Slashdot Mirror

← Back to Stories (view on slashdot.org)

Is CocoaTech Violating the GPL?

Posted by Cliff on from the bad-company-no-donut dept.

elliotj asks: "In the latest version of their Finder-replacement product, PathFinder CocoaTech has included a terminal feature based on sourcecode from the GPL'd iTerm. They have made available the classes they developed from the iTerm sources, but not all the sourcecode for their product. Since iTerm is GPL (and not LGPL), shouldn't they have to make the ENTIRE codebase available? This is being debated on their forums. If this is true, what can we do to get CocoaTech to open up the rest of the code?"

32 of 180 comments (clear)

  1. Nothing. by lexarius · · Score: 4, Insightful

    They are much more likely to remove the GPL'd code than they are to open up their product.

    1. Re:Nothing. by Carnildo · · Score: 5, Informative
      They are much more likely to remove the GPL'd code than they are to open up their product.

      As was pointed out in the forums, they've got a third option:

      Or licence it independently. There's nothing in the GPL to prevent you from comming to a seperate understanding with the author(s) of the GPL code, and using it under whatever terms you find mutually agreable.

      The GPL is not "viral" and does not prevent rational solutions to cases like this. Let's not feed the FUDsters.

      -- MarkusQ
      --
      "They redundantly repeated themselves over and over again incessantly without end ad infinitum" -- ibid.
    2. Re:Nothing. by 11223 · · Score: 3, Insightful

      Here's a question. If you have a project with, say, patches received from fifty or so patch authors, how do you do this? You'd have to come to an agreement with all of them. This option works on small projects (and iTerm might be one, who knows), but once you get non-trivial third party contribution, it breaks down.

  2. Re:I'm not sure if that does the trick, honestly.. by Elwood+P+Dowd · · Score: 3, Informative

    Of course that does the trick. You aren't allowed to ship someone else's code except under their license. If they are violating the GPL, then they must stop shipping, and pay damages if they get sued. Nothing, however, forces them to open their own code.

    --

    There are no trails. There are no trees out here.
  3. *groan* by bconway · · Score: 2, Insightful

    Since iTerm is GPL (and not LGPL), shouldn't they have to make the ENTIRE codebase available? This is being debated on their forums. If this is true, what can we do to get CocoaTech to open up the rest of the code?

    And you wonder why companies are afraid to consider the use of GPL software. Please, do us all a favor and READ the GPL before you continue making the rest of the community look like a bunch of fools.

    --
    Interested in open source engine management for your Subaru?
    1. Re:*groan* by the+argonaut · · Score: 3, Interesting

      Then instead of simply insulting the author, why not point out how he's incorrect. I DID READ the GPL, and basically come to the same conclusion. They don't have to release the code to everybody - just to those they distribute binaries to.

      So how is this incorrect?

      --
      fuck you.
    2. Re:*groan* by bluGill · · Score: 2, Insightful

      Well yes, but they have to release all the code, including theirs under the GPL to everyone they distribute the binaries to. Further they cannot prevent anyone who has recieved the source code from further distributing it.

    3. Re:*groan* by shaitand · · Score: 2, Insightful

      No actually this is entirely accurate, they DO have to release all of their code under the GPL or they break the law.

      They might be able to get away with it if they stop distributing and cut the gpl'd code out of their next release but that doesn't make it legal.

      The terms of the gpl (which they must release their ENTIRE codebase under since the lgpl allows linking and the gpl does not) also stipulate that they only have to distribute the code to those who they've distributed the binaries to... but that is a mute point, whatever license and restrictions they've put out are null, void, and now unenforcable, since they don't have any legal grounds to license the code under it... meaning those people can sue if the software causes their computer to burst into flame and destroys data worth hundreds of thousands of dollars.

      Also any of those who has bought a binary and recieves the sourcecode has every legal right to turn around and redistribute it to those who cocoatech DID NOT distribute a binary to, so this essentially only saves them bandwidth.

    4. Re:*groan* by You're+All+Wrong · · Score: 2, Insightful

      New advertising slogan: BSD: For when you want to write code and let other people make a profit from it while you make nothing.

      Sounds great, where can I get a slice?

      YAW.

      --
      Your head of state is a corrupt weasel, I hope you're happy.
  4. Pragmatism by Fluffy+the+Cat · · Score: 4, Insightful

    Pragmatically, it's a better plan to try to work this out with the company first before splashing it all over Slashdot. People do make honest mistakes - they ought to read licenses and understand all of their responsibilities before reusing code, but they don't always do so. Pointing these responsibilities out may result in things being worked out significantly faster. Immediately getting them bad publicity is more likely to lead to them never using GPLed code again, which is a bad thing - companies enhancing GPLed code and releasing derived works benefits everyone.

