Half of GitHub Code Unsafe To Use

WebMink writes "GitHub is a great open source hosting site, right? Wrong. There's no requirement that projects on GitHub provide any copyright license, let alone an open source one, so roughly half the projects on GitHub are "all rights reserved" — meaning you could well be violating copyright if you make any use of the code in them. And GitHub management seem just fine with this state of affairs, saying picking a license is too hard for ordinary developers. But if you're not going to give anyone permission to use your code, why post it on GitHub in the first place?"

Because

[OverlordQ]

Because it's a free place to store a git repo as a backup.

Re:Because

[Bieeanda]

And it's probably one of the first places that comes to mind, shows up on a cursory search, or is suggested by someone in passing. Given that the site maintainers are fine with the state of things, the issue would seem to lie with the assumption that all code there is OSS licensed, rather than its use as a catch-all repository.

Re:Because

this. i've only used github for my personal projects. not everyone cares about contributing to open source projects, or making their code available to others. and there's nothing wrong with that. not everyone should be expected to share their work.

shocking and unbelievable, i know, but it's true.

Re:Because

[0100010001010011]

One semester I used it for my homework. Lots of .tex and .m files. I could do a problem, commit. Push go to a completely separate computer, pull and continue working.

Re:Because

[rbprbp]

This has been my approach to homework (which is mostly .tex and .py). For all I care, I don't mind if someone forks my homework or does anything with it. Though I wouldn't mind them merging their changes back :)

Re:Because

[Endophage]

Bitbucket does the same thing but gives you unlimited private repos. Why not use that if you don't want your code shared. That's what I do...

Re:Because

[Mike_EE_U_of_I]

not everyone should be expected to share their work.

Nor should Github be expected to host such repositories for free.

That's true. However, if Github can afford to provide the service for free and chooses to do so, I see no harm in it.

Re:Because

[AvitarX]

Honestly, if they are making it available, I think they should put a warning up for people, that by downloading and compiling the code you could be in violation of the law, or require everything free for non commercial use.

It's not an unreasonable assumption that something available for download is less than fully encumbered.

Re:Because

[Short+Circuit]

If I understand what you're saying, you're expressing the same ignorance about downloadable material that people downloading warez and mp3s in the 90s had. "It's free, so it's probably legal, right?"

Re:Because

[cheesybagel]

I only use GitHub for code I have written under non-commercial licenses. Mostly Linux ports of former commercial games. SourceForge won't host them. Icculus is a bit of a pain to convince to host your code. GitHub is one of the few choices available gratis.

Re:Because

[Runaway1956]

"It's free so it SHOULD BE legal."

If it's not free for use for non-commercial use, then it shouldn't have been put up there without at least password protection, preferably encrypted as well. Basically, it's "in the cloud", so it's mine to use. Before anyone attempts to use code on github for derivative works or anything, then they really need to check the licensing. But for personal use? Phhhttt - screw the "rights holders"!!!

Re:Because

[Local+ID10T]

not everyone should be expected to share their work.

Nor should Github be expected to host such repositories for free.

And? There is no requirement that GitHub do so, but the maintainers of GitHub have chosen to do it.

What-the-fuck business is it of yours what they choose to do?

Re:Because

[Short+Circuit]

And now we're back to a familiar analogy: "The door was open, so anything inside should have been mine to take!"

Re:Because

[AvitarX]

If it was officially posted It's hardly warez (and I assume It's the content owners choosing to post publicly to github)

Re:Because

[AvitarX]

More like a basket of money in a public space that says take money here. Except copyright makes it so that after the taking there can be extra restrictions (in the case of some github projects restrictions like copying to a separate drive you own is an offense).

Re:Because

Stop likening a web site to an unlocked house. That meme is tired and inappropriate.
HTTP is a request response protocol. The server has every opportunity to deny a request.

Re:Because

[HairyNevus]

That's a false comparison; those mp3s weren't uploaded by the artist themselves. If a musician uploads a track today with a free download, and provides the link without any password protection or encryption so anyone can link to and download it willy nilly, then yes, it's free and you can run it on your computer and listen to it.

I think they should put a warning up for people, that by downloading and compiling the code you could be in violation of the law,

By analogy, this would be like the artist putting up a track for download and saying it's illegal to listen to.

Re:Because

[Kergan]

A developer who downloads code for use in his project, without checking the licence first, shouldn't be coding in the first place. Seriously...

Re:Because

[amorsen]

In sensible jurisdictions, the act of running a program is not a copyright event, since it does not involve distribution. When you download, compile, and execute something from Github, the only copyright event is Github distributing the source file. The rest is not of concern to copyright law.

Alas, when copyright was conceived, copying and distribution were practically one and the same, so "right to distribute" was unfortunately misnamed "copyright". Many jurisdictions later looked at computers and misunderstood any bit duplication to be a copyright event. Denmark is one of the most extreme cases, where every (ISP or otherwise) router is subject to copyright law whenever it moves copyrighted bits around. That level of absurdity is fortunately fairly rare.

Re:Because

[forkazoo]

It's not an unreasonable assumption that something available for download is less than fully encumbered.

It's incredibly unreasonable. If I put a TV in my shop window, you may be able to watch it, but that doesn't mean you have permission to change the channel, or take it home with you. Likewise, if somebody puts code on the Internet, then you can read it. The way the law works in the majority of the world, if you don't have an explicit grant of permission to copy something, or a specific reason to think it has been released from copyright, then it would be illegal do copy it. It doesn't matter if it is code, and it doesn't matter if it is on github. It's not that complicated.

Re:Because

[Darinbob]

Github is only a problem in the original article if you subscribe to a certain political viewpoint.

Re:Because

[torsmo]

Also, doesn't Github allow you to fork other people's projects?

Re:Because

[steviesteveo12]

Failing is the best way to learn, and that includes licensing.

That said, this is not to say that failing at something can never have consequences. Sure, you're just messing about with things you don't (initially, anyway) understand and you're learning new things but that doesn't make it all OK if you do something wrong.

Perhaps this is an issue with the way people learn to code. The coder who doesn't understand what a license is a kid with the internet -- there's no senior programmer watching over them providing supervision and pointing out mistakes.

Re:Because

[josath]

It could very well be illegal to download from the artist. Often artists don't own the rights to their work, having signed them away in contracts in exchange for money.

Re:Because

[VortexCortex]

I think they should put a warning up for people, that by downloading and compiling the code you could be in violation of the law,

By analogy, this would be like the artist putting up a track for download and saying it's illegal to listen to.

That's a bad analogy. A better one: The musician puts up a track for download and the opening lyrics are: "Copy Right To Thou Sand Twelve, Buy Thee Music Making Elve." -- Or better yet, have RMS crank out a new GPL-ish license for Music (in the same vein as GNU Free Document License), and the artist sings that at the beginning of the song.

