I am a huge fan of open source development. From the developer side of things, it means there are limitless tools at my disposal for creating the next knock-your-socks off application. I can build just about anything with insanely powerful libraries of code that the big guys like Microsoft can’t touch. It’s an amazing power, and one that’s attracted more than a few good developers.
From the consumer side, it means I have the luxury of verifying that the application I install that claims to do X actually does X and not something malicious – I can look at the source code, change it if I want, and go about my business. This has saved my bacon several times when an off-the-shelf solution didn’t actually work on my machine. I just cracked the hood, fixed a couple of things here and there, and viola! It worked like new!
The trick to open source development is licensing. You have to pick what’s called a “copyleft” license to protect your code. Basically, it’s a way of stamping your name on a product, drafting a bill of rights for your customers, and legally requiring them to pass those same rights on to anyone they happen to give the code to. One of the most popular modern licenses that does this is the GNU General Public License.
Until recently, I was in love with the GPL. I learned about it by developing for WordPress, and proceeded to slap it on just about everything I wrote. This made it really easy to keep all my development on track, because I didn’t have to worry about which license applied to which piece of code (all of the projects I was submitting code to were also GPL).
But I’ve stumbled upon a few things recently that make me regret that decision …
License Ambiguity
First of all, the GPL is only “compatible” with certain other licenses. And it’s viral. Meaning that if you have one piece of GPL code in your application, the entire application must be licensed with a compatible license – you must extend the same rights to the code for the entire application that are extended to that piece of code.
On the surface, this seems pretty innocuous. But there are some major hang-ups involved. WordPress, for example, is licensed somewhat ambiguously. The license statement originally claimed WordPress was licensed under “GPL” … with no version number specified (there are 3 versions of the GPL available, with multiple derivations, too). But some code that makes up the WordPress core is explicitly licensed as GPLv2. Some code is licensed as GPLv2 “or any later version.” The confusion over which parts of the code carry which license terms led some (myself included) to believe the entire codebase was licensed as GPLv2.
The problem here is that most of the code I have written over the past 3 years is licensed as GPLv3 … I like to use the latest version of everything, so this was pretty automatic. Other authors did the same, adopting GPLv3 for their libraries, submitting them to the WordPress plug-in repository, distributing them on Google Code, or hosting on their own website.
The thing is: GPLv3 is not compatible with GPLv2.
So even though we were trying to be good open source contributers, we were actually violating our own license terms. By writing code for WordPress, claiming it was licensed as GPLv2, then using that code in GPLv3-licensed plug-ins we were infringing on the terms of our own licenses. Ironically, this would be like stealing your own car by accident. Or mistakenly breaking in to your own house.
Needless to say, the arguments over which version of the GPL WordPress is actually licensed under is endless. We’ve debated until everyone’s frustrated, upset, sad, scared, and spending more time studying legal precedent than actually writing code. It’s a shame, really, when I think about the awesome features that could have been built into WordPress during the countless hours we spent arguing over a stupid version number.
But if we aren’t clear on that version number, we can end up destroying any legitimate claims we have against real license violations. If we don’t follow our own licensing terms, we can’t enforce them on anyone else.
If nothing else, the GPL is aimlessly confusing and seems almost intentionally ambiguous.
Pages: 1 2
