SQL-Ledger Relicensed, Community Gagged

Ashley Gittins writes "Users of the popular accounting package SQL-Ledger were being kept in the dark about a recent license change. Two weeks ago a new version of the software was released but along with it came the silent change of license from GPLv2 to the 'SQL-Ledger Open Source License' — presumably in an effort to prevent future forks like LedgerSMB. As it turns out, the author was making deliberate attempts to prevent the community from finding out about the license change. No posts to the SQL-Ledger mailing lists asking about the license change were getting past moderation and direct questions to the author were going unanswered. Just recently the license was switched back to GPLv2. This behavior is not a first for this particular project, and is part of the reason for the original LedgerSMB fork. Does a project maintainer have an ethical obligation to notify his or her community of a license change? What about a legal obligation?"

Relicensing...

[mlwmohawk]

If the author is the sole author and/or owns all the copyrights, then they can do what ever they like. If, however, they have accepted third party submitions then they may have a legal obligation to remain GPLv2

Re:Legal obligation? Probably not... Ethical?

[KutuluWare]

Having actually read TFA, it looks like the author was, in fact, trying to do exactly those two things he does not have the right to do with the existing code base:

* Retroactively re-license existing versions from the GPL to the new version:

The version published on the website at http://www.sql-ledger.com/source/license/COPYING takes precedence over any other version in circulation.

* Unlaterally re-license code that includes third part submissions, since most of the translation packages were done by user submission.

Ignoring those two actions, even if the license change is strictly legal, it's downright underhanded to pull a stunt like he did. He didn't just change the license on his software; he put out a point release on the primary distribution site, after having changed the license terms included with the package, then refused to let anyone bring it up on the official support mailing list. How many of us would notice if we downloaded and installed the lastest apache or postfix or whatever, and the license had silently and magically changed to a closed one?

Update and reply

[einhverfr]

I am a core member of the LedgerSMB development team. The author of this post ran it by me as a courtesy before submitting it.

In the time since this was submitted, Mr Simader has seen the light and reverted to the GPL, albeit very unhappily. Such is life.

I don't actually begrudge Mr Simader the right to choose whatever copyright license he wants to have for his work. That is his moral right, and I have no problem with it. However, I was very unhappy with the fact that a lot of contributors' code, including all the translations, were still licensed under the GPL and since his new license was not compatable with it, I felt that he was causing problems for everyone including our project which is why I began contacting contributors privately about the whole thing.

Also, in the event of a license change away from a specific and well-understood OSI-approved license, I think that the developer also needs to give users a heads-up before they install the new version. This is, however, as far as I see the ethical obligations. And even these were not followed.

Finally, on the LedgerSMB project we are committed to rewriting the entire application, not just in order to prevent further conflict with Mr Simader but also in order to create a better program and one which can be more easily maintained. But we would be remiss if we didn't recognize that our success is in fact partly based on his.