Join GitHub today
GitHub is home to over 28 million developers working together to host and review code, manage projects, and build software together.Sign up
Update license to CC-BY-NC-SA-4.0 #1238
Jun 28, 2018
As noted, we are not "relicensing" existing code committed prior to June 15, 2018. We are sub-licensing as explicitly allowed by the MIT license. All preexisting code is still available under MIT terms.
Anyone may modify and/or redistribute the Brakeman code as allowed under CC-BY-NC-SA-4.0.
The only restriction on use or distribution of Brakeman code is when it is included as part of a commercial product that uses Brakeman as a feature of the product itself (i.e. "Brakeman-as-a-Service"). This does not prevent you from using Brakeman to scan your own applications or even from using Brakeman as part of a professional security assessment. It does not mean you cannot include the Brakeman gem in your Gemfile, even if your application is a commercial product.
We will be asking that future contributions be explicitly assigned to Synopsys, Inc. and made available under the same Creative Commons license. However, please note that Brakeman, Inc. also has a irrevocable perpetual license to the Brakeman code owned by Synopsys. This allows us to guarantee the continued availability of Brakeman.
As the author of nearly 90% of Brakeman's current code, the original creator, and the maintainer for the past eight years and 109 releases, I am committed to continuing to maintain Brakeman in the same manner I have been doing so since its inception. It is literally part of my job now.
In other words, the vast majority of Brakeman users are not affected by this license change and should not be worried about the future of Brakeman.
Is it the 'or' redundant? It's confused me that if I can use Brakeman to scan commercial product that not using Brakeman as a feature.
I have added some additional information in #1239