GPLv3 explained

GPLv3.md

GPL3 LICENSE SYNOPSIS

TL;DR* Here's what the license entails:

1. Anyone can copy, modify and distribute this software.
2. You have to include the license and copyright notice with each and every distribution.
3. You can use this software privately.
4. You can use this software for commercial purposes.
5. If you dare build your business solely from this code, you risk open-sourcing the whole code base.
6. If you modify it, you have to indicate changes made to the code.
7. Any modifications of this code base MUST be distributed with the same license, GPLv3.
8. This software is provided without warranty.
9. The software author or license can not be held liable for any damages inflicted by the software.

More information on about the LICENSE can be found here

And of course the definitions of what is modification of said code vs some larger equivalence set kicks it all off. So, very helpful but can sometimes by it's own wording and actual legal merit across the planet have varying sense that. That entails both legally, philosophically, ortographically and what not.

@kn9ts Someone stole my code when it was licensed, what shall I do?? 😒

6. If you modify it, you have to indicate changes made to the code.

Is "it" the License?

are the "changes" if i were to make general changes like comitting and pushing it to the repo, or changing the rights that a user gets with the software? Thanks in advance.

I believe "it" refers to the software. "Changes" are all changes no matter what you change at the software.

So say you sell a custom distribution (with modifications) of the code to a client, you have to publish the new custom repo as a public repo on github ? Is that it ?

That would be ok. GPLv3 is viral, so it infects any replicating [modified] code with the licence, such that the sources for said modifications, if any, must be available. This can be in form of a publically accessible uri yes, including github.

We have a mobile application that will connect to our backend services on the cloud. One of our micro-services uses an open-source under GPLv3 license. Do we need to make our code-base of the whole application (include mobile app and micro-services) or we just need to open-source the service that uses the GPLv3 license?

@hoang-innomizetech , you need not open source your service that's using a GNU project. This only works when you distribute that particular library to a client , say as an enterprise solution or the likes. You running it on your server doesn't call for the open source viral clause as long as you're not modifying specifically the library itself and building business off of it.

The reason why I confused is the below statement was mentioned in this article https://tldrlegal.com/license/gnu-general-public-license-v3-(gpl-3)

All code linked with GPL 3.0 source code must be disclosed under a GPL 3.0 compatible license.

@kssvrk We only use the library under GPLv3 license and managing it on our private servers, we only public our front-end application (web or mobile) to end-users, we don't distribute the binary of the component that uses GNU project since this is on the server-side. So based on our answer, we don't have to make our code-base public, right?

Regarding the library, we could fork it and then use our modified library, that forked repo still license under GPLv3 license

@hoang-innomizetech
First of all: I am not a lawyer and therefore cannot make any legally reliable statements.

It is so if you only execute an application "internally" on your server, e.g. through a web application, then you do not have to publish the code. This is because the license was originally developed so that all people who have a program on their computer that is under the GPL should have the right to view the code and edit it so that the program does exactly what YOU want.
So if you enter a website and use this data to pass it on to a mobile app which is not under the GPL and does not use any plugins or libraries that use it and you do not have to use another license that requires to publish the code you don't have to PUBLISH YOUR CODE!

GPL3 is very infectious and although one is not distributing , the GPL3 is clearly stating that by linking (making use of) GPL 3 libraries, your code is automatically 3.0. So your private code is GPL3 now. You can of course avoid any demands of seeing it, because you are not distributing it. By not distributing, despite being GPL3, you do not have any obligation to provide the source(s) no. But it's definitely GPL3 (forks or otherwise derivative work). So in the future if you ever use it in something where the code is considered distributed, you will have to provide your sources if asked for.

In other words , to your web service, I won't reply on those specifics as I don't know what you or service is or does in detail, but you are committing in the long term an opportunity cost. Passing it on to even servicing technicians could make an unfaithful servant or just a prick decide to claim you are now distributing and so must disclose your sources. Gotta be careful with viruses. 🗡️
(edited for slightly better clarity).

@hoang-innomizetech: @lulcat is correct. If you mobile/web application is internally calling a cloud based GPL3 library or software automatically/directly, it is linked to your application. In that case, you are obliged to release your code under GPL3. However, if you manually run a GPL3 software internally, get its results/data, store the results (in DB or files) and 'use' the results/data in your server then you are not linking your code with external software's GPL3 code.