Oh -- oh! No, no... Just have them break into the Free Software Song for one of the Choruses, OR make heavy use of the BSD style "decrescendo" license.

(The analogy here is embedding a copyright notice in the music)

P.S. No, wait! I got it! If you play the song backward at half speed, the Father of Copyright Law speaks the license!

Re:Because

[tlhIngan]

Honestly, if they are making it available, I think they should put a warning up for people, that by downloading and compiling the code you could be in violation of the law, or require everything free for non commercial use.

It's not an unreasonable assumption that something available for download is less than fully encumbered.

Well, assuming the developer who wrote the code is the one making it available, downloading it would be fine. Running it is a bit trickier, though - would the act of turning it into an executable be considered a derivative work? If not, feel free to compile it, and run it (not a copyright event). You just can't distribute, sell, or otherwise use the code for anything else.

However, as "all rights reserved", it would be like it was CC NC (because you can't sell the compiled work or the source code), as well as CC ND, because you can't use that code for anything else. (It's one of the arguments for getting rid of ND/NC in CC licensed stuff because it's for the most part the same as "all rights reserved").

Github's merely redistributing it according to the policy and that the author holds copyright but is otherwise allowing free download rights (you're allowed to "give away" copyrighted "all rights reserved" content that you own - many authors do this with e-books).

Re:Because

[shipofgold]

It is more complicated than that. This is all about what today's society expects and how people conform to those expectations.

I believe a better analogy would be "I draw a picture, make a large number of copies, and leave them in a public building. Do I expect that people walking by won't pick one up?".

The answer depends on how hard it is to make the copy, where in the public building the copies were left, what notices were posted at the door of the public building, what the passer-by intends to do with the copy, and whether the original producer is deprived of anything.

If each copy was an oil painting on canvas I suppose you might reasonably expect a passer-by to leave them lie. Especially if that passer-by intends to pick up the entire stack and sell them on a street corner. After all each copy cost the original artist something in materials and time, and I would be depriving the original artist of those costs.

If each copy was a photocopy, I can't see anyone assuming that they can't pick up a copy. Material/time costs to the original artist are minimal, so as a passer-by I won't feel that I have deprived anybody of anything by picking up a copy to take home and hang on my wall. In today's society a stack of photocopies in a public place implies they are to be taken.

Of course, if I take that photocopy and publish it in my newspaper in order to sell more newspapers, The original artist might have cause to object, as that act isn't generally supported in today's society.

In GitHub, if I put some sourcecode there, and make no attempt to protect it with password or license, I don't feel today's society would not allow me to object to people downloading it for personal use. But if I include it in a project for sale, I should take care to read the licenses and get the necessary permissions.

Re:Because

[otterpop81]

One semester I used it for my homework. Lots of .tex and .m files. I could do a problem, commit. Push go to a completely separate computer, pull and continue working.

A public account? What happens when someone from your class steals it and turns it in? I know where I went to school if two people turned in the same work, they both got an F.

The professors said they had tools for determining if code had been copied (supposedly which could see through easy stuff like variable name and comment changes). Who knows though. It never concerned me because I wrote my own code and didn't distribute it to others in my class.

Re:Because

[surd1618]

this reminds me of Stranger In a Strange Land

Re:Because

[godefroi]

Indeed, but with fewer Martians.

Not my favorite Heinlein. The Moon is a Harsh Mistress is so much better.

Re:Because

[Lord+Byron+II]

But that analogy doesn't hold because you're comparing information to tangible, physical items.

A better analogy would be: "He left his manuscript visible on a table in public space (like a coffee shop), so I read what was visible."

Re:Because

[xouumalperxe]

No, it's more like saying "the author put it up in a site designed first and foremost to share stuff, so it must've been his intention to actually share it".

Re:Because

[TheCarp]

I fully agree with your statement, in the abstract, but, in the specific case, I don't see how it holds.

Github is not your personal, private git repo. Github specifically exists for the purpose of sharing code. In fact, if you wanted to use them as a personal and private git repo, they offer that service, for a fee.

If you are using the free service, then, you ARE sharing your work. You are going out, and posting it in public for everyone to see, thats what you do whenever you push to github. It is a little like taking all of your personal notes, calendars, etc, and deciding the best place to store them is tacked to the side wall of the building by the sidewalk.

You may not have inteded to share with the world, but, your actions sure don't send that message.

Personally, I think cases like this should grant automatic license. You uploaded code that you wrote and you control to a site which, A) explicitly ONLY serves public files (unless you pay them) and B) allows anyone to fork a copy and use.

I would say, uploading to a site which is designed from the ground up for the purpose of sharing code between individuals projects and resdistributing it.... it seems reasonable to assume that this is exactly what you intend people to do with it, and so implicit license should be granted.

Its not anybody elses fault that you are abusing the service and expecting everyone else to treat your publicly posted code as sacrosanct and private just because you didn't want to pony up for a private account.

That

[M0j0_j0j0]

Is only a problem in places where computer algorithms can be patented. and beside, anyone just grabbing code and pasting direct onto a product without audit or modification is asking for a nice backdoor.

Re:That

[dshk]

In the EU computer algorithms cannot be patented (or at least such patents cannot be enforced), but copyright law applies, and I guess copyright law exists in almost all countries of the word.

Re:That

I'm tempted to start coding a generalized login framework on github, one which silently reports home and has a nice sweet backdoor, just to see how well it would be received.

Re:That

Too late. Microsoft already did it way back in Windows XP. Still, enjoy it for the coding exercise at the least.

Re:That

Nope. Germany has "Urheberrecht", which is vastly different from copyright. (Which many people even here seem to be ignorant about.) And many countries copied German law. Which is waaaayy more sane than "copyright'.

For one, it's an author's right. Not a publisher's right. The fundamental difference in philosophy that that entails, should be obvious.
And you can never ever sell your rights away. Ever. You can act as if, but you can always go "Fuck you, cooww and shee-keeenn! Now you can't use it anymore!" if they are stupid enough to fall for it.
And so you do not need to write *anything* below your works. No "Copyright 2012 Anonymous Coward" needed. In fact, would I be posting with my name, then this very post here would be protected, without me having to mention that in any way. It is assumed on everything except completely trivial drivel.
That's just the most important points.

Of course the organized crime tries to adapt it more and more to "copyright" often acting as if it already were like that, and brainwashing people to fall for it. But they aren't yet there, and they only will over my cold dead body. (I'm with the Pirate Party Germany.)

Re:That

[Desler]

Patents have jack and shit to do with copyrights which is the issue.

Re:That

In the EU computer algorithms cannot be patented (or at least such patents cannot be enforced)

That is good for universities and every other theoretically inclinded. Sad fact is that german ( and other eu) curts have ruled that any combination of software and hardware can be patented and have enforced these patents. Companies just use hardware limitations like finite memory (not low or restricted, just finite like 50 petabyte finite) to get a valid hardware/software patent, something like "this algorithm is designed to run on a machine with limited resources and is therefore part of a patented machine". Some years ago there was a lawsuit between camera manufacturers and microsoft over the patented FAT filesystem, gues who won. Hint: the patent contains a section on dealing with long directory names in limited memory.

