<html>
  <head>
    <meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
  </head>
  <body text="#000000" bgcolor="#FFFFFF">
    <br>
    <div class="moz-cite-prefix">On 8/22/2019 9:12 PM, Bruce Perens via
      License-review wrote:<br>
    </div>
    <blockquote type="cite"
cite="mid:CAK2MWOtn+_3frqgCCga_GEVK6t+o=Mu7iZD=ZuYCfqDmEdb=eA@mail.gmail.com">
      <meta http-equiv="content-type" content="text/html; charset=UTF-8">
      <div dir="ltr">But would it not be sufficient in this case to
        simply tell folks where you got the source, given that it's a
        public repository? You didn't modify it yourself.</div>
    </blockquote>
    <br>
    Not necessarily. The source code obligation says that the repository
    must persist as long as I am using the software and for a year after
    that. So do I keep checking the original source and make sure they
    haven' t changed it and it's still the same software that I used?
    What if they update and I don't? And to have to do that for a year
    after I'm not even using the software? This avenue for compliance is
    pretty burdensome.<br>
    <br>
    Pam<br>
    <br>
    Pamela S. Chestek<br>
    Chestek Legal<br>
    PO Box 2492<br>
    Raleigh, NC 27602<br>
    919-800-8033<br>
    <a class="moz-txt-link-abbreviated" href="mailto:pamela@chesteklegal.com">pamela@chesteklegal.com</a><br>
    <a class="moz-txt-link-abbreviated" href="http://www.chesteklegal.com">www.chesteklegal.com</a><br>
    <blockquote type="cite"
cite="mid:CAK2MWOtn+_3frqgCCga_GEVK6t+o=Mu7iZD=ZuYCfqDmEdb=eA@mail.gmail.com"><br>
      <div class="gmail_quote">
        <div dir="ltr" class="gmail_attr">On Thu, Aug 22, 2019 at 6:09
          PM Kevin P. Fleming <<a href="mailto:kevin%2Bosi@km6g.us"
            moz-do-not-send="true">kevin+osi@km6g.us</a>> wrote:<br>
        </div>
        <blockquote class="gmail_quote" style="margin:0px 0px 0px
          0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex">On
          Thu, Aug 22, 2019 at 4:52 PM Pamela Chestek <<a
            href="mailto:pamela@chesteklegal.com" target="_blank"
            moz-do-not-send="true">pamela@chesteklegal.com</a>>
          wrote:<br>
          ><br>
          >  It's not the ease of compliance, it's the fact that
          there is a compliance requirement at all when no other license
          has one in the same circumstance.<br>
          <br>
          The AGPL also imposes a compliance requirement in your
          hypothetical<br>
          situation. If you install an AGPL-licensed plugin in your
          website (in<br>
          any manner, even choosing it from a plugin repository offered
          by the<br>
          website software project's operators), and the users of your
          website<br>
          interact with that plugin over the network, then you are
          obligated to<br>
          provide the source code to your users if the copy you are
          operating<br>
          *has been modified*. It is not clear whether the license is
          only<br>
          triggered by modifications that you made, or by modifications
          made by<br>
          the party who provided the software to you, but if it is only<br>
          triggered when *you* make modifications then there is a<br>
          aircraft-carrier-sized escape hatch in the AGPL. In any case,
          as the<br>
          operator of the website you would need to be aware of this
          requirement<br>
          and be able to determine whether the copy you are operating
          can be<br>
          considered *modified*.<br>
          <br>
          _______________________________________________<br>
          License-review mailing list<br>
          <a href="mailto:License-review@lists.opensource.org"
            target="_blank" moz-do-not-send="true">License-review@lists.opensource.org</a><br>
          <a
href="http://lists.opensource.org/mailman/listinfo/license-review_lists.opensource.org"
            rel="noreferrer" target="_blank" moz-do-not-send="true">http://lists.opensource.org/mailman/listinfo/license-review_lists.opensource.org</a><br>
        </blockquote>
      </div>
      <br clear="all">
      <div><br>
      </div>
      -- <br>
      <div dir="ltr" class="gmail_signature">
        <div dir="ltr">
          <div>
            <div dir="ltr">Bruce Perens - Partner, <a
                href="http://OSS.Capital" target="_blank"
                moz-do-not-send="true">OSS.Capital</a>.</div>
          </div>
        </div>
      </div>
      <br>
      <fieldset class="mimeAttachmentHeader"></fieldset>
      <pre class="moz-quote-pre" wrap="">_______________________________________________
License-review mailing list
<a class="moz-txt-link-abbreviated" href="mailto:License-review@lists.opensource.org">License-review@lists.opensource.org</a>
<a class="moz-txt-link-freetext" href="http://lists.opensource.org/mailman/listinfo/license-review_lists.opensource.org">http://lists.opensource.org/mailman/listinfo/license-review_lists.opensource.org</a>
</pre>
    </blockquote>
    <br>
  </body>
</html>