Multiple options exist in the industry: 1) Understand the GPL3 code and replicate it in a different programming language with modifications (you could claim that it is your original code). 2) Run the GPL3 software for all possible input options, generate results and store them in a cloud instance to be used by your software (if this is feasible of course). 3) Look for other similar libraries that have a different license, and try to improve them with the concepts used by GPL3 library. 4) Request the GPL3 author to release it under a different license (most of them do not really understand the difference between different OSS licenses). The friendly OSS license regimes include ApacheV2, Creative Commons, amongst others.

Very helpful, thank you!

@vijayaparthiban I don't agree that just by calling another application that application would be bound to GPL3 code unless the code bases intertwine. The goal of the license is to protect intellectual property. Let's say I need a microservice to manage users within my organisation. And I use some opensource solution to implement single signon. I would not need to opensource every single application in the whole organisation just because I use this product (for something it was supposed to be used for). Sure, if you fix something, or you add a nice feature, share it with the community. Don't resell it. As an author that is what you want. The license is not a meant to hyjack your entire organisation. You don't want to put a lot of effort into something, then share it, and witness people claiming your work as their own and make money at the expense of your community. It's fair to set expectations on how the code is distributed. So if I would build another application on top of the opensource product, or include its libraries, and build my business on some cloud based authentication service, then I would obviously violate the license terms. Sure, we live in a world where a laywer can succesfully get money from a company for not warning a dumb customer about putting cats in a microwave, but that's another (legal) story.

Not a single company out there would use, contribute or fund opensource projects that would legally require them to put their entire business on github ^^

Can a GNU GPL legal expert (JD in IP please) explain exactly what the following quote from the GPL means in the context of a proprietary work that contains GNU GPL code?
Specifically, does GPL compliance require the open-sourcing in totality of any proprietary source code base that touches GPL code?
The FSF dances around this, goes into moralizing and PR, and does not provide a straight answer.
If the GNU GPL requires open sourcing in totality of any source code base that touches GPL code, how is this enforced other than by hijacking copyright to the entire source code base, and placing it under the GPL?
How is this even legal?

I have yet to find a coherent explanation of this portion of the GPL license anywhere. Just lots of opinions.

' To "modify" a work means to copy from or adapt all or part of the
work in a fashion requiring copyright permission, other than the
making of an exact copy. The resulting work is called a "modified
version" of the earlier work or a work "based on" the earlier work. '
--GNU General Public License Version 3, 29 June 2007 '

Thank you in advance.

@DaanBiesterbos Looking at your reply just now. Let me breakdown your comment into a few bits and pieces.

1. Let's say I need a microservice to manage users within my organisation....
   This falls in a grey area. ie. If you use the microservice -within- your organisation, you may not be distributing. If you use it to sell your service/product externally, then your are distributing.

2. Secondly, I agree with your whole comment from a fairness point of view. You are 100% correct and there is bunch of OSS licenses that are fully supportive of that (eg, Apache License 2.0 is just fine)

3. My original comment mainly applies to a few restrictive OSS licenses such as GPLv3.0 or Affero GPL. I still standby by comment unfortunately (it is not my personal wish :) ie. If you use GPLv3.0 code within your service and distribute your product/service, then the license would expect you to OS the whole code. It may not be fair, but it is what it is. Also, if you do it anyway, then the original author may not sue you just because many of them IMO do not know the difference between GPLv2.0 and GPLv3.0 and adopt a higher version believing it is better. However, if your competitor finds out there is a remote probability that they may sue or expose you.

4. A bit of history on why GPL3.0 was created. Suse Linux signed an agreement with Microsoft to settle all the lawquits when MS sued them for violating their patents in the OSS code. By enforcing GPL3.0 into OSS software the OSS community forced MS to abandon suing other Linux vendors. ie. If they extended the OSS code elsewhere they had to open their code.

Disclaimer: I am not a legal expert, so enquire a lawer who specialises in it (we did).

@imagtek Know the version of your license. Is it GPLv3.0? If so, it may not forgiving unfortunately. If you use it within your service, it may affect all the code.

Thank you for information. Much appreciated.