As a german I want to point out that european juges are just as crazy as everywhere else. Whe had people send to prison for crimes that did not happen and a whole system refusing to entertain the notion that it could be wrong (families send to prison for murder with no evidence, even after the "victim" was found drowned with his car, a man stuck in the psychatry for paranoia even after it became public that his accusations where actually true, etc.). There are only juges and lawyers in this system, you can be happy if you find even a shred of justice anywhere close to the former two.

Re:That

[Kergan]

Actually, "Urheberrecht" is due to an EU directive, which mandated the whole thing throughout the EU a bit over a decade ago. It applies to the whole EU today.

Also, if memory serves, it was pushed forward by the -- at the time French -- EC commissioner in charge of property rights (though I'd need to double check that, so take the latter point with a grain of salt), on grounds that (this much I'm sure of) a workers' writing/coding/music/movie shouldn't ever belong to his editor or publisher, but to the author himself. The best authors can do since is to grant an exclusive license -- even as an employee to code consulting firms, which incidentally caused issues in legal departments back then to weed things out the proper way. (And it was a huge mess in some firms, since they assumed US laws were the norm.)

Re:That

[GumphMaster]

In the case of software patents I see the open publication of the "patentable" software on GitHub as a monumental pile of prior art/patent invalidations just waiting to be mined. While publishing your code does not relieve you of your rights under copyright law, it should relieve you and anyone else of the ability to patent any embodied "invention" if it is published for long enough (1 year before the patent application in the US). I doubt you will find any patent-hugging companies deliberately using GitHub for precisely this reason.

Not a new problem

[MightyYar]

This certainly isn't a new problem. If you work for a corporation, you aren't going to use code without a clear license. At least, I hope you aren't. If you need clarification about a license, you can often just contact the author. Just because the website is called "Github" doesn't mean you should treat the code any differently than code you find laying around anywhere else.

Re:Not a new problem

[pspahn]

Does that make it the fault of the developers, though?

If you are pressed by management to find a solution before you leave for the day, you'll probably spend some time looking at the problem yourself to discover what you need to Google to find an answer.

Don't blame developers when they are so constrained.

Re:Not a new problem

[Local+ID10T]

Developers in corporations download random code from the web and incorporate it into their projects all the time.

Yes, but we call it "research"

Re:Not a new problem

[MightyYar]

Exactly - this is nothing new. You could be cutting and pasting from anywhere on the web and the exact same hazard exists. You should not be cutting and pasting without knowing the license, from Github or anywhere else.

Re:Not a new problem

[MightyYar]

You are indeed alot like conversing with a compiler. Thank's for the constructive discussion. But hay, you're English is real good.

Unsafe?

Code having a license term, you use it under that license. Whats the problem. So you can't cut an paste it. Good. But as a example of an implementation its still very useful/educational.

The license chosen isup to the author, get over it. This militant 'I want it all for free and without me having to do anything' is your problem, not the authors.

Re:Unsafe?

[SwashbucklingCowboy]

"But as a example of an implementation its still very useful/educational."

And opens you up to the possibility of being accused of creating a derivative work, which violates "All Rights Reserved".

Re:Unsafe?

[steviesteveo12]

Absolutely. When you're sued you can go to court and try to prove it was fair use. All of the costs, none of the certainty.

Bitbucket

[akeeneye]

As is Bitbucket (bitbucket.org), with the added bonus that the private repos that you create there are free too.

Re:Bitbucket

[smittyoneeach]

The $7/month I pay to GitHub to keep a few private repositories doesn't seem a massive gouge at all.
GitHub is a great site. Gotta hit their tip jar.

Re:Bitbucket

[jez9999]

And you can attach files to your issues in the issue tracker (amazingly you can't on Github).

Re:Bitbucket

[akeeneye]

You're giving credence to a rant from 2008 by someone who doesn't even know how to turn off Apache directory indexing on his own user directory? FWIW, Bitbucket did a complete redesign of their site and released it on October: http://blog.bitbucket.org/2012/10/09/introducing-the-redesigned-bitbucket/ .

Re:Bitbucket

[debrain]

If memory serves, the original post I linked was written by Scott Chacon, and was served on GitHub proper/blog for some time. The link I gave appears to be the last remaining mirror that Google finds.

Re:Bitbucket

I read that rant a few days ago, while trying to work out which of the code hosting solutions sucked least (it was a tie).
While he may (have had) a point, a lot of what he complains about being "copied" are common website design patterns: tab bars, column layouts, apache-style directory listings, etc.

It's just a shame that the Bitbucket redesign got rid of a fair amount of useful stuff (like an actually helpful list of forks), which erstwhile were points in its favour over GitHub.

Re:Bitbucket

[luder]

That's more than I pay for shared web hosting with "unlimited" everything, including shell access and the ability to set up my own private Git / Hg / Svn repositories.

Re:Bitbucket

[thetoadwarrior]

$7 a month is pretty expensive for a repo hosting site that only has one option (git).

I'll take bitbucket which gives the choice of mercurial or git and private repos for free and a better pricing model.

Re:Bitbucket

[thetoadwarrior]

That rant is full of retard and funnily he tries to rig his google serach results to make it appear github is on the top. Sourceforge (which I don't use btw) blows github out of the water in terms of size and options.

In fact github probably has the least options out of any code hosting service and the expectation that I'm going to pay for private repos isn't going to happen. Certainly not when said site has had its share of security flaws because it's a ruby site written by ruby tards who no doubt prefer to brogram while downing red bull.

"All rights reserved" doesn't mean what you think

"All rights reserved" doesn't mean that you aren't going to give permission to use your code. It just means that you haven't done so yet, or you haven't made up your mind.

It is silly to use such code, even if accompanied by a license, because the right to use it can be revoked if it is reserved.

I've found modules I wanted to use on github and gone through the exercise of tracking down the authors and talking them into putting their code under some sort of license (hopefully one that's compatible with what I need, but of course it's up to them). It's surprising how many people don't understand of copyright law and licensing.

So what ?

[vikingpower]

To "old" hands like me, GitHub is one of the last places reminiscent of the great liberties we had up to the end of the '90s. So what do we care ? Take code from GitHub, copy/paste, re-implement ideas you find there, possibly implemented badly.... C'mon, who gives a damn about copyright on GitHub ????

Re:So what ?

[preaction]

Lawyers. The EFF. The FSF. Anyone who makes a living on copyright.

Re:So what ?

[westlake]

Take code from GitHub, copy/paste, re-implement ideas you find there, possibly implemented badly.... C'mon, who gives a damn about copyright on GitHub ????

