Language Selection

English French German Italian Portuguese Spanish

Legal

Linux Foundation on Compliance and Openwashing Examples

Filed under
OSS
Legal
  • A new ACT for open source compliance from The Linux Foundation

    What’s new in the world of open source? The Linux Foundation announced that they are launching a new tooling project for improving open source compliance. This new project’s goal is to ensure that when using open source projects, users understand what they are complying with.

    The Linux Foundation continues to be a leading beacon in the FOSS world, with worldwide events and over one million professionals enrolled in their free training courses. Just some of the successful projects that the Linux Foundation hosts include Rook, Node.js, Kubernetes, and Linkerd (which just got a fancy new UI makeover). You don’t have to look far to see names and noteworthy tools that you’re familiar with!

  • The Linux Foundation forms new Automated Compliance Tooling project

    “There are numerous open source compliance tooling projects but the majority are unfunded and have limited scope to build out robust usability or advanced features,” said Kate Stewart, senior director of strategic programs at The Linux Foundation. “We have also heard from many organizations that the tools that do exist do not meet their current needs. Forming a neutral body under The Linux Foundation to work on these issues will allow us to increase funding and support for the compliance tooling development community.”

    As part of the announcement, ACT is also welcoming two new projects that will be hosted at the Linux Foundation: OpenChain, a project that identifies key recommended processes for open-source management; and the Open Compliance Project, which will educate and help developers and companies better understand license requirements.

  • A Closer Look At Tesla's Open-Source Patent Pledge
  • Why Amazon's customer obsession should make it more open source friendly [Ed: What "customer obsession"? Amazon is a surveillance company whose biggest AWS customer is the CIA (with which it shares tons of data from all around the world).]

GPL Licensing: FSF Update Rules Commons Clause Non-Free, Red Hat on Compliance

Filed under
Legal
  • FSF Update Rules Commons Clause Non-Free

    The Free Software Foundation has added the Commons Clause to its list of non-free licenses among a number of recent updates to its licensing materials. Other changes clarify the GNU GPL position on translating code into another language and how to handle projects that combine code under multiple licenses.

  • More companies want fairness to open source license enforcement

    The 16 new companies in this announcement are a diverse set of technology firms whose participation makes evident the worldwide reach of the GPL Cooperation Commitment. They comprise globally-operating companies based on four continents and mark a significant expansion of the initiative into the Asia-Pacific region. They represent various industries and areas of commercial focus, including IT services, software development tools and platforms, social networking, fintech, semiconductors, e-commerce, multimedia software and more.

    The GPL Cooperation Commitment is a means for companies, individual developers and open source projects to provide opportunities for licensees to correct errors in compliance with software licensed under the GPLv2 family of licenses before taking action to terminate the licenses. Version 2 of the GNU General Public License (GPLv2), version 2 of the GNU Library General Public License (LGPLv2), and version 2.1 of the GNU Lesser General Public License (LGPLv2.1) do not contain express “cure” periods to fix noncompliance prior to license termination. Version 3 of the GNU GPL (GPLv3) addressed this by adding an opportunity to correct mistakes in compliance. Those who adopt the GPL Cooperation Commitment extend the cure provisions of GPLv3 to their existing and future GPLv2 and LGPLv2.x-licensed code.

The Latest Relicensing Stories

Filed under
OSS
Legal
  • RISC OS goes Open Source, supports royalty-free Raspberry Pi projects

    As the new owners of Castle Technology Ltd, RISC OS Developments Ltd are proud to announce that RISC OS, the original OS for ARM processors is now available as a fully Open Source operating system (OS), via the Apache 2.0 licence under the continued stewardship of RISC OS Open Ltd.

    A high performance, low footprint OS, incorporating the world-renowned "BBC BASIC" provides a modern desktop interface coupled with easy access to programming, hardware and connectivity. RISC OS was one of the first operating systems to support the massively successful Raspberry Pi, for which it remains an ideal companion. Now truly Open, RISC OS make an ideal choice for royalty-free ARM-based projects.

  • Finally! The Venerable RISC OS is Now Open Source

    It was recently announced that RISC OS was going to be released as open-source. RISC OS has been around for over 30 years. It was the first operating system to run on ARM technology and is still available on modern ARM-powered single-board computers, like the Raspberry Pi.

  • Making the GPL more scary

    For some years now, one has not had to look far to find articles proclaiming the demise of the GNU General Public License. That license, we are told, is too frightening for many businesses, which prefer to use software under the far weaker permissive class of license. But there is a business model that is based on the allegedly scary nature of the GPL, and there are those who would like to make it more lucrative; the only problem is that the GPL isn't quite scary enough yet.

