On Sat, Dec 15, 2012 at 4:47 PM, David Herron <[email protected]> wrote:
> On Sat, Dec 15, 2012 at 1:16 PM, Jake Verbaten <[email protected]> wrote: > >> > The virality of *GPL licenses as node modules has never been tested in >> court, so it's unclear what the ramifications are. >> >> To clarify, if I were to release a MIT module onto github or npm or some >> other distribution channel which has a dependency on an GPL module checked >> into node_modules into git. (so it's in my code). >> >> There would have to be a court case to determine whether or not I am >> allowed to licence my top level code under MIT instead of being forced to >> use GPL because a dependency is GPL? >> > > Earlier Martin Cooper raised the question of what does it mean to "link" > in JavaScript. That wasn't just an idle question, because IIRC the GPL > viralness kicks in when you "link" code together. In JavaScript there's no > "linking" involved (because it's not compiled) and with Node.js modules > there's no subclassing ... etc .. soooo... > The problem with that statement - that there is no linking - is that you're speaking as a technologist, not as a lawyer. It is not at all clear from a legal perspective that there is no linking involved, and it won't be until, as Isaac pointed out, this lands up in the courts and a legal precedent is set. Many consumers of open source, individual and corporate, are not willing to be guinea pigs in that legal experiment, when it eventually happens, so they elect to avoid using ?GPL licensed software and avoid the risk. And they also avoid ?GPL when they license their own code. > Are you sure it's a good idea to check dependencies into your own source > tree? That doesn't sound like a good practice to me. Why not let npm take > care of the dependencies? > > I would think that when you "npm install" a package, and npm installs all > the dependencies, that the binding is loose enough to not trigger any > actual concern. > Again, though, you're speaking as a technologist. You shouldn't assume that lawyers would come to the same conclusions. My suggestion is simple: Choose whatever license meets your needs, but make sure you actually understand your goals, and make sure you fully understand the license you choose. -- Martin Cooper But, yeah, okay, it's not terribly well a clear-cut thing. Ah.. maybe an > analogy could be drawn from packaging policies in, say, the Debian/Ubuntu > projects? > > + David Herron, nodejs.davidherron.com > > -- > Job Board: http://jobs.nodejs.org/ > Posting guidelines: > https://github.com/joyent/node/wiki/Mailing-List-Posting-Guidelines > You received this message because you are subscribed to the Google > Groups "nodejs" group. > To post to this group, send email to [email protected] > To unsubscribe from this group, send email to > [email protected] > For more options, visit this group at > http://groups.google.com/group/nodejs?hl=en?hl=en > -- Job Board: http://jobs.nodejs.org/ Posting guidelines: https://github.com/joyent/node/wiki/Mailing-List-Posting-Guidelines You received this message because you are subscribed to the Google Groups "nodejs" group. To post to this group, send email to [email protected] To unsubscribe from this group, send email to [email protected] For more options, visit this group at http://groups.google.com/group/nodejs?hl=en?hl=en
