GPL is a copyleft license incompatible with a LARGE trove of existing software #11
Comments
ericelliott
changed the title
|
Hey, appreciate the feedback on licensing. A question
Would you mind elaborating? From my understanding, a company like Instagram can use neume and even choose to not distribute proprietary modifications. But what I'm understanding is that you want to integrate neume - not use it as a node right? |
While your observation is valid that we're splitting the neume network components into libraries on npm, we're not specifically doing that to serve a specific user, with the exception of neume-network/schema, which is LGPL. But the goal is, and maybe we're just not far along enough to make this claim credibly, to ship neume node software in a similar way Ethereum ships geth. So then, any entity could run neume on a server, query it's API and to my understanding it wouldn't make a difference whether it's used in a commercial context or not. |
I want to cross that bridge when we get there. Neume is currently not built with Spotify or Instagram in mind - obviously because we don't maintain any business relationships with them. But if they'd be interested in running our software, I'd be honered and motivated to solve their problems. |
|
To help build your open source NFT tools, please specifically outline what changes we should make to help ur cause and we can discuss. Finally, I wanna say that I think we're past the point of switching to MIT. As you know, all contributors retain copyright with GPL. The generous team at Hifilabs funds neume and isn't asking contributors to sign over rights for which we're very grateful. That's why we say on our website that we're credibly neutral. |
I can’t even legally browse your example source code and copy+paste examples into my code while this is under GPL. I’d be afraid to even browse your documentation, let alone run and use a Node. This is why there is a huge divide in the industry between GPL and other OSS licensed code, and many GPL proponents actively sue license violators, which has caused many chilling effects and caused a major decline in GPL usage starting around 2015 when MIT started to overtake it as the OSS license of choice.
yes, or potentially build neume-protocol compatible things without necessarily directly using neume nodes. Under GPL, anything like that would itself need to be licensed under GPL. Any reusable code we develop in the course of doing that would then also need to be carefully segregated and never used in the rest of our stack, or that of any integration partner who uses us. The problem there is one of our main products is an open source SDK that our closed-source integration partners can import to use in their own products-open or closed. GPL was intentionally written as a legal virus that contaminates any software it comes into contact with. It was trying to force all software to become “free” software, but what it did instead was put up an impenetrable wall between copyleft and actually free licenses.
Geth is MIT licensed, for good reason: https://github.com/ethereum/py-geth/blob/master/LICENSE
As long as this project uses GPL, there are no other changes that can help us because we won’t even feel like we’re on safe legal ground reading your API documentation.
No, they don’t, unless you specifically spell that out in a separate Contributor License Agreement: See the OpenSource.org FAQ:
Second, MIT is less restrictive, not more restrictive. If you’ve spelled it out in your contributor license, (easy to do retroactively if you forgot) they will still retain their copyright. In other words, your contributors will have more freedoms under MIT. You should consult with an IP lawyer familiar with OSS licenses on this topic. |
This is factually incorrect. geth is GPL/LGPL: https://github.com/ethereum/go-ethereum#license |
I'm pretty sure that if we were to come up with a network specification for neume and licensed it under MIT, we'd be able to implement in GPL and also someone else could implement it proprietarily. |
Look, geth, the Ethereum software neume is using is also GPL licensed so you can anyways not use or browse Ethereum code as this is illegal according to your reasoning. |
|
Neume doesn't use contributor agreements. And none of us that I'm aware signs any NDAs with a company either. So all code authors retain full rights to the code the commit as GPL intends it. And for anyone interested in public good music industry software, this is very good. If Spotify deems it to be good, given their interest is something I can't estimate. |
Partially. However, the entirety of the EVM spec can run in a self-contained node, and extending it is a slow, consensus-driven process. Indexing NFTs may seem like a smaller subset of the Ethereum universe, and thus less complicated than GPLing Geth, but that's not really the case, because there is no way to automatically detect and index every possible music NFT contract. It's more likely that implementors and users of your specs and protocols may need to extend functionality, which could normally be done by forking and plugging things in, but under a GPL license, that might be impossible without risking contamination, because in software copyright cases, evidence that you've even seen the source code of infringed code can be used against you, and as I said before, GPL proponents have a history of being litigious, and even if you have no intention of ever filing suit for alleged violations, other people can file suit and there is a successful precedent of 3rd parties winning such suits. In other words, if we so much as copy-paste from the same StackOverflow post without realizing it, and we've been perusing your source code, and some third party decides they want to peruse our (our our integration partner's!) source code or sue for damages, they would have legal grounds to do so. As I said, GPL was intentionally designed to be a legal virus, and infection vectors can be hard to predict in advance.
Yes, you can dual-license software, but until you actually do, we can't touch it. And dual-licensing GPL with something that is not GPL effectively nullifies the GPL copyleft, which makes it ... weird. Why GPL at all?
Yes, I don't incorporate Ethereum However, I do write software that does index music NFTs, which overlaps considerably with the nodes you're building, so the very first thing I looked at in your GitHub was the license to see if it's even safe for me to browse your source and API docs. Many projects run their own nodes and do their own extended indexing. I don't see that changing until we have much more robust decentralized services to help us with it. All of those projects would be at risk if they interact with a GPL service with substantially similar functionality.