    On the other hand, if a company refuses to release the source or never gets back to you, and you're satisfied that the copyright holder hasn't granted them further permissions above and beyond the GPL, then make their lives miserable. While it's desirable to have GPLed code used widely, it's not desirable to allow companies to believe that they can get away with failing to follow their obligations. But don't do that until you've tried doing it nicely. Everyone is happier then.

    1. Re:Pragmatism by shaitand · · Score: 2, Informative

      cocoatech was contacted via the forums and released some code, but not everything they should be.

      In that sense, they've already been contacted prior to slashdotting the issue and already refused.

  5. Re:Just a thought... by MBoffin · · Score: 4, Informative

    Someone did ask.

  6. Hard to believe they didn't read the GPL by elliotj · · Score: 4, Insightful

    What amazes me is that these guys went to the trouble of doing a source release for some of the classes in order to comply with the GPL. This means that all the time spent on incorporating iTerm and doing a source release took place without anybody actually reading the GPL. They understood enough about the GPL to know that you have to release stuff if you use it, but didn't read it in any detail.

    Amazing considering they were launching a product that included a signifcant component of GPL'd code.

    I think the fact that they did a source release likely means it was an honest mistake. That being said, if they chose to remove iTerm from it rather than opening the rest of the source, I think they should at the very least make some form of monetary concession toward the authors of iTerm, whose stolen code may have accounted for actual sales of Path Finder.

  7. It all depends... by ComputerSlicer23 · · Score: 4, Insightful
    Okay, boys. The trick to the GPL is figuring out three things:

    Assume A and B are two sets of source code. B is licensed to the author of A via the GPL.

    Is A a derivative work of B? Then A is in violation of copyright law if A is not GPL'ed (section 2).

    Are A and B being distributed together as part of a larger work? If A and B are part of a larger work and are being distributed together then when A is distributed as part of the whole, it must be GPL'ed, otherwise the author of A is in violation of copyright law. (Section 2, the paragraph after the bullet points).

    Are A and B being distributed together in aggregate, as opposed to being combined into a larger work. (This is in the gnu.org FAQ on the GPL.

    Now, I'm not a Mac person, I've never used any of these applications. However, there are several things to remember. First, in this case, the author of iTerm is the only person who can demand the source be released. You cannont enforce someone elses copyrights. So the copyright holders of iTerm are the only people with a leg to stand on in actually getting the source coughed up.

    Next, the commonly acknowledged meaning of a derivative work is generally that the two binaries share the same address space while running (that is, they are linked either statically or dynamically together at some point).

    The second portion sounds to me, like it is tricky. The working their to my IANAL mind is hard to differentiate from a work in aggregate. When RedHat ships GPL'ed software and non-GPL'ed software together is "RedHat Linux" a larger work, and as the kernel is GPL'ed then all other software must be? No I wouldn't think so. However, I can't see how to draw a line so that it makes sense to me. To my mind, either "RedHat Linux" is the larger whole, thus it all must GPL'ed, or that paragraph doesn't mean anything, and thus shouldn't be there. I'm not sure I understand it precisely. The only thing I can think if of is something like Emacs where if I distribute GNU Emacs with some extra runtime support in lisp, then that extra runtime while it might be an independent work, it must still be GPL'ed. Meanwhile, if I distributed Emacs and pico, I don't have to GPL them both. I've never seen a clear explaintion of the difference between "parts of a whole" versus works in aggregate.

    So the trick is to figure out if iTerm code is linked to the larger application, or if iTerm is merely a spawned program which communicate at arms length. In general if it is an external spawned program. If the source code bases are never linked, they are in the clear. If they are linked together, then CocoaTech has some explaining to do. Generally speaking, an strace, ldd, and a ps listing will show you precisely what is going on when they admit they are using the source code.

    Kirby

  8. That's not the spirit of Open Source. by node+3 · · Score: 2, Insightful

    If this is true, what can we do to get CocoaTech to open up the rest of the code?

    Why do you want to force them to open up the rest of the code? Even the much maligned RMS doesn't have any desire to force others to release their code if they don't want to.

    This isn't a case where some company took an entire open source project, added a few (potentially major) features then refuse to release the source. Common decency dictates they made an honest (hopefully) mistake, and one should give them a chance to correct it. They've released the souce to the portion they used that is open source. I'm not an expert, but this doesn't seem to be enough to satisfy the GPL to me. If that's correct, then to be in compliance they will either have to stop distributing the version with the open source code, or release all of the code. The choice should be up to them unless they press the issue (ala: SCO).

    Like it or not, their source code belongs to them, and it's up to them to decide whether to release it or not. To force them to release it on a technicality, using legal means, is the exact same tactic the RIAA is using to legally steal money from people who've downloaded or facilitated the download of songs ("piracy" is, of course, bad, but thuggery is worse).

