we do does not constitute 'a work' which derives from GPL code - in the legal sense - if we do not want to distribute the source code that we create.

With BSD we don't have to go through that process because it will not result in us losing control over our own software. We just need to stick a disclaimer in a license file and we're done.

GPL usage depends on how you're using it. If you have two pieces of software, an internal only (e.g. a dashboard/deployment tool), and an external product, using GPL'ed code has different ramifications for both deployments.

I'm so tired of hearing this. The GPL is only a legal problem if you are trying to skirt the rules and distribute proprietary software but use GPL components. I've never needed to legal advice to deal with GPL code.

> The GPL is only a legal problem if you are trying to skirt the rules and distribute proprietary software but use GPL components.

Well, a random developer can't simply assert it - you need lawyers to make sure you really are conforming to the GPL. With BSD, you don't. This is simply the ground reality.

That is not true. If a company does not follow the GPL and is called out, they can simply do what the GPL tells them to do and the case is done.

>>> you need lawyers to make sure you really are conforming to the GPL.

>> That is not true.

> What are you basing this on? Personal experience? Speculation? Other?

The FSF and SFLC use litigation as a _last resort_, when the offender does not cooperate to alleviate the breach of the GPL [See below]. The Linux community is also largely against litigation [https://lwn.net/Articles/698452/].

>> If a company does not follow the GPL and is called out, they can simply do what the GPL tells them to do and the case is done.

> Ask Cisco if the lawsuit from the FSF was fictional.

The FSF tried before to work with Cisco to comply with the GPL:

“In the fifteen years we’ve spent enforcing our licenses, we’ve never gone to court before. While litigation is a last resort, we’re prepared to take the legal action necessary to defend users’ freedoms. With SFLC’s help, the FSF is able to take effective action,” said Peter Brown, executive director of FSF.

from http://www.softwarefreedom.org/news/2008/dec/11/cisco-lawsui...

> I was involved with the GPL license a few years back when I was consulting on an embedded hardware device product. We wrote to the developer and requested them to re-license the software in exchange for a payment. They refused and we decided to use a differently licensed product in the end, based on legal advice.

I don't know your situation so I can't comment on it. Maybe your business model depended on your users not having control about the software they use. Because in that case the GPL is a problem.

So you wanted to write proprietary software on top of someone's GPL code, the developer couldn't be swayed by money, so now you are bitter about it? Talk about entitlement.

>So you wanted to write proprietary software on top of someone's GPL code,

Incorrect.

> the developer couldn't be swayed by money,

Incorrect. We made the request on the basis of legal advice to avoid licensing trouble. These are real things that happened on a real project. The idea that lawyers are never involved when using GPL'd code is a fantasy.

In any case, the reason the developer refused is because there were multiple contributors on the project, and it would have created a headache for them.

>so now you are bitter about it?

Incorrect.

>Talk about entitlement.

So rude. Wow..

> Deploying GPL code is a legal process.

Deploying GPL code is only a legal process if you make it one.

If you're using it to write or deploy other GPL software, it's pretty much a straight forward affair. And if you're not using a GPL license, well, that's your problem: there's nothing stopping you from using the GPL to make all the hassle go away.

That's true. Releasing other open source software using GPL software is much simpler. But if it's desirable to deploy closed source software GPL may not be the right choice unless you have time to sit down and consider the legal ramifications. In many cases there may be none if you use it in the right way but it should be and is being considered when companies decide consider whether or not to use open source software.

That part is often significantly simpler with BSD which is why it's significantly easier to just allow BSD and have a case-by-case basis for GPL.

> desirable to deploy closed source software

Well, that's a peculiar desire. If a programmer wants to state "I do not want my code to be used in closed-source proprietary software" there's little more they can do than release under the GPL.

There might be some good faith legal consultancy in seeing how, for example, the CDDL and the GPL interact, but for using GPL code in closed source products, the only excuse really is "What can I get away with?"

I have a suspicion that you need new lawyers. Having two different processes for two very common licenses seems a little off. The two cases aren't that different, legally.

The GPL does require some extra work, but it's on the technical side, to make sure you're shipping all the source that you need to ship.

Just a single outside lawyer we consulted with :) We already had processes in place for dealing with BSD.

The reason for consulting with a lawyer was to ensure that we didn't do anything wrong which would later require us to open up source code that we didn't want to open up.