The owners. The courts. Your employers. Your clients, among others.

Why?

[gcnaddict]

But if you're not going to give anyone permission to use your code, why post it on GitHub in the first place?"

Lets say I stumble across a fantastic utility, and the source is open for me to view. I'll dive through the code and make sure I'm comfortable with its functionality (i.e. it's not doing anything I don't want it to do) before grabbing the tool.

I'm not using the code for my own projects. I'm just vetting the code. Plenty of developers throw code for small utilities up for exactly this reason, and the vast majority of the world is totally cool with it.

Re:Why?

[Ksevio]

So basically it's for the original coders to show off their awesome coding skills

Re:Why?

[gcnaddict]

...no, it's for the original coder(s) to build trust among the people using the programs.

Re:Why?

[steviesteveo12]

The community will also only validate code that is frequently looked at. The vast majority of Github will never be accessed once it's been committed, never mind carefully analysed by experienced third parties for security issues.

Re:Conflating copyright and patent again...

[smittyoneeach]

conflating piracy and theft

Who does that? Piracy requires an ocean, ships, and lots of brutal, hand-to-hand combat effort.
Modern theft has been reduced to legislation.

Why post it on GitHub?

[Opportunist]

C'mon, it ain't that hard.

1. Post it on Github
2. Make everyone think it's free to use.
3. Sue everyone you can get your hands on who do.
4. Profit

Re:Why post it on GitHub?

[Vasheron]

C'mon, it ain't that hard.

1. Post it on Github
2. Make everyone think it's free to use.
3. Sue everyone you can get your hands on who do.
4. Profit

You forgot the ???

Re:Why post it on GitHub?

[Neil_Brown]

2. Make everyone think it's free to use.

3. Sue everyone you can get your hands on who do.

4. Get annoyed that a court finds the existence of an implied licence, or, in some nuanced cases, that the action is prevented under the principle of non-derogation from grant. Assuming the defendant can afford to argue.

Re:Why post it on GitHub?

[Frosty+Piss]

4. Get annoyed that a court finds the existence of an implied licence, or, in some nuanced cases, that the action is prevented under the principle of non-derogation from grant. Assuming the defendant can afford to argue

Please. Come back to reality.

When in the recent past have you seen a court rule on copyright with common sense?

Seriously, put down the bong.

Re:Why post it on GitHub?

[Neil_Brown]

When in the recent past have you seen a court rule on copyright with common sense?

I'm not sure that Usedsoft applied common sense, but rather some convoluted reasoning, but the outcome seems sensible enough. Picking on rulings relevant here, I think the US court's decision in Wallace v. IBM was common sense, as was the finding of the German court in Welte v. Skype.

Perhaps look also at Griggs v. Evans — a pragmatic decision on the facts, to my mind.

Sure, there are some odd judgments, but there are some sensible, practical judges out there too.

Re:Why post it on GitHub?

[Frosty+Piss]

Interesting links. Thanks... F.P.

Re:Why post it on GitHub?

[Neil_Brown]

Interesting links. Thanks.

My pleasure. If you do read the Usedsoft decision, there's a good chance you'll find it pretty impenetrable, unless you are familiar with the computer programs directive — I prepared some slides for a friend's talk on Usedsoft a couple of weeks back, which you might find helpful alongside the decision. (Listed as (c) to me (ironic, given the thread here) but, as far as I'm concerned, treat as CC0.)

Re:Why post it on GitHub?

[Kergan]

I wish I had mod points. +1 funny/insightful. :-)

Daily reminder

Daily reminder that "open source" doesn't necessarily automatically equal "free" (beer or freedom).

I'm OK with this.

Re:Daily reminder

[icebraining]

That depends on the definition of "open source" you use. If it's the one by the Open Source Initiative, it certainly does mean you can use and distribute the code.

Re:Daily reminder

[mwvdlee]

Not unconditionally true.
Open source licenses exists to prevent certain types of distribution (otherwise, just use public domain).
For instance, some licenses will not allow you to change code and distribute it under the original name.
Most open source licenses prevent you from removing the copyright notice from code you distribute.
Many prevent you from removing author attribution from code distributions.

Reading code can be useful on its own

[Hentes]

The author seems to confuse open source with copyleft. Open source is not a legal thing. And a ban on redistribution of derivative works doesn't mean that it's useless. Knowing the source code of a piece of software is important if you want to use it for any security-sensitive work or if you want to implement some modifications of your own (which you don't intend to distribute). It's not unheard of even that a developer company only gives the source code to their paying costumers.

Re:Reading code can be useful on its own

[icebraining]

Open Source, as defined by the Open Source Initiative, is most definitively a legal thing.

a ban on redistribution of derivative works doesn't mean that it's useless. Knowing the source code of a piece of software is important if you want to use it for any security-sensitive work or if you want to implement some modifications of your own (which you don't intend to distribute). It's not unheard of even that a developer company only gives the source code to their paying costumers.

This is why the author says it's dangerous.

Unlicensed code ("All rights reserved") is not a ban on redistribution. It's a ban on any copying, including forking the code to your machine. You most definitively can't modify the code, even if you don't intend to distribute it.

Re:Reading code can be useful on its own

[micheas]

... or if you want to implement some modifications of your own (which you don't intend to distribute)

IANAL, but I have been led to believe that code that is all rights reserved cannot be modified without consent of the author, unless it falls under the fair use exemption of copyright.

The fact that your modifications could reduce the profitability of the copyright owners derivative works lead me to suspect that the courts would generally find that your changes are a copyright violation, even if they are not distributed.

Copyright law is all about money and lost sales.

My advice, get permission from the copyright holder, it is much cheaper and less confusing than attorneys.

Re:Reading code can be useful on its own

This is why the author says it's dangerous.

Unlicensed code ("All rights reserved") is not a ban on redistribution. It's a ban on any copying, including forking the code to your machine. You most definitively can't modify the code, even if you don't intend to distribute it.

Does copyright really work like this nowadays? If so, that's pretty scary. Copyright used to be a restriction on distribution, not on what you can do with the code privately. I hope you're wrong about this.

Re:Reading code can be useful on its own

[icebraining]

Copyright is a right to copy. To use the code privately, you need to copy it to your machine. That's forbidden.

(Yes, I know that to read the files on Github you technically need to download them. Guess what, courts aren't idiots, and they're perfectly capable of understanding the distinction).

Re:Reading code can be useful on its own

[icebraining]

Actually, grabbing it for personal use like that is technically fair use.

Citation needed. I've read Section 107 more than once and 'personal use' ain't in it.

Sensationalist article stating the obvious

[caseih]

Whether you are working on proprietary code or open source code, you can't just paste code from the net into your project without a license, regardless of whether it's GPL, BSD, or some royalty-free use grant. Unless the code has an explicit license, or states explicitly that it is in the public domain, you simply cannot use it without express permission from the copyright holder, because no law grants you that right. Plain and simple. So if code in a git repo is "all rights reserved," the you can look, and even download it, but you cannot put it into your own code. So I don't see what the problem is here. License always matters, whether you're a FLOSS person or developing commercial software.