…

On 2022-03-05 07:40, vijayaparthiban wrote: @vijayaparthiban commented on this gist. ------------------------- @imagtek [1] Know the version of your license. Is it GPLv3.0? If so, it may not forgiving unfortunately. If you use it within your service, it may affect all the code. -- Reply to this email directly, view it on GitHub [2], or unsubscribe [3]. Triage notifications on the go with GitHub Mobile for iOS [4] or Android [5]. You are receiving this because you were mentioned.Message ID: ***@***.***> Links: ------ [1] https://github.com/imagtek [2] https://gist.github.com/cbe95340d29fc1aaeaa5dd5c059d2e60#gistcomment-4086446 [3] https://github.com/notifications/unsubscribe-auth/AH7PPVMKYZHG2YHS4ZB5JQDU6NI2JANCNFSM4IOZWDWQ [4] https://apps.apple.com/app/apple-store/id1477376905?ct=notification-email&mt=8&pt=524675 [5] https://play.google.com/store/apps/details?id=com.github.android&referrer=utm_campaign%3Dnotification-email%26utm_medium%3Demail%26utm_source%3Dgithub

@DaanBiesterbos Looking at your reply just now. Let me breakdown your comment into a few bits and pieces.

1. Let's say I need a microservice to manage users within my organisation....
   This falls in a grey area. ie. If you use the microservice -within- your organisation, you may not be distributing. If you use it to sell your service/product externally, then your are distributing.
2. Secondly, I agree with your whole comment from a fairness point of view. You are 100% correct and there is bunch of OSS licenses that are fully supportive of that (eg, Apache License 2.0 is just fine)
3. My original comment mainly applies to a few restrictive OSS licenses such as GPLv3.0 or Affero GPL. I still standby by comment unfortunately (it is not my personal wish :) ie. If you use GPLv3.0 code within your service and distribute your product/service, then the license would expect you to OS the whole code. It may not be fair, but it is what it is. Also, if you do it anyway, then the original author may not sue you just because many of them IMO do not know the difference between GPLv2.0 and GPLv3.0 and adopt a higher version believing it is better. However, if your competitor finds out there is a remote probability that they may sue or expose you.
4. A bit of history on why GPL3.0 was created. Suse Linux signed an agreement with Microsoft to settle all the lawquits when MS sued them for violating their patents in the OSS code. By enforcing GPL3.0 into OSS software the OSS community forced MS to abandon suing other Linux vendors. ie. If they extended the OSS code elsewhere they had to open their code.

Disclaimer: I am not a legal expert, so enquire a lawer who specialises in it (we did).

Thanks. Sounds like a license to stay far away from. Guess we have microsoft to thank for it.

From a computer Systems Engineering perspective the GNU GPL is a network crawling, recursive IP klepto-algorithm designed to spread like a virus and harvest IP. I ask again... How is this thing even legal?

…

On 2022-03-22 20:23, Daan Biesterbos wrote: @DaanBiesterbos commented on this gist. ------------------------- > @DaanBiesterbos [1] Looking at your reply just now. Let me breakdown > your comment into a few bits and pieces. > > * Let's say I need a microservice to manage users within my > organisation.... > This falls in a grey area. ie. If you use the microservice -within- > your organisation, you may not be distributing. If you use it to > sell your service/product externally, then your are distributing. * > Secondly, I agree with your whole comment from a fairness point of > view. You are 100% correct and there is bunch of OSS licenses that > are fully supportive of that (eg, Apache License 2.0 is just fine) > * My original comment mainly applies to a few restrictive OSS > licenses such as GPLv3.0 or Affero GPL. I still standby by comment > unfortunately (it is not my personal wish :) ie. If you use GPLv3.0 > code within your service and distribute your product/service, then > the license would expect you to OS the whole code. It may not be > fair, but it is what it is. Also, if you do it anyway, then the > original author may not sue you just because many of them IMO do not > know the difference between GPLv2.0 and GPLv3.0 and adopt a higher > version believing it is better. However, if your competitor finds > out there is a remote probability that they may sue or expose you. > * A bit of history on why GPL3.0 was created. Suse Linux signed an > agreement with Microsoft to settle all the lawquits when MS sued > them for violating their patents in the OSS code. By enforcing > GPL3.0 into OSS software the OSS community forced MS to abandon > suing other Linux vendors. ie. If they extended the OSS code > elsewhere they had to open their code. > > Disclaimer: I am not a legal expert, so enquire a lawer who > specialises in it (we did). Thanks. Sounds like a license to stay far away from. Guess we have microsoft to thank for it. -- Reply to this email directly, view it on GitHub [2], or unsubscribe [3]. You are receiving this because you were mentioned.Message ID: ***@***.***> Links: ------ [1] https://github.com/DaanBiesterbos [2] https://gist.github.com/cbe95340d29fc1aaeaa5dd5c059d2e60#gistcomment-4106985 [3] https://github.com/notifications/unsubscribe-auth/AH7PPVIMDQQY75K7TFUIGOTVBJQBXANCNFSM4IOZWDWQ

