[License-review] For Approval: Rewrite of License Zero Reciprocal Public License

Kyle Mitchell kyle at kemitchell.com
Tue Nov 7 22:49:29 UTC 2017 

Bruce,

First and foremost, please don't apologize!  Very grateful
for your thoughts.  And looking forward to coffee, now that
you're back.

I tried replying to your message inline, but found I could
say what I wanted better in one fluid run, as you did.
Here's hoping that's easier on the reading end, too.


If Open Source licenses can hook copyleft into distribution,
why can't they hook copyleft into use?  The answer I think
I've read to date is that Open Source accepts the burdens of
copyleft licensing, as long as they fall on
software-developer-type people, not other-type people.
Historically, we associate developer-type people with
modification, and other-type people, your "passive users",
with use.

Developer tools break that correlation, and that rationale.
People who use developer tools on source code are
overwhelmingly software developers, almost by definition.
Open Source already expects those people to grapple with
copyleft, because it expects them to work with source.  They
don't lose their identity, or competency, in transition from
hacker of one project, in source, to user of another,
perhaps binary.  Fluidly passing from one to the other _is_
software development.  Developers work with source by
running programs.

So I might have written, akin to my last BSD-based draft:

  5. If you run this software to develop software, you must
     release source code for that software.

Better yet, squashing a bug pointed out in your comments:

  5. If you run this software to develop software, you must
     release source code for that software that has not yet
     been released.

You're right that non-developers occasionally use developer
tools on source, usually when a developer tells them to, or
gives them software that does.  They occasionally modify and
distribute software, too.  In my formative years, I did a
lot of copying and pasting commands, trying to make Linux
work right.  I'm sure I committed an unwitting copyleft
violation or two along the way.  That "error rate" does not
and should not put GPL-style copyleft beyond the pale of the
OSD.  Similarly negligible edge cases shouldn't put the
kibosh on L0-R-style copyleft, either.  In other words, OSD
shouldn't give developers a pass on copyleft because the
occasional non-developer innocent might be seen to share
software like a developer, run developer tools like a
developer, and handle source code like a developer, aided
and abetted by bona fide developers.

You're right that bona fide developers can fall down on the
job, and set downstream users up for compliance problems.
That isn't new or peculiar to L0-R, either.  With the
revision above, running a Gentoo-like distribution built
entirely of Open Source, shipping a L0-R compiler, wouldn't
create any new release obligations.  But a faulty
distribution could set a user up with non-Open Source they
might unwittingly compile.  Or a license-incompatible
combination they might unwittingly convey.  Or install
scripts to patch a network service without offering the
patch.  Open Source already accepts that positioning oneself
downstream of an errant developer, as a passive user, can't
be allowed to unravel copyleft.

You're right that copyleft licenses offer a deal, and the
deal doesn't always appeal to those who'd rather make
proprietary software.  An L0-R `wc -l` run on source code is
a valid hypothetical.  So is a five-line GPL sorting
algorithm, linked into a larger program using a package
manager, and then inadvertently conveyed out-of-house.  Most
GPL libraries offer a great deal more, and I take it a swell
leak detecting static analyzer under L0-R wouldn't rankle so
much.  What principle denies that kind of tool the ability
to drive an effective copyleft bargain, while allowing a
leak-detection library, which one happens to include before
running, to do so?  Why deny a good dev tool L0-R for fear
of a useless dev tool?  We don't deny good libraries the GPL
for fear less valuable dross will make a nuisance with it.

All of these horribles have done a few parades before, long
before L0-R ever crossed my mind.  What's new here?  The
use-based trigger.  Granted, there might be a policy reason
to distinguish use-based triggers, even for dev tools, on
principle.  But it's not that OSI won't lay the burden of
copyleft licenses on developer tool users.  It already does.

As for whether pushing that kind of bargain is "absurd",
there's nothing much I can say to the word, and that's
mighty frustrating.  L0-R doesn't seem absurd to me, or to
the developers asking me for it.  "L0-R means you can only
use it for open source work" doesn't seem that hard to
explain or understand.  Just new.  If there were nothing
new, there'd be nothing to propose here.

-- 
Kyle Mitchell, attorney // Oakland // (510) 712 - 0933

More information about the License-review mailing list