Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Feedback from John Sullivan talk on license choosers #335

Closed
bkeepers opened this issue Jan 31, 2016 · 5 comments

Comments

Projects
None yet
2 participants
@bkeepers
Copy link
Contributor

commented Jan 31, 2016

John Sullivan from FSF gave a great talk at FOSDEM on license choosers. He had some helpful observations and recommendations for choosealicense.com that I've attempted to summarize here:

  • Make the agenda explicit. Any attempt to simplify and summarize options will have implicit biases, so at least name them.
  • MIT
    • Being the first one listed puts it in a (potentially) privileged position
    • The heading of being "Simple & Permissive" could be seen as more appealing
    • "short and to the point" is not normative
    • 2 examples listed instead of 3
  • Apache:
    • description is not as compelling as MIT
    • "I’m concerned about patents” is not a distinguishing feature from GPL, creating a false dichotomy
    • description builds on MIT
    • Patent text is unclear
  • GPL
    • fix name: GNU GPL
    • none of the examples are GPL v3
    • “further restricts” is slanted phrase
    • “hardware that forbids software alterations” is not entirely correct
    • Recommended change: “It lets people do anything they want with your code as long as, if they give your code or something based on it to others, they give those people the same

Anyone else that saw the talk: please correct or add to these points.

@bkeepers

This comment has been minimized.

Copy link
Contributor Author

commented Jan 31, 2016

Make the agenda explicit. Any attempt to simplify and summarize options will have implicit biases, so at least name them.

The README lists the immediate goals, but it may be worth further clarifying. In a comment at the end of the session, I described our agenda as (in this order):

  1. Get project maintainers to choose a license (which means simplifying as much as necessary)
  2. Reflect consensus of community and license authors as accurately as possible
@mlinksva

This comment has been minimized.

Copy link
Contributor

commented Feb 1, 2016

Seems like reasonable feedback. I can begin to implement, or rather continue to implement, once #336 which addresses the lack of GPLv3 examples, is merged.

As I've mentioned elsewhere, I'd rather not have GPLv2 at all on the home page. That would solve needing to try to differentiate between v2 and v3 on the home page, which is hard to get correct and way too much detail for 99%. Wonder if John mentioned any preference there?

mlinksva added a commit that referenced this issue Feb 5, 2016

Node differences in copyleft scope in description field. Use suggestion
from John Sullivan in #335 as base description language.

@mlinksva mlinksva referenced this issue Feb 5, 2016

Merged

Copyleft tweaks #344

mlinksva added a commit that referenced this issue Feb 16, 2016

mlinksva added a commit that referenced this issue Mar 2, 2016

rm gplv2 from homepage
- remove descrption of v2 v3 difference
- add to description v3 express patent grant
- update example projects to only include v3 ones
- move v2 projects to gplv2 license using property

partially addresses feedback in #335
@mlinksva

This comment has been minimized.

Copy link
Contributor

commented Mar 3, 2016

Abstract, video

I'm mildly surprised http://home.ccil.org/~cowan/floss/ wasn't mentioned. It's the best.

At about 48 minutes someone claims to be surveying developers of projects that have changed their projects' licenses. Would love to know who this is or better a link to their publications.

@mlinksva

This comment has been minimized.

Copy link
Contributor

commented Mar 14, 2016

John Sullivan seems to like the changes so far https://twitter.com/johns_FSF/status/709408622258864130 though there's still quite a bit more to do.

@mlinksva

This comment has been minimized.

Copy link
Contributor

commented Apr 14, 2016

At about 48 minutes someone claims to be surveying developers of projects that have changed their projects' licenses. Would love to know who this is or better a link to their publications.

Probably http://www.cs.wm.edu/~denys/pubs/ICSME'15-LicensingSurvey-CRC.pdf which mined 12 million public projects listed via the GitHub API, from which 381,161 Java projects were identified, of these 16,221 projects were randomly selected. The commit histories of selected projects (1,731,828 commits spanning 4,665,611 files) were used "to identify the commits where licenses were added or changed" finding 1,833 projects with delayed initial license addition or licensing change. From those projects, 2,398 developers with valid e-mail addresses for non-Android (which "have always been licensed under the Apache license") were invited to a survey about their "involvement in licensing-related decisions"; 138 responded (5.75%, below 10% "often achieved in survey studies"), 76 indicated involvement in determining project licensing and 52 completed the entire 7 question survey. There's a table of survey results on page 7.

Very brief mention (bolded):

A feature provided by the forge to support domain sug-
gested licensing could benefit practitioners. Since developers
indicated that licensing is difficult, a more informative feature
could help practitioners determine the appropriate licensing.
For instance, the current licensing support feature provided by
GitHub feature is not particularly informative for developers.
Basically, it provides a link to choosealicense.com, but does
not provide further guidance to the developer. Also, it does not
cover issues related to compatibilities at all. Moreover, appli-
cations within the same domain may be utilizing some of the
same dependencies or require similar grants for redistribution
and reuse. To better support developers, a forge could include
a domain analysis feature to detect similar applications [22]
and suggest to the developer/maintainer the license used by
similar systems (if no other criteria has been considered, such
as community or dependencies).

mlinksva added a commit that referenced this issue Jun 7, 2016

Add existing project situation, leave 1 permissive, 1 copyleft choice
This is a **draft**, probably will be controversial, definitely needs
wordsmithing.

Fixes #380 "No clear message on why to choose an open source license"
-- added line under heading

Fixes #335 "Feedback from John Sullivan talk on license choosers"
-- remaining items were (roughly) to not surface patents at this
level, and to surface choice between allowing proprirary/closed
source or not

Fixes #239 "Consider discussing ecosystems with an already predominant
license" (well, it doesn't *discuss* but there's a page for that,
unlinked til now) and makes the default recommendation of just about
everyone -- use exisitng project/community's license if applicable
-- prominent on the site

Closes #48 "Proposed modified workflow: make permissive/copyleft
and patents orthogonal" though probably not in way submitter would
favor. I could be convinced that Apache-2.0 should be featured
rather than MIT because of the former's express patent grant, but
as it stands I'm not sure the complexity of Apache-2.0 (and for a
weak grant, relative to GPLv3) is worth it relative to MIT. There's
some value in the first license a user looks at being really easy
to understand. The continued popularity of MIT and simialar ISC and
BSD-2/3 seems to indicate people want that simplicity. And where
are the holdups based on patents supposedly infringed by open source
projects under licenses without an express patent grant that could
not have happened had those projects been under Apache-2.0? Please
educate me! :)

Any and all feedback most welcome.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
You can’t perform that action at this time.