SQL-Ledger Relicensed, Community Gagged
Ashley Gittins writes "Users of the popular accounting package SQL-Ledger were being kept in the dark about a recent license change. Two weeks ago a new version of the software was released but along with it came the silent change of license from GPLv2 to the 'SQL-Ledger Open Source License' — presumably in an effort to prevent future forks like LedgerSMB. As it turns out, the author was making deliberate attempts to prevent the community from finding out about the license change. No posts to the SQL-Ledger mailing lists asking about the license change were getting past moderation and direct questions to the author were going unanswered. Just recently the license was switched back to GPLv2. This behavior is not a first for this particular project, and is part of the reason for the original LedgerSMB fork. Does a project maintainer have an ethical obligation to notify his or her community of a license change? What about a legal obligation?"
If the author is the sole author and/or owns all the copyrights, then they can do what ever they like. If, however, they have accepted third party submitions then they may have a legal obligation to remain GPLv2
Forcing people to accept a change in the license without telling them? Definitely unethical - kind of like forcing people to accept Windows Genunie Advantage if you want patches.
No folly is more costly than the folly of intolerant idealism. - Winston Churchill
No. There's only a problem if someone made a fork and tried to change it from GPL to something else. This was a move by the guy who holds the copyrights to the code. the copyright holder can, at anytime, decide he wants to move his code to another license. the catch is that all previously released code is still under the previous license. That is, if i release Foobar v1 under the GPL, then I release Foobar v1.1 under BSD, v1.0 remains licensed under the GPL, and you are free to take that code and start your own version, Forkbar v1.0. However, you must always keep it as GPL, because you don't own the copyright on the code; you only have access to it because of the GPL.
my pet machine
If you want reliability and future commitment, perhaps you should pay for it?
... tough. Paying for it doesn't mean anything in and of itself. Consequently, you have no assurance of anything in the software world unless you're dealing with a vendor that has a significant track record of playing square with its customers. Still no guarantee, but that's about as good as it gets, and it is true whether it's open source or not, commercial or not.
That doesn't always work either. Just read the EULA for, well, pretty much any piece of commercial software. If the vendor disappears, decides not to support the product, if it vaporizes your computer and most of the building its in
The higher the technology, the sharper that two-edged sword.
So the lesson is:
Never, ever, ever buy third party libraries without source. Without source you no longer own the solution you create. I have seen it happen many times before and these days I put a lot of pressure of the library vendor with the hard rule, "No source no Sale". Many of these third party library providers have gone out of business or shifted focus to other products. Without source I would be in trouble.
Never, ever, ever buy any software at all that licenses against a specific set of hardware.
Lately I more often contemplating switching OS to get away from the worst black box of all... "Windows" With Vista and the brain dead security rules introduced it becomes impossible to write software.
* Retroactively re-license existing versions from the GPL to the new version: * Unlaterally re-license code that includes third part submissions, since most of the translation packages were done by user submission.
Ignoring those two actions, even if the license change is strictly legal, it's downright underhanded to pull a stunt like he did. He didn't just change the license on his software; he put out a point release on the primary distribution site, after having changed the license terms included with the package, then refused to let anyone bring it up on the official support mailing list. How many of us would notice if we downloaded and installed the lastest apache or postfix or whatever, and the license had silently and magically changed to a closed one?