So of course half of all git repos are unsafe to use. Why does this warrant some big sensationalist article? Kind of along the lines of articles claiming the GPL is a threat to proprietary software companies because it will "infect" them somehow magically. Folks, a little bit of understanding of copyright law will go a long ways I think. Open source, even copyleft, depends on copyright to keep it as such. We should all have a basic understanding of it.

Re:Sensationalist article stating the obvious

[marcansoft]

You can take any code which you find and put it into your project, or even combine bits of code with incompatible licenses. What you can't do is distribute the result. Distribution is where copyright law kicks in.

Re:Sensationalist article stating the obvious

[gajop]

Mod this up
Whenever I work on a personal project I leave the licence for the last part, when I actually plan to release it to the wild.
In fact 2/7~ of my github repos lack a licence and may never get it.

I would be surprised if I was the only one that works like this.

Re:Sensationalist article stating the obvious

[phantomfive]

The repos on github aren't all-rights-reserved. By hosting your code on github, you agree to allow people to fork your code.

Re:Sensationalist article stating the obvious

[Neil_Brown]

You can take any code which you find and put it into your project, or even combine bits of code with incompatible licenses.

Distribution might be where GNU GPL 2.0 kicks in, but copyright certainly kicks in to prevent you from just taking code and putting it into your own project, at least in Europe — the restriction on "copying," for example. (You might have a defence of fair use in the US, but that's an affirmative defense, not an absence of copyright.)

Whether anyone would find out, or consider it worth suing for, is perhaps another matter, but copyright is not just limited to distribution.

Re:Sensationalist article stating the obvious

[marcansoft]

It is true that the law grants the copyright owner the right to restrict the creation of copies, but It can be reasonably argued that by posting the code on GitHub you've implicitly given consent to the mere creation of a copy (as would automatically happen if you view the code or download it). For most practical purposes, the limitation on distribution is what matters.

Re:Sensationalist article stating the obvious

[micheas]

Distribution is where copyright law kicks in.

Like when you distribute the program from your drive to your RAM?

Now if the program is all rights reserved, and your modified version that you distribute mocks the original author, you could claim the parody exception for copyright. (Would you be successful? I don't know about that question, ask an attorney.)

Re:Sensationalist article stating the obvious

By hosting your code on github, you agree to allow people to fork your code.

No, you allow people to view and fork your repository.

However, by setting your pages to be viewed publicly, you agree to allow others to view your Content. By setting your repositories to be viewed publicly, you agree to allow others to view and fork your repositories.

There is a difference between the two. Also putting something on Github does not disallow an "all-rights-reserved"-style licensing or any proprietary license you want since they even admit:

We claim no intellectual property rights over the material you provide to the Service. Your profile and materials uploaded remain yours.

So basically, you are wrong on all counts.

Re:Sensationalist article stating the obvious

[mysidia]

because no law grants you that right.

No no no... You have that right by default, unless the law denies it. You can repeat some code, natural right to free speech protected by the constitution.

However, some restrictions may apply. One of those restrictions is, if someone else wrote the code, their work may be protected by copyright.

If they register their copyright with the US copyright office, within a certain time period after having created the work, they could sue you for infringement.

In case they haven't registered the copyright, as may be the case with someone's personal project, they may not be eligible in fact to sue you. They have to register it first, and there is a time limit for registering a copyright after having created the work.

So if they chose not to register it, the time limit passed, and they weren't granted any exception, then they will have no means to prove ownership of a copyright on the OSS code in order to sue.

Re:Sensationalist article stating the obvious

[caseih]

Umm, yeah. I think you have a reading comprehension failure.

There is no logical fallacy in what I wrote. Unless you have a license to do so, you may not include code for which you do not own the copyright into your own code. Hope that is more clear for you. But the original sentence is both correct, and logical. And in fact supports your statement that a piece of code that has no license is not open source. That is the whole point. Sorry you missed it the first time.

Re:Sensationalist article stating the obvious

[caseih]

Sorry, but copyright law (not talking about the DMCA nonsense here) is required to keep FLOSS FLOSS. It's our weapon to keep our software that we write and use free. At least until everyone advances to the point of being able to function in an anarchist, libertarian paradise.

Re:Sensationalist article stating the obvious

[imp]

Well, if it truly is without a license, you cannot even download it to look at it. Copyright law is quite clear: if you have no license, you cannot copy it. Full Stop.

Gitorious

Gitorious is both free software (AGPL) and a hosted git service. Creating a project, you get to pick between 22 licences, proprietary or none. I haven't checked their stats to see what percentage of projects it hosts are open source or not.

Missing the problem here

[dugjohnson]

Github is a great place to store your repository. It is ALSO a great place to share code with people you want to work with who may or may not be really conversant with git.
Github doesn't claim to provide a repository for open source software...just a place to store repositories which you (as an author) may or may not choose to attach a license to. But that doesn't remove the responsibility of the copier to determine what the license on that software may be. If I copy anything, I need to know if I have the right (copy right) to do that. The onus is and always has been on the copier. That said, the copyright owner is the one who will follow up with violations.
Just because I choose to use github to store my repositories (and, in my case, I use and pay for private repositories for those things that I don't want to share) does not mean that I want everyone in the world to download and use my stuff. I'm an idiot if I am surprised when people DO use my stuff that I make publicly available, but without an explicit license allowing use of my code, it is protected in the US by copyright laws as soon as I write it...and IANAL.
Github is just a great service for those of us who don't want to set up our own repository. They are not a guarantor of free software, nor a nanny to protect me.

Re:Missing the problem here

[Neil_Brown]

Github doesn't claim to provide a repository for open source software

Agreed, although it does claim to be a platform for "social coding," and that it is "the best place to share code with friends, co-workers, classmates, and complete strangers," having been founded "to simplify sharing code."

I am not reading the article as anything more than "if GitHub wants to promote sharing of code, make it easier for a developer to specify licensing terms" — and that seems imminently sensible to me.

Re:Missing the problem here

[phantomfive]

Just because I choose to use github to store my repositories (and, in my case, I use and pay for private repositories for those things that I don't want to share) does not mean that I want everyone in the world to download and use my stuff.

Just so you know, in the terms-and-services you clicked on when you signed up for github, you actually gave permission to everyone in the world to download, view, and fork your stuff. So if that's not what you want, you might reconsider your use of github (Note: this only applies to the free public repositories).

Re:Missing the problem here

[dugjohnson]

Agreed and I understood that (which is why I have some private repositories). It's the fork part that is "interesting" from a copyright standpoint. What does that really mean, legally (I know what it means technically)? I guess that's why the lawyers continue to do what they do.