The product I am distributing is a “cloud virtual server” (Windows 2012) with a “GPLv3.0 tool” pre-installed on the desktop.

Should I make my whole product (Windows 2012 disk image at the backend) GPLv3.0 open source?
Where can I get the Windows2012 source code, please? Need help!

@Kylejustknows I am not sure if you are really serious... Windows 2012 is Microsoft's proprietary product. Someone who uses your GPLv3 tool can get just the tool from you and install the OSthemselves. You should not distribute the Windows image as it must have a specific product key...

That said, it is possible to distribute the Windows 2012 image with a pre-installed product, just in the same way like the laptop vendors do. They pay MS directly and sell the OS pre-installed along with other bloatware :) Each image carries a different product key. It is legal in this way.

It seems I keep tracking this thread for years :) But I am happy to respond...

So if i use a plugin that uses this lisence in my privative closed source android application, i have to make open source just the modifications that uses the plugin, right?

or i'm breaking the rules and i need to make the whole thing open-source??

If a company develops a 3D printer that uses Open Source software (under the GPL3 license), such as the Merlin code that's used with many commercial 3D printers, and the 3D printer hardware includes a patented addition that provides some unique feature, with modifications to the Merlin code handling the processing of that patented unique piece of hardware, I understand that the modified Merlin code needs to be made available as Open Source code, but does that have any impact on the patent that covers the unique hardware? Can the company still enforce its patent rights and prohibit other companies from building a similar printer that includes the patented part?

Looking at the messages just now...

@pedro15 If your android app is for private (?!) use, you are not distributing. If you pu it in the Google Play store (for instance), you are distributing. One of tackling this situation is to force the user to install the plugin after the instalation. Then you are not distributing anything and what the user does is none of your concern.

@RogerInHawaii In your case, it is important to know what you are patenting. Is it the unique hardware part? Even if you open source your software, your patent would protect the hardware design. As for the software side, any unique addition that you offer with OSS GPV3.0 must be open source. Patenting that part is difficult and even if you do, enforcing or protecting it would be difficult.

Disclaimer: I am not a legal expert, get advice from an IP lawer.

@hoang-innomizetech

All code linked with GPL 3.0 source code must be disclosed under a GPL 3.0 compatible license.

There's is no such text on the linked page, where did you see it?

Hi,
You mentioned about open sourcing the source code. Well, does that mean I need to open source my entire application or only the modifications I made?
Thanks!

@shubhh123 , My reading of the GPL3 LICENSE is that you only need to open source YOUR VERSION of the open source code that you use in the application, including any modifications you made to IT. Your program may well include other code that you developed and even code that invokes part or all of the open source code you included (and potentially modified), but you do NOT have to make that other code open source. So, no, NOT the entire application, ONY the open source code that you included in the application (plus the modifications you made to IT).

Disclaimer: I am not a patent attorney.

Yet another question: (Trying to protect my own software from being open source).

Suppose I set up a secondary processor, like an Arduino, and have some of MY software running on it. I have the open source code running on the primary processor and modifications I made to that open source code SENDS INSTRUCTIONS, perhaps by way of serial communications, to the secondary processor to have that secondary processor run its own software (that I wrote).

Is the software that I'm running on the secondary processor considered to be "part" of the open source code and therefore must also be made open source? Or can I (potentially) patent or copyright or otherwise protect that software I wrote that's running on the secondary processor?

Thanks man, I was a bit overwhelmed by the unholy amount of stuff it said, and now I actually understand it.