    1. Re:That's not the spirit of Open Source. by fault0 · · Score: 2, Informative

      > Why do you want to force them to open up the rest of the code?

      Well, that's the terms of the license. Either release the ENTIRE program under the GPL (which he wouldn't have to if iTerm was LGPL), remove the code, or get the author to private relicense it for you. Until they do one of these things, CocoaTech is in violation of the GPL, and distribution of PathFinder can be stopped and damages can be sought.

    2. Re:That's not the spirit of Open Source. by chromatic · · Score: 3, Insightful
      Like it or not, their source code belongs to them

      I agree strongly with the rest of your post, but the word "belongs" may not be appropriate here. If their code is indeed derived from a GPLd program, they must abide by the terms set by the copyright holder to distribute the modified work. The power rests with the copyright holder.

      I do urge caution and good faith, though, hoping that this can be resolved amicably.

      --
      how to invest, a novice's guide
    3. Re:That's not the spirit of Open Source. by node+3 · · Score: 4, Insightful

      The posters (to /. and to CocoaTech's forum) appear to solely *demand* the source code (and that's in within their rights, of course). Ostensibly they would not be satisfied with CocoaTech simply removing the GPLd code and ceasing to distribute the version in that's violating the GPL. (I'm just going by the few words they've decided to post, which may not indicate their true intentions, but that's all I have to go on)

      If the cashier at the checkout lane short changes you, do you first point out the mistake ("I gave you a twenty") or do you call the police? In this case, is the proper response: "You guys have to release all the code if you want to use GPLd code." or is it: "All your code are belong to us! Gimme now!"?

      Imagine if you made a similar mistake in your job. You are faced with throwing away *years* of work for an honest mistake? What if you bought a house 5 years ago and the bank notices one of the loan pages wasn't signed. What if legally that meant they could take back the house, and only have to pay you back the money you spent? Would it be legal for them to take it back? Would it be right?

      CocoaTech will do the right thing. Hopefully voluntarily. Potentially not. I'm just suggesting we should give them a chance before condemning them. That's just me, I'm a nice guy I guess.

  9. They have a choice of three steps to take by kgp · · Score: 5, Insightful
    It's obvious that the guys at Cocoatech don't have a great grasp of the intricacies of the GPL (and didn't run this by their IP lawyers which I suspect they don't have).

    They can do one of three things:
    1. Release the source for Pathfinder. I don't see this happening -- this is not an outcome they had banked on. Hardline GPL zealots will of course continue to bray that "they released the product so they MUST release ALL of their sources".
    2. Remove the iTerm functionality from their product. The simplest and easiest fixed especially whilst they consider their options.
    3. License the source for iTerm under non-GPL terms from the original authors. The owners of the source (though this would mean that they wouldn't be able to take GPLed fixes unless the author of those fixes agreed to whatever license OR the other license is LGPL.

    Give them a break so that they can fix their mistake (from Eblen Moglen's writings on the subject this is the FSF prefered method) at least until it becomes clear that the breach of the GPL is egregious.

    Who knows they might even release some source this way!
    1. Re:They have a choice of three steps to take by BorgCopyeditor · · Score: 2
      Hardline GPL zealots will of course continue to bray that "they released the product so they MUST release ALL of their sources".

      I challenge you to find a real GPL zealot who says this. This is actually what is said by people attacking the GPL. Hardline GPL zealots know the limits of copyright law: the worst possible thing that can happen is a lawsuit by the original author, it is impossible to force somebody to lose their own copyright.

      "No true Scotsman would ..." etc. I agree that someone who understands the intent of the GPL would not demand the forcible annexation of someone else's code. But what this thread has abundantly shown is that lots of people who think of themselves as "real GPL zealots" are demanding just that. Granted, they're not very important (unless they're releasing gobs of useful GPL'd code that innocent developers want to reuse, which seems unlikely). But they are still capable of providing the opposition with an effortless public relations victory by means of their misunderstanding.

      I wonder if there isn't a larger cultural problem here. It seems that people still don't get the gratis/liberum distinction. We've got to try to change that.

      --
      Shop as usual. And avoid panic buying.
  10. Re:Not the only option by Elwood+P+Dowd · · Score: 2, Insightful

    P.S. They could (under some circumstances) also clarify the boundary between their main product and the part that uses GPLed code so that they did meet the terms of the GPL.

    In this particular case, I think it would be easy. They could probably package the GPLed functionality into its own executable. All the parameters involved could easily be passed as arguments.

    Then they could release the code for that binary, but not the one for their main product.

    --

    There are no trails. There are no trees out here.
  11. Wrap GPL with LGPL with proprietary, vice versa by JGski · · Score: 2, Interesting
    IANAL but it seems the general solution to this kind of problem is to wrap GPL code with LGPL code with proprietary code, or the other way around. That was the point of the LGPL license, wasn't it? That's what I've done in the past.