Re:Missing the problem here

[phantomfive]

What does that really mean, legally (I know what it means technically)?

From a legal standpoint, of course it's a horribly unclear terms-of-service, so you are right when you say, "I guess that's why the lawyers continue to do what they do." However, I think the implicit meaning could be reasonably interpreted to mean, "if you put things here, you intend to share them."

In general it's easier to pursue a copyright claim if you've made an active attempt to assert it, for example, submitting your work to the Library of Congress. So if you haven't specified a license, or made any other attempt to keep people from using your stuff, and actively indicated that you'd like to share it, it's unlikely courts will have much sympathy for your claim.

Note: I am not a lawyer, but feel free to pay me like one.

Re:Missing the problem here

[dugjohnson]

I wonder if GitHub couldn't clear this up by picking a fairly restrictive license (maybe good for personal use, but not for commercial) and make that the default (as opposed to no license, or a very vague one as we see now).
Then if I wanted things looser, I could pick from other licenses, if I wanted things tighter, I could pay the money for the private repositories (again, this is what I do). The problem is that to make things private costs money...not a LOT of money, but some. But it occurs to me that the intent of making you allow people to download and fork would be to make your code available, not necessarily to enrich the downloaders, but in the spirit of knowledge sharing.
So a default "personal use" license, but no commercial use required on the free GitHub seems like a reasonable compromise...and more explicit than the current situation.
I doubt they'll be calling to ask my opinion, but there it is.

You seem to be forgetting one simple thing..

[squirrelthetire]

Github is the photobucket of source code. Licensing code would be another step that people generally don't want to bother with. If someone cares enough about licensing for some particular code, they can contact the author(s) easily enough. Frankly, worrying about licensing every piece of code you write is just a time-suck. It's necessary in some situations, but not

roughly half the projects on GitHub

Re:You seem to be forgetting one simple thing..

[serviscope_minor]

Frankly, worrying about licensing every piece of code you write is just a time-suck.

Not really, because there are a few ready-made pre packaged licenses to suit your taste.

Personally I like the GPL, so random small things I've released (quite a few) just had a stock LICENSE which is just a copy of the GPL. Took a good 10 seconds. I guess you could count that as a time suck, but I probably spent more time worrying about what to call the program.

Re:You seem to be forgetting one simple thing..

[squirrelthetire]

True, but I'm thinking more on the lines of a repo for your dotfiles, etc. I totally agree that you should put a GPL or something onto whatever project you make, but then you end up putting a nice header at the top of every file, a COPYING file, etc. It's almost no work, but the fact that it is means that people will generally not bother with it. Like I said, github is the photobucket of source code.

Re:You seem to be forgetting one simple thing..

[serviscope_minor]

True, but I'm thinking more on the lines of a repo for your dotfiles,

fair point.

I don't see the story.

[metrometro]

GitHub allows creators to determine what license to publish under. The license is disclosed to downloaders. Some of it is under an open license. Some of it isn't.

"Is this code using a license compatible to my project?" is a pretty normal thing to ask before dropping something into your work.

Personally, I like having access to look at source on closed projects - projects I wouldn't otherwise have access to. You can learn stuff even if you don't copy/paste working code.

Re:I don't see the story.

[Volastic]

An article looking to be one, with little chance.

Next on slashdot...

[metrometro]

Half of Coffee Shop Unsafe to Drink (If You Want Decaf)

Terms of github

[phantomfive]

From the terms of service from github:

We claim no intellectual property rights over the material you provide to the Service. Your profile and materials uploaded remain yours. However, by setting your pages to be viewed publicly, you agree to allow others to view your Content. By setting your repositories to be viewed publicly, you agree to allow others to view and fork your repositories.

If you use source code found on github, it's going to be hard for the author to win a copyright lawsuit. This is a non-issue. They've basically allowed you to fork the code (with the implication that you're going to modify it). I don't see them in any way being able to recover punitive or even statutory damages.

The real danger with github, as with all open source, is ensuring that the project's owner hasn't stolen proprietary code from somewhere else. Imagine if Linus had grabbed some files from Unix, then IBM would have been in a lot more difficulty during the SCO case. Fortunately the only things Linus copied were semicolons and braces.

But if you use someone's code through an open source project, you can be liable, even if you got the code under the GPL or BSD license, because the project's owner didn't have the right to give you that code.

Re:Terms of github

[PPH]

Yep. Good points.

It sounds like the original poster comes from that school of thought that expects every hosting service or ISP to defend property rights on behalf of the owners. That's not GitHub or Megaupload's job. The world would be different if the RIAA had sued Postel and Reynolds for writing RFC 959 (FTP) for not incorporating DRM.

Re:Terms of github

[Kjella]

If you use source code found on github, it's going to be hard for the author to win a copyright lawsuit. This is a non-issue. They've basically allowed you to fork the code (with the implication that you're going to modify it). I don't see them in any way being able to recover punitive or even statutory damages.

So under what license do you have the code, if it doesn't have one? Are you're going to claim that this CYA sentence in the terms of service that GitHub have put there to avoid being sued for handing out "unlicensed" copies to people is the same as the author putting the code in the public domain? I think you'd get laughed out of court with that defense. For sure it protects GitHub distributing the code, it probably protects you cloning the repository but you for sure hasn't been granted any "exclusive rights" like modification, distribution or even compiling it - since the binary is clearly a derived work of the source code. To use a car analogy, it's like you let a stranger use your parking space. It's now on your property, but it's still their car and without any further permission you can do roughly nothing with it.

Re:Terms of github

[phantomfive]

You've got it backwards. If you sue me for copyright infringement, you need to prove that I infringed, I don't need to prove that I didn't. So good luck proving that by forking and redistributing the code that you put on github, I've made unjust profits or caused you losses.

Re:Terms of github

[nadaou]

Just because you publish and given away a copy of a work does not mean you have released any claim to copyright on it. This is not trademark law where protect it or lose it applies.

Try reading some of the many fine primers available at the SFLC. http://www.softwarefreedom.org/

People misunderstanding the point of Github?

[flimflammer]

I think so!

The public repository option for uploading makes no mention that you need to supply the code with a copyleft/copyright free license, just that the code is publicly listed and browsable. Why are people assuming that everyone is supposed to?

Are people confusing open source (publicly browsable source) from Open Source (the movement)?

Re:People misunderstanding the point of Github?

Well, I guess a lot of people would assume that when there is a public git repository you'd be allowed to do such basic stuff like compiling the code and fixing bugs.
A responsible hoster should display a big fat warning to the users when looking at it really is the only thing they are allowed to do.

Not only a problem with Github

[SwashbucklingCowboy]

Lots of so called open source projects either don't provide a license or provide conflicting license information. For example, we recently looked at a project where the web site says it's MIT, but the code says it's public domain.

