I think the insinuation is more that the GNU project probably was also breaking license terms in order to do the rewrites. (Not commenting on the veracity of that claim though)
> If it were under the GPL and each contributor retained their copyright over their submission
DISCLAIMER: I'm not a lawyer, everything I say below may be totally wrong.
As far as I know, this is exactly what happens. Canonical's Contributor License Agreements stipulates a form of joint copyright assignment where both Canonical and the author have ownership over the contribution, thereby creating two source trees: one on which Canonical has full control over, the other owned by the collective of individuals who contributed to the project (just like the Linux kernel).
Even RedHat requires you to sign a similar CLA in order to accept contributions for Fedora, 389 Directory Server (LDAP), etc. The FSF does something similar for their project, so does Node, Apache, etc. Canonical's CLA used to be nasty but since they started using the Harmony Agreements I think their terms are reasonable.
Personally, as long as they don't ask me to relinquish all and every right on my contribution and/or ask for unreasonable provisions, I'm fine with a CLA.
Idk if lawyers have weighed in, but many open source contributors are definitely under the impression that if you rewrite/remove all contributions of a contributor you are then free to relicense the resulting work without their permission.
> All in all it took us under a week to secure the assignments, and any who did not sign we simply rewrote their lines of code, or we would have, but everybody signed.
IANAL, but this doesn't make much sense. Changing all lines that come from a single author can still result in a derivative work. In fact that even seems like a probable outcome, assuming that author's contributions were copyrightable in the first place.
> It is easier if they own all the code, but it isn't required.
It's not that simple. For joint works any single author can grant rights to the entire work. Do you know what the caselaw is regarding joint works as applied to typical FOSS projects? I don't. But I suspect it's less than crystal clear (see, e.g., https://papers.ssrn.com/sol3/papers.cfm?abstract_id=2999185) and therefore creates significant risk when attempting enforcement. Litigation is costly, and a wrinkle like this could potentially be exploited by an infringer to drag out an enforcement case for many years.
>developers don't have to assign copyright to the FSF for it to be an official GNU project
This is correct, but it's up to the maintainer to decide if their project will require copyright assignment from all contributors or not. I send patches to a couple of GNU projects, Guile and Guix. Guile requires copyright assignment, Guix does not.
Assigning copyright to the FSF is very much unlike assigning copyright to a for-profit company. The terms that you sign and agree to with the FSF are very reasonable and they protect the developer from having the license changed should the FSF be taken over by people that would want to abuse your contributions.
> A "huge win" being enacted by a complete disregard for the copyright holders who were kind enough to contribute to the project.
Uh, no. That's not how this works.
OpenSSL cannot change the license without say-so from all of the contributors, unless a CLA was signed. They do have a CLA, but just one granting a license, not one transferring ownership (and the right to relicense). At least, doesn't look like it.
OpenSSL emailed everyone with commits on the project (e.g. me) a link to a page where you could say yes/no on this. In most cases this isn't a vote, it's all-or-nothing, though the choices of people with extremely minor (non copyrightable) contributions can be excluded IIRC.
IANAL.
(There is some discussion below about "if you don't reply we take that as a yes" being okay, though)
No, why would it be? It wasn’t produced by the partner, and was never authorized to be copied by anyone. It was straight up copied - source code and all - by Hauwei after their partner got access to our SVN repos.
> If the rewritten project gets more successful than the original (perhaps due to corporate promotion), you have morally stolen the work of the original authors.
Ownership is by "moral" definition something completely arbitrary and made up.
If you work in open-source you most likely have different views on ownership than others.
"In some of these cases, we have explicit permission from the authors to relicense sections of relevant code." (from linked page, though only very recently added)
Depending on the license (caveat: I've not checked) the issue isn't the source being used it is the apparent attempt to claim copyright of the code the fourth is derived from (slapping their copyright messages in, with little/no indication that their contribution is only a small part of the work).
Even if the original license doesn't block this, it is still a bit of a dick move IMO.
we require contributors to the GNU project to (...) assign the copyright to us.
Nope: "When the developers of a program make it a GNU package, they can decide either to give the copyright to the FSF so it can enforce the GPL for the package, or else to keep the copyright as well as the responsibility for enforcing the GPL."
They are obviously not the only one, developers worked on the original code and made it available under the MIT license. The author of the PR has the right to make the change and run it on their own system, they are also free to share that change to others. The project is free to reject that change for whatever reason.
No, because they signed CLAs. And this is yet another reason to not ever sign a CLA for a free software project. You never know if your code will become proprietary (especially if it is a copyleft license). Sadly, this is also why I'll never contribute to GNU projects.
Correct me if I am wrong here, but it sounds like GNU project requires that either all code is assigned to FSF, or none and then the project need to enforce copyright themselves. In this case, the current maintainer want to assign copyright, the new co-mainter don't, and thus the project got an internal conflict between the maintainer and co-maintainer. The hostility is thus primarily between the two maintainers, rather than between GNU and Benno.
This is a good thing for the health of the GNU ecosystem, and I hope other GNU projects adopt this practice.
Related story: a couple of years ago, the current maintainer of an Emacs package reached out to me. Apparently the FSF wanted to make it part of the official Emacs distribution, and wanted me to assign my copyright to them. I was happy to do so, BUT: the code was written more than 20 years ago when I was at university, which (according to the FSF) meant I needed to get a copyright release from the university, in a country I no longer lived in and that I had not interacted with for literal decades. This seemed like far too much trouble at that point, so I gave up, and the package never became part of Emacs.
We don't know what they got. Perhaps some of them were paid to create the contributions. And, in any case, that's OK. The contributors knew or should have known the impact of the license. They could've picked a more restrictive/free license, depending on your point of view. I guess they can still revoke the license. They have not given up their copyrights and the license is arguably not irrevocable.
I don't see that the author has clearly copied anything there. Maybe he did, maybe he didn't. This situation only proves open-source licensing is in a bad shape.
Actually it is horrible. See, for example, the criticisms and questions being raised on the whole thread about this library.
(Until anyone point a better alternative, I'm for "if you don't want anyone using them, don't publish your sources".)
reply