    The primary issue is: can you actually wrap it and keep the pieces properly separated so free pieces can be free and non-free can be dealt with apart or are the links too pervasive between the two (three)? If the different components are too interwoven to be cleanly separable, it suggests your code design sucks, the code design of the GPL your using sucks, or both.

    1. Re:Wrap GPL with LGPL with proprietary, vice versa by javabsp · · Score: 2, Informative

      No you cannot. If your LGPL code links to GPL code, then it needs to be GPL'ed as well.

  12. Re:I'm not sure if that does the trick, honestly.. by the+argonaut · · Score: 2, Interesting

    Unless it's determined that the only remedy that would correct the situation is specific performance - i.e., a court order telling CocoaTech that they have to open the source code.

    While I think that this is an unlikely remedy, and that a fine would be much more likely, I think one could make a good argument in favor of SP.

    --
    fuck you.
  13. No free ride, too bad by A+nonymous+Coward · · Score: 2, Insightful

    That's what I like about the GPL, if someone wants a leg up on the competition or for whatever reason wants to get to market faster and easier, and wants to use somebody's GPL code, they have to pay in the coin of the realm, which is to release their own code under GPL too.

    If they don't want other people to use their precious code, then they shouldn't use anybody else's precious code, they should write it all themselves.

    --
    Infuriate left and right
  14. Assign Copyright by crisco · · Score: 3, Interesting

    Some maintainers of GPL software ask that copyright on patches be assigned to the maintainers so that situations like these can proceed in a sane manner. Credit for contribution is still given but the original author(s) maintain control of the codebase.

    --

    Bleh!

  15. Want to know how much merit this has? by SensitiveMale · · Score: 2, Insightful

    Every single person arguing for CocoaTech to release the entire code is posting anonymously.

    Apparently no one has the balls to attach their name to their "demands".

  16. Re:Pragmatism -- Like VMWare? by passthecrackpipe · · Score: 3, Interesting

    VMWare grossly abuses the GPL with their ESXServer product. They use a highly modified linux kernel for their host OS, and the host OS is clearly Linux. however, there is no source for the new kernel they install, and when asked (I did so at a few presentations) they simply chuckle, and mutter something about hell freezing over. None different really from how sw-soft is behaving with their vitruozzo product.

    Everywhere I look in the enterprise space there are software companies trampling all over the GPL. We need a good strong courtcase to send some of these fuckers a message.....

    --
    People who think they know everything are a great annoyance to those of us who do.
  17. Coccoatech Says ... by SteveM · · Score: 4, Informative

    From the Cocoatech web site:

    The GPL and Path Finder

    It has come to our attention that there has been controversy about Path Finder's use of some open source code. Path Finder uses a heavily tweaked version of the open sourceiTerm application as the basis for Path Finder's built-in Terminal window and drawer. It always has been Cocoatech's intention to comply fully with the open source licensethat iTerm falls under. We believed that by releasing the complete framework that contains the open source code, this would fulfill the requirements of our usage of GPL'ed code. We are investigating this issue in depth and intend to fully comply with the rules of the GPL. We are also working with the authors of iTerm to make sure this issue is resolved. We wish to reiterate that we support the spirit of the GPL and the open source community, and did not / do not intend to break the rules. We will post another update to this web site to follow up on this issue. We hope to have a clarification and have this issue rectified as soon as possible.

    SteveM

  18. Re:Pragmatism -- Like VMWare? by benploni · · Score: 2, Informative

    Are you sure about this? I asked a representative this exact question at a presentation. He stronly asserted that their ESXServer kernel was not based on Linux. I was skeptical, considering how much work would be required just to create all the drivers for the NICs it supports.

    So, have you got any evidence of this? Its a serious allegation about a company whose livelihood is seriously invested in Linux.

  19. Re:Pragmatism -- Like VMWare? by passthecrackpipe · · Score: 2, Informative

    Well, I have the ESX server CD's, and several machines running ESX server. If the kernel isn't Linux, it is a very good imitation. Tell me what info you need as proof, and I'll provide.

    --
    People who think they know everything are a great annoyance to those of us who do.
  20. GPL goes too far by Anonymous Coward · · Score: 2, Insightful

    This is why I will never use any GPL-license code in any of my products.

    1. I've used PathFinder and have never used the iTerm functionality. It was not a deciding factor.

    2. iTerm is a side feature at best, and it does seem like an example of why GPL (vs. another Open Source license like BSD, LGPL) will not be adopted by anyone that wants to create a business around software.

    3. I would rather see the author pull out the GPL code rather than FORCE to open ALL his code up because of some side feature that he decided to add.

    The arguments made here are proof that GPL is viral and a company could easily get caught in a mess.

    As much as I hate Microsoft, I'm wondering if they're not right (at least about GPL). The draconian arguments made here are no better than Microsoft's.