The same copyright assignment rules apply to every OSS contribution, regardless of OSS license. Unless there is an agreement that explicitly says different, whoever made the code owns the code. You need to have specific legal agreements with each contributor in order to get them to transfer their copyrights to the project. MIT does not do that - it just requires the attribution in the LICENSE document to be preserved. An attestation is not a license transfer agreement. This is true of both GPL and MIT. The copyright notice at the top of the MIT license is no more a transfer of copyright than the FSF copyright notice at the top of the GPL license (though those notices serve different purposes - the former preserves your attribution rights - the latter promotes the FSF). You probably don't need a CLA and I'm not asking you to add one. I only brought it up because you were talking about GPL as if OSS license agreements do copyright license transfer. They don't. They only offer use and distribution license terms. Again, this is a topic you should discuss with a qualified IP lawyer with OSS familiarity. |
The name "geth" stands for "go ethereum". So a project has to be GPL-compatible to use Ethereum and you can "not just look at the outward-facing fascets but still use the project." See what you are saying:
How can you possibly run an isolated Ethereum node and productively use it to extract music NFTs without understanding how it works? What if tomorrow Ethereum forked into Dogecoin and all Ethereum Music NFTs turned into barking noises of Shiba Inus? Would you tell your major label clients: "Hey, look guys, you asked me to absolutely not look at the Ethereum source code for consensus and network because it's GPL licensed, and so we really couldn't foresee this one, sorry, not sorry."
What other parts that contribute to the defensibility of the Ethereum project aren't GPL licensed?
Sure, I see where this argument leads, and I deem it to be valid. I think code should be correctly attributed and those that own it deserve to monetize it. But usually, going to court proceeds with an escalation of conflicting behavior, and so proposing that every merge commit in this project must be handled with utter care for not infringing on the SA contributor's code is, at best theoretical. There are also other ways of effectively bullying contributors, and if we would get targeted, that'd be a shame but also, sadly, something we can't change.
This is a feature, not a bug. We've intentionally licensed neume network under GPL. To comprehend our reasoning, please read "Social Architecture" by Pieter Hintjens, e.g., Chapter 3 "The Importance of Contracts" which you can access here: https://hintjens.gitbooks.io/social-architecture/content/chapter3.html
I'm not talking about dual licensing. I'm talking about licensing the neume network specification as one license and licensing a specific implementation of the neume network specification as another license.
You cannot credibly make this claim credibly anymore. You said you're indexing music NFTs and so you must know how Ethereum fundamentally works. I'm not a lawyer but this claim stops you from being a "Reasonable Person" and so I doubt anyone reasonable takes your argument seriously: https://www.courthouselibrary.ca/how-we-can-help/our-legal-knowledge-base/reasonable-person-reasonable-man
Well, as much as you use Ethereum to index NFTs "without looking at its source code," you'll eventually be able to use "neume network to index NFTs without looking at its source code," if that helps you. Please let me know how we can make it happen. My best guess would be where we start implementing a very nice API and license it such that your eyes can make contact with its documentation. Btw. I'm genuinely trying to be constructive here. If Eth can be used, neume must be usable too with an API. Happy to iterate on this with you and an OSS lawyer, pls get in touch via tim at daubenschuetz.de
Please read carefully what I'm now already mentioning twice: We do not want a single legal entity to own the copyright of neume network code. If that is the case any time in the future, it's a great canary in the coal mine to understand that the project is dead. All code's copyright must STAY in the hands of those who made it. The more contributors neume has, the more impossible and uncontrollable will it resist capture. This is a feature, not a bug.
Sure, and maybe you should discuss it with your's too |
I have never needed to open the Go version of the ethereum node service to understand how to use Ethers.js (which is MIT licensed).
Besu is an Eth1 full-node client. Lighthouse and Nimbus are Eth2 clients.
Understanding the EVM and block data does not mean that I got that understanding from reading the Go-Ethereum source code. Most of what I know about Ethereum I learned by actually implementing wallets, (experimenting with with clients like they're black-boxes) reading from tutorials, blog posts, YouTube, Ethers.js documentation, etc. Also, as mentioned, Ethereum has multiple clients, and not all of them are GPL-licensed.
Yes. If I never need to contribute bug fixes or extend it with my own direct contributions, but you'd need to make library, SDK, and documentation code LGPL, at minimum.
Yes, let me rephrase the text you just quoted: All MIT, GPL, and other OSS licenses automatically comply with your requirement: "copyright must STAY in the hands of those who made it." None of the approved OSS licenses force copyright transfer, including MIT. |
That's within our plans and so I'll leave this issue open until it is resolved. |
Software that builds on GPL-3 must also be licensed as GPL-3+, but many projects are already licensed as MIT (a less restrictive license that also allows incorporation into closed-source projects).
Still others may not be ready to open source their code. It's often useful to create software as closed-source until it reaches a point where you're ready to start working with community contributions. GPL-3 prohibits such license migration plans.
For systems like the ones you intend to create (libraries and services to incorporate into other applications), even the GPL license points you to a different license: the LGPL licenses (but use MIT instead, it's better):
Using GPL means that this work can never legally be used by software like Instagram, Spotify, DistroKid, etc. That might not sound bad, but this effectively means that a majority of major label artists will never be able to take full advantage of any GPL subsystems, because a LOT of the software they'd need to integrate these systems with is proprietary and illegal to incorporate GPL software with.
We are building open-source NFT services for musicians, but using GPL licensed standards and protocols is a non-starter for us, because we already have integrations planned with proprietary systems, so while it may seem like you're only excluding closed-source products from using these systems, you're also excluding any open-source and decentralized Web3 project that wants to offer libraries and services for closed-source projects.
The text was updated successfully, but these errors were encountered: