by burning_hamster on 2/13/23, 1:06 PM with 4 comments
Although imitation is the highest form of flattery, I was still a bit amiss. However, I feel reluctant to pursue the matter. You see, when I was a but a budding software engineer, I also tried to contribute to the repository in question. However, they rejected my contribution outright, and with good reason. My pull request "fixed" (read: changed in backwards compatibility breaking ways) multiple issues, not just the one I was claiming to address.
I then did what any good developer would do and created my own repository with black jack and hookers that served as a replacement for that part of the Ms Popular repository that I thought (and still think) was deeply flawed. Crucially for this story, my original implementation copied several pieces of Ms Popular (as it was basically a fork of a submodule), but since I didn't know any better, I did not retain the license nor did I indicate what code blocks were copied (I did fix the attribution at a later date though). Now, 10 years have passed. There have been about one and a half rewrites, so none of the original code remains. And after a lot of consist effort, my little project now does this one aspect of Ms Popular quite a bit better, and as a result it has gained some traction (recently passed 100k downloads from PyPI and closing in on 500 stars on github).
Now another budding developer comes along and makes a pull-request to Ms Popular that contains a substantial amount of lines (including comments) from my code. The pull request explicitly addresses a long-standing issue that I raised years ago, and where I linked my implementation. From following the mailing list of Ms Popular, I also know that the developer is a student that as part of his course work wants to contribute to an open source repository.
What would you do? Given the history of my repository, I feel reluctant to pursue the matter. However, there also is undoubtedly an important learning opportunity for the student here. How do I indicate in the nicest possible way that there may be an attribution/licensing issue here that I don't intend to pursue in any way but that nevertheless probably warrants fixing?
by jmillikin on 2/13/23, 1:37 PM
2. If you want the upstream project to benefit from your code, you might consider selectively re-licensing that portion of it under the same licence (or a compatible one). This should include appropriate boilerplate headers and/or SPDX identifiers, if upstream uses them.
3. An appropriately phrased warning will benefit the student, who has the opportunity to learn the basics of copyright before they accidentally copy a few thousand lines of code from somebody with a legal department.
--
edit: I believe I've located the project and PR in question. Given the context in the thread, if you decide that you're OK with code from your implementation being used as-is under the terms of the BSD license then I think a comment to that effect in the PR would be helpful to all involved.
by ytNumbers on 2/13/23, 1:25 PM
by brudgers on 2/13/23, 4:02 PM
If it matters hire a lawyer because there's no GNU Enforcement Agency.
Not that I don't love GPL philosophically, but copy-left is only as strong as the good-will of others and my willingness to lawyer up against people who violate it.
Good luck.