    The business of selling exceptions to the GPL, where one pays the copyright holder for a proprietary license to the code, has been around for a long time; MySQL AB was built on this model, for example. Companies that buy such a license normally do so because they fear that their own code may fall under the requirements of the GPL; vendors tend to take an expansive view of what constitutes a derivative work to feed those fears and encourage sales. It is a model that has been shown to work, and it has generally passed muster even with organizations that are committed to the spread of free software.

MongoDB Becomes Less Affero GPL-Like

Filed under
Server
OSS
Legal
  • Fed up with cloud giants ripping off its database, MongoDB forks new open-source license

    After Redis Labs relicensed the modules it developed to complement its open-source database, from AGPL to Apache v2.0 with a Commons Clause, the free-software community expressed dismay.

    And, inevitably, some responded by forking the affected code.

    Today, the maker of another open source database, MongoDB, plans to introduce a license of its own to deal with the issue cited by Redis: cloud service providers that sell hosted versions of open-source programs – such as Redis and MongoDB database servers – without offering anything in return.

    "Once an open source project becomes interesting or popular, it becomes too easy for the cloud vendors to capture all the value and give nothing back to the community," said Dev Ittycheria, CEO of MongoDB, in a phone interview with The Register.

    Ittycheria pointed to cloud service providers such as Alibaba, Tencent, and Yandex. Those companies, he claims, are testing the boundaries of the AGPL by benefiting from the work of others while failing to share their code.

  • MongoDB switches up its open-source license

    MongoDB is a bit miffed that some cloud providers — especially in Asia — are taking its open-source code and offering a hosted commercial version of its database to their users without playing by the open-source rules. To combat this, MongoDB today announced it has issued a new software license, the Server Side Public License (SSPL), that will apply to all new releases of its MongoDB Community Server, as well as all patch fixes for prior versions.

    Previously, MongoDB used the GNU AGPLv3 license, but it has now submitted the SSPL for approval from the Open Source Initiative.

  • MongoDB license could push open source deeper into cloud: Is this what industry needs?

    Things just got serious in open source land. Despite the occasional Commons Clause or Fair Source licensing attempt to change the meaning of the words "open source" to include "the right for a private company to make money from its open source efforts," we've stuck to the Open Source Definition, and it has served us well. Open source communities have become the center of the innovation universe, giving us exceptional code like Linux, Kubernetes, Apache Kafka, and more.

  • It's MongoDB's turn to change its open source license

    The old maxim that the nice thing about standards is that there are so many to choose from could well apply to open source licensing. While now nearing a couple years old, the last WhiteSource Software survey of the top 10 open source licenses found close competition between the GPL, MIT, and Apache licenses. While the commercial-friendly Apache license has dominated the world of big data platforms and AI frameworks, MIT and GPL (which has "copyleft" provisions requiring developers to contribute back all modifications and enhancements) continues to be popular. GPL and variants such as the AGPL have been popular amongst vendors that seek to control their own open source projects, like MongoDB.

  • Matthew Garrett: Initial thoughts on MongoDB's new Server Side Public License

    MongoDB just announced that they were relicensing under their new Server Side Public License. This is basically the Affero GPL except with section 13 largely replaced with new text, as follows:

    "If you make the functionality of the Program or a modified version available to third parties as a service, you must make the Service Source Code available via network download to everyone at no charge, under the terms of this License. Making the functionality of the Program or modified version available to third parties as a service includes, without limitation, enabling third parties to interact with the functionality of the Program or modified version remotely through a computer network, offering a service the value of which entirely or primarily derives from the value of the Program or modified version, or offering a service that accomplishes for users the primary purpose of the Software or modified version.

    “Service Source Code” means the Corresponding Source for the Program or the modified version, and the Corresponding Source for all programs that you use to make the Program or modified version available as a service, including, without limitation, management software, user interfaces, application program interfaces, automation software, monitoring software, backup software, storage software and hosting software, all such that a user could run an instance of the service using the Service Source Code you make available."

    MongoDB admit that this license is not currently open source in the sense of being approved by the Open Source Initiative, but say:"We believe that the SSPL meets the standards for an open source license and are working to have it approved by the OSI."

    At the broadest level, AGPL requires you to distribute the source code to the AGPLed work[1] while the SSPL requires you to distribute the source code to everything involved in providing the service. Having a license place requirements around things that aren't derived works of the covered code is unusual but not entirely unheard of - the GPL requires you to provide build scripts even if they're not strictly derived works, and you could probably make an argument that the anti-Tivoisation provisions of GPL3 fall into this category.

New Paper From Mark Shuttleworth and Eben Moglen

Filed under
Ubuntu
Legal
  • Automotive Software Governance and Copyleft

    The Software Freedom Law Center is proud to make available a whitepaper by Mark Shuttleworth, CEO of Canonical, Ltd., and Eben Moglen, Founding Director of the Software Freedom Law Center and Professor of Law at Columbia Law School. The whitepaper shows how new capabilities in the free and open source software stack enable highly regulated and sensitive industrial concerns to take advantage of the full spectrum of modern copyleft software.