Re:Not only a problem with Github

[dbc]

And some that you would expect to be clueful are surprisingly not, or are at least very sloppy. I recently was studying an example in the Pyside code base. Pyside, a major project, from Qt, owned by Digia, formerly owned by Nokia. People you would expect to be clueful. I looked quite diligently for license information. I found in a directory some levels up from the code I was studying a one sentence "licensed under GPLv2". Okaaaaaay....., how about since each example is a stand-alone program in a stand-alone build directory, let's say we put a license in each one? How about putting a bleeding copyright notice on each source file?????

Really, people, this isn't that hard. Stand-alone code with no notice of even copyright much less a license is not acceptable.

In a past life I managed a software product validation group for a rather biggish company. This kind of stuff was on the first page of the source release check list. This kind of stuff was a stop-ship bug, as in, your code is kicked off the RC master until you can demonstrate a linear arrangement of water fowl.

StackOverflow is even worse!

[zidium]

Every question, answer, and comment on the StackExchange websites (StackOverflow, ServerFault, et. al.) is automatically licensed on something very akin to the GPL (the Creative Commons Share Alike License); if you use code from those sites, your entire application's source will legally have to be released.

Just because no one is talking about that doesn't mean it isn't legit. Check it out: http://meta.stackoverflow.com/questions/25956/what-is-up-with-the-source-code-license-on-stack-overflow

Re:StackOverflow is even worse!

[Endophage]

I would suggest that most of the code on stackoverflow, while answering a question to which the answer probably wasn't easy to find, is often so trivial as to make any license terms realistically unenforceable. Not that it doesn't have that license, but good luck trying to enforce it.

Case in point, anything in this search: http://stackoverflow.com/questions/tagged/css

Re:StackOverflow is even worse!

[rasmusbr]

In order to have copyright you must first create a work. Most of the code examples that people post on those sites are so short and trivial that I doubt that very many of them (as published in isolation) would qualify as works in most jurisdictions. Even if you have a code example that is complex enough to qualify as a work you could still probably copy-paste a few lines from that work without breaching the copyright, especially if those lines are trivial or obvious or constitute best practice in the language.

Forking doesn't remove copyright

[perpenso]

We claim no intellectual property rights over the material you provide to the Service. Your profile and materials uploaded remain yours. However, by setting your pages to be viewed publicly, you agree to allow others to view your Content. By setting your repositories to be viewed publicly, you agree to allow others to view and fork your repositories.

If you use source code found on github, it's going to be hard for the author to win a copyright lawsuit. This is a non-issue. They've basically allowed you to fork the code (with the implication that you're going to modify it). I don't see them in any way being able to recover punitive or even statutory damages.

Forking doesn't remove copyright. All that seems to have been accomplished by forking is adding someone else's possibly copyrighted work to the original author's copyrighted work.

I Have A Number of GitHub Projects...

[ios+and+web+coder]

...and they are all GLP2. Thieves are gonna steal, no matter what, so my code out there is free for the taking. I use GPL, only because a couple of other FOSS repositories require it. I'd much rather use the "Take Me, You Gypsy Stallion" license, in which the code is 100% open and free for all. I don't like GPL, because it's a coercive license; every bit as shackled and enslaved as the code the FOSS folks like to dis. However, it doesn't hurt to use it, in my context.

If I don't want people to have my code, then I have a Perforce server that I run in my local network. I have a lot of stuff there, as well.

Re:I Have A Number of GitHub Projects...

[dbc]

I think you are looking for the BSD or MIT license.

Re:I Have A Number of GitHub Projects...

[ios+and+web+coder]

Yes, they are better licenses. However, in order to get my code onto some repos (like the Joomla site), it needs to be GPL.

Re:I Have A Number of GitHub Projects...

[dbc]

Then the Joomla folks need educating. Anyone can take any code with an MIT or modern BSD license and slap a GPL onto it any time they want. Adding MIT code to a GPL project is never a problem. AFATG, since you own the copyright, you could push to github with MIT (which accomplishes your "fire and forget" objective), and push to Joomla with GPL to keep them happy (assuming I understand you correctly that the Joomla gate-keepers require GPL.) You can put your code out under as many licenses as you want, since you hold the copyright.

Re:I Have A Number of GitHub Projects...

[ios+and+web+coder]

Yeah, but I'm too lazy to thread multiple licenses throughout my code. I use a "lego block" coding pattern, with lots of reused code. Just making it all GPL makes for a lot less agita.

If anyone wanted to use the code commercially, they could always contact me (there's lots of info in the project repos), and I could change the license for their copy.

Re:I Have A Number of GitHub Projects...

[dbc]

True enough. A lot of people overlook that option.

So if you have a lawyer

[kawabago]

You won't be able to use this competitive advantage if your company has lawyers on staff. A small startup will use the advantage because they don't have a lawyer who can forget to explain estoppel to them.

GitHub FUD ©

[dgharmon]

"promiscuous sharing w/out a license leads to software transmitted diseases".

Well, before you use the software, checkout the license ...

Original author loses nothing by forking ?

[perpenso]

Just so you know, in the terms-and-services you clicked on when you signed up for github, you actually gave permission to everyone in the world to download, view, and fork your stuff.

True. However the original copyright remains intact. Maybe you could add your copyright to code that you add. The original author doesn't seem to lose anything by forking. Well other than individuals may download and privately use, but not redistribute, the forked version rather than the original version.

Re:Original author loses nothing by forking ?

[phantomfive]

Well other than individuals may download and privately use, but not redistribute, the forked version rather than the original version.

It is unlikely that any court will interpret the terms of service to mean that you can fork it, but not allow others to fork a forked version. It's unlikely that any court would stop redistribution.

You can try filing a lawsuit, and good luck to you. I'd like to see that one play out in court.

Re:Original author loses nothing by forking ?

[perpenso]

Well other than individuals may download and privately use, but not redistribute, the forked version rather than the original version.

It is unlikely that any court will interpret the terms of service to mean that you can fork it, but not allow others to fork a forked version. It's unlikely that any court would stop redistribution.

Who said anything about not allowing the fork to be forked? By redistribution I mean something *other* than the source being available on github as part of the original author's hierarchy. Such *other* methods of distribution remain subject to the authors' wishes.

Re:Original author loses nothing by forking ?

[phantomfive]

Yes, but if you don't specify that your wishes are contrary, you will have trouble winning a court case based on non-specified wishes.

Re:Original author loses nothing by forking ?

[perpenso]

Yes, but if you don't specify that your wishes are contrary, you will have trouble winning a court case based on non-specified wishes.

I'm sorry but I'm not following. Your wishes being contrary do not change the original author's wishes. The original author's wishes move to the fork with his code. There could only be contrary wishes in the code that you contribute. People would be free to re-use source from you contributions if your allow but the original code remains off limits wrt re-use.

Re:Original author loses nothing by forking ?

[phantomfive]

The author's wishes don't matter. All that matters is what can be enforced in court (remember copyright is an artificial construct, the only way it matters is when the government enforces is through the courts).

