Ask HN: What do you think about EUPL in comparison to other copyleft licences?
https://joinup.ec.europa.eu/collection/eupl/eupl-text-eupl-12
I saw e.g. https://news.ycombinator.com/item?id=37160740 and https://news.ycombinator.com/item?id=14053129 but they don't contain discussions.
I like that:
1. I can read it in my native legalese and not just the English one.
2. That it is fully translated into 23 languages (and not in a "this-is-not-the-real-legal-text" way), but each is binding.
3. That it was created for the jurisdiction where I live, and not just for the US judicial system.
4. That linking to my program does not force the other program to use my licence, but using my code enforces that product to use a copyleft licence. Real explanation on https://joinup.ec.europa.eu/collection/eupl/news/understanding-eupl-v12
Are there key things that I'm missing? Are there other problems than the ones nodemailer had?
Would love to hear some opinions.
17 comments
[ 3.5 ms ] story [ 54.3 ms ] threadFor OSS applications, I use EUPL (eg. https://wildduck.email/) or AGPL copyleft licenses. The license does not stop anyone using it as an application, but at the same time people are not free to copy, rename and sell it either.
Why not something like MPLv2 then? It does give the opportunity to use the library without issues, the only constraint (compared to e.g. MIT) being that changes to the library needs to be distributed. If you don't change it, then it's pretty much like MIT.
To me, MPLv2 is superior to MIT in the sense that it gives developers leverage against their management. If I tell my manager "I fixed a bug in this MIT library, can I contribute it upstream?", the answer is often "let's discuss that later" or "hmm we'll have to see with legal" or "are you sure that it is not a competitive advantage for us?". In my experience, managers never see value in contributing anything back.
Now if the library is MPLv2, I can use it just like MIT, but if I fix a bug I can tell my manager: "it is MPLv2, which means that I must distribute my changes. Are you fine with me contributing them upstream?". Again in my experience, the manager will just say "if you have to, then do it". Even though (AFAIU) MPLv2 does not enforce contributing upstream: you just have to distribute the changes with the software (to your customers). But managers generally don't know anything about licenses, so "contributing upstream" is a good-enough approximation.
TL;DR: with MPLv2, the developer has leverage to bring their changes upstream. With MIT, the manager can happily keep the changes proprietary. I am a developer, I want to open source my code. Therefore I want copyleft.
For me, it is mostly about "sharing the code" as in: I put it somewhere and anyone who wants can use it. But if they adapt or remix it, they should also use a free license (ideally contribute back to my project).
> in the sense that it does not prevent tivoization?
I'm not sure, but I guess it does not protect against tivoization because if I were to distribute an executable or library, that could be used on a blackbox with proprietary code without them requiring to open their own code.
Sure, I did not express it correctly. I really just wondered about the tivoization.
> But if they adapt or remix it, they should also use a free license
I think that the code has to stay EUPL, but if you merge it into, say, a bigger GPL project, then the whole project can count as GPL. But the EUPL code inside stays EUPL, right?
That's the difference between GPLv2 and GPLv3: if you buy an Android smartphone, you are entitled to receive the Linux source code for that smartphone. But maybe there is a secure boot and it is impossible for you to flash an updated version of Linux.
GPLv3 says that not only you should receive the source code, but also instructions about how to flash your own version of the covered software.
It feels like EUPL is closer to GPLv2 in that sense, right? Which is fine, but it's good to know.
One is the size of the pile of money you are willing to pay lawyers to enforce it. Because there is no software license enforcement agency that is going to sue neerdowells on your behalf.
The other is excluding good actors who don't want to deal with it. Obscure licenses increase the number of good actors who will forego using the software because parsing non-standard licenses is work and raises questions about the competence and/or motives of the developer.
Obscure licenses don't protect users. Good luck.
Thanks for the good luck wishes, but I don't intend to throw money towards enforcing the license at all. I mostly don't want to be liable for code that I open source.
And restricting it to EU would solve the problem that e.g. WTFPL or UNLICENSE have with countries that don't acknowledge public domain.
This is more a question out of curiosity for me, and many people react allergic to viral licenses, GNU or RMS so I was looking for alternatives because I also heard there were issues with CC-share-alike.
1. The bad actor case: On my side of the equation there is no practical difference between licenses. Enforcing one or the other has the same legal costs…either I lawyer up and enforce whatever license I used or I don’t.
2. The good actor case: When users are unfamiliar with a license they are less likely to use it (or in a business context less likely to be allowed to use it).
By the way, CC-0 is an alternative to the public domain.
Businesses typically don't want copyleft because they don't want to share anything (even if that is counter-productive). If more codebases used copyleft, I'm convinced that more businesses would know how to deal with it.
My second thought here is that I don't like this "people won't use is" blackmail. I write software that I share for free, I am entitled to choose under which conditions you can use it. If you can't be arsed to spend the time needed to understand my conditions (and the EUPL is not exactly a 200-pages long license), then don't use it. It's not like you were going to pay me anyway, right?
When I don't want to share my work, I simply keep my work to myself.
You are indeed free to choose whatever license you want.
I have zero issues with that.
In my experience, many developers tend to prefer the licenses that are better for their company. And I don't get that. They should prefer the licenses that are better for themselves. If my company is forced to use a GPL library because there is no alternative, then I get to open source my code. That's great for me personally! Conversely, if I get to publish code I wrote in my company, if I manage to do it under a copyleft license, it helps other developers open source their code.
I understand that GPL/LGPL maybe scary in some situations (how do you deal with LGPL in a proprietary iOS app?), but I haven't found a single example where MPLv2 doesn't work. I don't see a reason to use a permissive license, MPLv2 is always fine.
As a developer, it's never good for me to help a company get permissive code for free.