    Software embedded in physical devices now determines how almost everything – from coffee pots and rice cookers to oil tankers and passenger airplanes – works. Safety and security, efficiency and repairability, fitness for purpose and adaptability to new conditions of all the physical products that we make and use now depend on our methods for developing, debugging, maintaining, securing and servicing the software embedded in them.

  • SFLC: Automotive Software Governance and Copyleft

    The Software Freedom Law Center has announced the availability of a whitepaper [PDF] about automotive software and copyleft, written by Mark Shuttleworth and Eben Moglen. At its core, it's an advertisement for Ubuntu and Snap, but it does look at some of the issues involved.

Open Invention Network is a Proponent of Software Patents -- Just Like Microsoft -- and Microsoft Keeps Patents It Uses to Blackmail Linux Vendors

Filed under
Linux
Microsoft
Legal

OIN loves Microsoft; OIN loves software patents as well. So Microsoft’s membership in OIN is hardly a surprise and it’s not solving the main issue either, as Microsoft can indirectly sue and “Microsoft has not included any patents they might hold on exfat into the patent non-aggression pact,” according to Bradley M. Kuhn

Read more

​Redis Labs and Common Clause attacked where it hurts: With open-source code

Filed under
OSS
Legal

After Redis Labs added a new license clause, Commons Clause, on top of popular open-source, in-memory data structure store Redis, open-source developers were mad as hell. Now, instead of just ranting about it, some have counterattacked by starting a project, GoodFORM, to fork the code in question.

Read more

Vember Audio’s Surge Plug-in Liberated Under GNU GPLv3

Filed under
GNU
OSS
Legal
  • Surge Synth Set Free

    Vember Audio tells us that, as of 21th September 2018, Surge stopped being a commerical product and became an open-source project released under the GNU GPL v3 license. They say that, for the existing users, this will allow the community to make sure that it remains compatible as plug-in standards and Operating Systems evolve and, for everyone else, it is an exiting new free synth to use, hack, port, improve or do whatever you want with.

  • Vember Audio’s Surge synth plugin is now free and open-source

    Reviewing Vember Audio’s Surge synth over a decade ago, we said: “This is a big, beautiful-sounding instrument. It's not cheap, but few plugins of this quality are.” Well, the sound hasn’t changed, but the price has; in fact, Surge has just been made free and open-source.

    Thanks to its wavetable oscillators and FM-style algorithms, Surge is capable of creating some pretty sparkling sounds, but it also has analogue-style functions that make it suitable for producing vintage keyboard tones.

    Vember Audio says that it’s been set free so that it can continue to be developed by the community and remain compatible with current standards and operating systems.

The Software Freedom Conservancy on GPLv2 irrevocability

Filed under
GNU
Linux
Legal

For anybody who has been concerned by the talk from a few outsiders about revoking GPL licensing, this new section in the Software Freedom Conservancy's copyleft guide is worth a read.

Read more

My code of conduct

Filed under
Linux
Legal

There are many “code of conduct” documents. Often they differ a lot. I have my own and it is probably the shortest one:

Do not be an asshole. Respect the others.

Simple. I do not care which gender people have when I speak with them (ok, may stare at your boobs or butt once) nor their sexual preferences. Colour of the skin does not matter as most of my friends I first met online without knowing anything about them. Political stuff? As long as we can be friends and do not discuss it I am fine. Etc etc.

It works on conferences. And in projects where I am/was involved.

Someone may say that part of it was shaped by working for corporation (is Red Hat corpo?) due to all those no harassment regulations and trainings. I prefer to think that it is more of how I was raised by parents, family and society.

Read more

Syndicate content

More in Tux Machines

KDE4 and Plasma 5 for Slackware

  • KDE4 and Qt4 deprecation in FreeBSD
    This is a reminder — for those who don’t read all of the FreeBSD mailing lists — that KDE4 is marked deprecated in the official ports tree for FreeBSD, and will be removed at the end of this year (in about 20 days). Then Qt4 will be removed from the official ports tree in mid-march. Since both pieces of software are end-of-life and unmaintained upstream already for several years, the kde@ team at FreeBSD no longer can maintain them. Recent time-sinks were dealing with OpenSSL 1.1.1, libressl, C++17, .. the code is old, and there’s newer, nicer, better-maintained code available generally by replacing 4 with 5.
  • KDE Plasma 5 for Slackware – end of the year edition
    I just uploaded a whole new batch of packages containing KDE Plasma5 for Slackware. The previous batch, KDE 5_18.10 is already two months old and has some library compatibility issues. The new KDE 5_18.12 for Slackware consists of KDE Frameworks 5.53.0, Plasma 5.14.4 and Applications 18.08.3. All this on top of Qt 5.11.3. Compiled on the latest Slackware -current, it’s running smoothly here on my laptop. I decided against upgrading to QT 5.12.0. This is a new LTS release, but I will wait for the other distros to find bugs in this new software. Next week, KDE will release KDE Applications 18.12.0 and that too is something I want to check a bit before releasing Slackware packages. Therefore it’s likely that a new batch of packages containing Qt 5.12 and KDE Applications 18.12 will see the light shortly after the New Year.