The goal for the author should be to make his wishes known in a way that the courts will be willing to enforce the copyright. There are ways to do this, for example, you can submit your work to the library of congress.

Now, if you don't even include a license in your repository, and just throw it up there and allow it to be forked by anyone, under what law are you going to sue? You can maybe file a DMCA takedown notice, you can sue to stop future re-distribution, but it's unlikely the courts are going to give you damages for any distribution already done.

Re:wtf

[jedidiah]

...especially when there is nothing in the code to indicate what the license is.

It's like a hotel mini-bar but with no indication or understanding that you actually have to pay for the overpriced booze and peanuts. This hotel is in a hippie commune where the usual rules don't apply. So it's not obvious that crass rules apply.

So you don't make the usual default assumption that everything has dire restrictions by default, that everything has a price, and that they will try to charge you for those booze and peanuts later.

Personal use allowed ? Can share via github ref ?

[perpenso]

Since the original author is essentially publishing the code it would seem that an individual downloader would have the right to use the code on a personal basis. This individual would merely not be allowed to redistribute or otherwise share the code.

Of course if the individual wants to share the work with someone else they merely have to refer that person to the original author's github repository.

So if someone creates a useful a utility program, decides to license it in a non-FOSS manner, the author can still share it with any interested parties. If so that seems a pretty legit role for github.

Urheberrecht

[tepples]

For one, [the German counterpart to copyright is] an author's right. Not a publisher's right. The fundamental difference in philosophy that that entails, should be obvious.

The U.S. Constitution in theory espouses the same philosophy, as exclusive rights are secured "to authors and inventors".

And you can never ever sell your rights away. Ever.

How does Germany handle works made in the scope of employment?

You can act as if, but you can always go "Fuck you, cooww and shee-keeenn! Now you can't use it anymore!" if they are stupid enough to fall for it.

If an author signs a contract with another party granting an exclusive license to publish a given work, is that unenforceable?

And so you do not need to write *anything* below your works.

The U.S. hasn't required a notice since 1989 when the U.S implemented the Berne Convention, but it provides evidence that strengthens a copyright owner's case in court.

Re:Urheberrecht

[kill-1]

You can act as if, but you can always go "Fuck you, cooww and shee-keeenn! Now you can't use it anymore!" if they are stupid enough to fall for it.

If an author signs a contract with another party granting an exclusive license to publish a given work, is that unenforceable?

Of course it's enforceable. The OP doesn't have a clue.

Re:Urheberrecht

[amorsen]

For a somewhat more accurate view, look at e.g. Intellectual property protection in Germany and the EU.

The GP must have looked at the origins of Germanic copyright legislation and decided that it both sounds sane and could be a good idea overall (except for the duration perhaps). Alas, like "Intellectual Property" in every other place, the scope gets larger and the results more similar to the rest of the world.

The original US copyright law also sounds like a sane and workable system, even though it was different from the origins of the Germanic copyright legislation. Yet today those completely different systems are almost indistinguishable in practice, at least when it comes to software -- except for the wording you use in contracts involving copyright.

Email the developer

[yesterdaystomorrow]

A lot of stuff on github is experimental, "quick and dirty" code. The amount of effort to, say, put GPL boilerplate in every file isn't large, but it isn't zero, either. So, *ask*. You send mail to me, volunteer to do this small job, I'll probably give you commit access to the repo.

Half is a bad estimate

[bigstumpy]

I have a bunch of projects on github and I'm too lazy to license many of them. If anyone ever emailed me wanting to use them I'd throw up a BSD3 license. I bet a lot of projects on github are lazy or simply don't know how to license a project, but would be happy to give permission to use the code.

Ignorance is no excuse

[hydrofix]

No, using GitHub is not dangerous. But reusing code from the Internet without investigating its licensing status is. Then again, the same goes for anything that you find online, and they teach kids at school these days what you can and can't re-use. Your ignorance will not protect you.

Re:GitHub Terms of Service

[kthreadd]

I guess that means that anyone can create a fork, but isn't necessarily allowed to modify and redistribute that fork.

Why not?

[Arancaytar]

A private repo costs money. Hosting elsewhere costs more.

Maybe saving on hosting outweighs the downside of their code being public.

picking a license is too hard?

[kiddygrinder]

so just make it default copyrighted or default bsd and have done with it.

Re:GitHub Terms of Service

[dbc]

Ohhh NooooEeeesses!! This is exactly like getting a tar.gz of the source!!!!! $DEITY save us all!!!

JavaScript is even worse

[yuhong]

I'm pretty sure the majority of JavaScript are posted without a license.

Just ask!

[netvaibhav]

If a project on Github doesn't mention its license, and you'd want to use that code, just ask the developer!

"All Rights Reserved." Is a meaningless phrase

[imp]

The phrase "All Rights Reserved" is a totally meaningless phrase. It used to be required to retain certain rights in central american countries. It was created by the Buenos Ares convention, and once everybody in central and south america adopted the Berne convention, the phrase no longer had any recognized legal meaning.

It has falsely been asserted that the phrase "All Rights Reserved" makes the Berkeley Copyright statement non-free. This is false because the copyright notices from the Berkeley Unix code base date to a time when the phrase had meaning.

It's only use today is due to inertia.

In short, this article is quite sensational in its ignorance.

Makes sense

[Pf0tzenpfritz]

Makes sense, supposed your coding style is rather... /** BUY CHEAP PENIS REPLICA */ ...marketing-oriented.

Re:Citation: common fucking sense

[icebraining]

Sigh. I'm not talking about it being illegal to compile the program. I'm talking about it being illegal to download it. And it's kinda hard to compile sources without first copying them to your machine.

To use your analogy, I'm not saying that baking cookies is illegal; I'm saying that if the cookbook is on this library called "Github", it's illegal for you to photocopy it in order to bake cookies in your home.

Kind of agree with the people just posting

[fa2k]

If you're going to use a BSD-like licence, it isn't a long step to go public domain instead. Many people (including me in the past) probably don't want to deal with the legal stuff at all, and just want to share the code. It's more difficult for the users of the code, but that's not my problem. Amateurs can use the code privately (there's an implied licence, not in the law but by convention, that when you click some link you have the right to view it).

Music Analogy is a Good One

[neoshroom]

"But if you're not going to give anyone permission to use your code, why post it on GitHub in the first place?"

You can use someone else's code in two perfectly legal ways in this scenario. First, you could copy it and alter it to the point it no longer bears enough resemblance to the original to cause any trouble, even though it still works great. Second, you could simply study it and learn how it works and then start from scratch yourself.

By analogy, this would be like like Green Day copying Chicago copying Led Zeppelin.

Re:Citation: common fucking sense

[icebraining]

Maybe; it's not clear whether you agree to allow forks to other machines or just "Github forks". I wouldn't depend on that ToS as a license.