Programming: GCC, LLVM, Rust, Ruby and Python

  • GCC 9 Guts Out The PowerPC SPE Support
    It should come as no surprise since it was deprecated in this year's GCC 8 release, but the PowerPC SPE code has been removed. This isn't to be confused with conventional POWER/PowerPC but rather PowerPC SPE that is for the "Signal Processing Engine" on older FreeScale/IBM cores like the e500. It's not all that important these days and doesn't affect newer versions of the 64-bit Power support.
  • LLVM's OpenMP Runtime Picks Up DragonFlyBSD & OpenBSD Support
    Good news for those using the LLVM Clang compiler on OpenBSD or DragonFlyBSD: the OpenMP run-time should now be supported with the latest development code.
  • Nick Cameron: Rust in 2022
    In case you missed it, we released our second edition of Rust this year! An edition is an opportunity to make backwards incompatible changes, but more than that it's an opportunity to bring attention to how programming in Rust has changed. With the 2018 edition out of the door, now is the time to think about the next edition: how do we want programming in Rust in 2022 to be different to programming in Rust today? Once we've worked that out, lets work backwards to what should be done in 2019. Without thinking about the details, lets think about the timescale and cadence it gives us. It was three years from Rust 1.0 to Rust 2018 and I expect it will be three years until the next edition. Although I think the edition process went quite well, I think that if we'd planned in advance then it could have gone better. In particular, it felt like there were a lot of late changes which could have happened earlier so that we could get more experience with them. In order to avoid that I propose that we aim to avoid breaking changes and large new features landing after the end of 2020. That gives 2021 for finishing, polishing, and marketing with a release late that year. Working backwards, 2020 should be an 'impl year' - focussing on designing and implementing the things we know we want in place for the 2021 edition. 2019 should be a year to invest while we don't have any release pressure. To me, investing means paying down technical debt, looking at our processes, infrastructure, tooling, governance, and overheads to see where we can be more efficient in the long run, and working on 'quality of life' improvements for users, the kind that don't make headlines but will make using Rust a better experience. It's also the time to investigate some high-risk, high-reward ideas that will need years of iteration to be user-ready; 2019 should be an exciting year!
  • A Java Developer Walks Into A Ruby Conference: Charles Nutter’s Open Source Journey
    As a Java developer, Nutter began looking for an existing way to run Ruby within a Java runtime environment, specifically a Java virtual machine (JVM). This would let Ruby programs run on any hardware or software platform supported by a JVM, and would facilitate writing polyglot applications that used some Java and some Ruby, with developers free to choose whichever language was best for a particular task.
  • Good ciphers in OpenJDK
  • Don’t delete the same file in its own directory
  • Create a home button on the pause scene

Audiocasts/Shows: Going Linux, Linux Thursday and More

  • Going Linux #358 · Listener Feedback
    This month we have voice feedback from Paul, suggestions on alternatives for G+, a question on OpenVPN, feedback and problems moving to Linux. Troy provides a Going Linux story on software for Linux users.
  • Linux Thursday - Dec 6, 2018
  • Gnocchi: A Scalable Time Series Database For Your Metrics with Julien Danjou - Episode 189
    Do you know what your servers are doing? If you have a metrics system in place then the answer should be “yes”. One critical aspect of that platform is the timeseries database that allows you to store, aggregate, analyze, and query the various signals generated by your software and hardware. As the size and complexity of your systems scale, so does the volume of data that you need to manage which can put a strain on your metrics stack. Julien Danjou built Gnocchi during his time on the OpenStack project to provide a time oriented data store that would scale horizontally and still provide fast queries. In this episode he explains how the project got started, how it works, how it compares to the other options on the market, and how you can start using it today to get better visibility into your operations.

Best Lightweight Linux Distros for Older Computers

Don’t throw away that old Pentium III tower and CRT monitor just yet! While that old laptop in the closet may not be able to run Windows 10 or macOS Mojave, it doesn’t mean it’s destined for the dump. Many Linux distributions are made specifically for utilizing the ancient, underpowered hardware found in older machines. By installing these lightweight distros, you can breathe new life into an old PC thought to be long past its prime. Here are the best lightweight Linux distros that we’ve picked out from the pile. Read more