copyright violation on copyright_check.py

Bug #1698652 reported by lkcl on 2017-06-18
6
This bug affects 1 person
Affects Status Importance Assigned to Milestone
Drizzle
Undecided
Unassigned

Bug Description

hello,

i am looking at the following:
https://fossies.org/dox/drizzle-7.2.4-alpha/copyright__check_8py_source.html

the copyright holder notice is missing from this file.
please ensure that you respect copyright - particularly and ironically
in a file which checks copyright - by restoring the following
copyright ownership notice in the file:

# Copyright (C) 2009, Luke Kenneth Casson Leighton <email address hidden>

to make it absolutely clear: you may not assume copyright ownership
of this file, implicitly or explicitly.

many thanks.

lkcl (lkcl) on 2017-06-19
Changed in drizzle:
status: Invalid → New
lkcl (lkcl) wrote :

awesome, thank you for adding the copyright....
but.. ahh... that brings us on to a second
issue: who added the apache 2 license
without my authorisation or consent?

i would not release code under the Apache
Software License: i would release it under
the GPLv3+. in this instance as it is a
stand-alone program that does not impact
the drizzle project as it's not "linked"
etc. etc.

i must apologise because i was not expecting
this file to be useful, so i did not put a
license notice in it (at all) at the time that
i wrote it. which means in effect "all rights
reserved, and you need to contact me to ask
for my permission to use it, and to request
under what license conditions it may be used".

i have not received any such communication
from the drizzle team in any way, shape or form.

so, copyright law being what it is, you may not
assume that you have the right to assign an
arbitrary license to this copyrighted work: only
the copyright holder (myself) may decide that,
and i choose the GPLv3+, not the Apache Software
License v2.

much appreciated if you could correct this second
oversight. in addition could we possible follow
the correct bugtracking procedure, instead of
marking the bug as "invalid"? that would seem
to indicate that you are claiming that the legal
assertion of copyright ownership of this file
is invalid. that would be very unfortunate if
any member of the drizzle team was attempting
to make such a claim. so would you agree that it
would be much better to follow "normal" bugreporting
procedure i.e. to mark the bug in the normal way:
accepted, in progress, fixed, reviewed etc.

Clint Byrum (clint-fewbar) wrote :

This bug wins the most-ironic-situation-in-OSS award for the year I think.

On Mon, Jun 19, 2017 at 5:00 PM, Clint Byrum <email address hidden> wrote:
> This bug wins the most-ironic-situation-in-OSS award for the year I
> think.

 gotta love it... :)

 i just wasn't expecting anyone to use this rather obscure program
that i wrote when i was the maintainer of a package that pulled in
several thousand files from dozens of different sources (all under
different libre licenses) and in addition had something like fifty
different contributors. it was an imperative to have it. it was
therefore written in a rush and i didn't think to add the copyright
notice and license.

l.

Clint Byrum (clint-fewbar) wrote :

But you must realize that the irony is layered.. and starts with the irony of putting code on the internet... that checks license documentation.. and not putting a license _on that code_.

Monty Taylor (mordred) wrote :

It does indeed.

Luke, terribly sorry for any unintentional offense given, that was certainly not our intent back in 2009, nor do I imagine it's anyone's intent today.

HOWEVER

As the note higher in the file indicates, the source was taken from the pyjamas repo. While the file did not (and still does not) include a copyright license itself, the repo in which it is located does include an Apache v2 license in its COPYING file:

http://pyjamas.svn.sourceforge.net/viewvc/pyjamas/trunk/COPYING?revision=2448&view=markup

Looking through the other files in the pyjamas repo, it seems to be common practice in the repo to not list copyright licenses on a per-file basis. Here is an example of one taken at random:

http://pyjamas.svn.sourceforge.net/viewvc/pyjamas/trunk/library/pygwt.py?revision=2448&view=markup

Here's another:

http://pyjamas.svn.sourceforge.net/viewvc/pyjamas/trunk/pyjs/jsonrpc/jsonrpc.py?revision=2448&view=markup

Given the existence of a top-level license file, the absence of any contradicting license information on the file itself and a pattern of not applying license headers to each file in the repo, application of reasonable and customary practices in the Open Source world holds that the license communicated in the repository's COPYING file is intended to apply to all of the files in the repository unless otherwise indicated.

I'm putting this back to invalid. Whether it was your intent at the time, you offered this code to the world under the terms of the COPYING file in the pyjamas repo back in 2009. Since you are the one who announced the existence of the file in the pyjamas repo on the debian mailing list, I'm pretty sure the file was not put there without your permission.

Changed in drizzle:
status: New → Invalid
lkcl (lkcl) wrote :

---
crowd-funded eco-conscious hardware: https://www.crowdsupply.com/eoma68

On Mon, Jun 19, 2017 at 5:47 PM, Clint Byrum <email address hidden> wrote:
> But you must realize that the irony is layered.. and starts with the
> irony of putting code on the internet... that checks license
> documentation.. and not putting a license _on that code_.

 indeed... :)

lkcl (lkcl) wrote :

On Mon, Jun 19, 2017 at 6:05 PM, Monty Taylor <email address hidden> wrote:
> It does indeed.
>
> Luke, terribly sorry for any unintentional offense given, that was
> certainly not our intent back in 2009, nor do I imagine it's anyone's
> intent today.

 none taken.

> HOWEVER
>
> As the note higher in the file indicates, the source was taken from the
> pyjamas repo. While the file did not (and still does not) include a
> copyright license itself, the repo in which it is located does include
> an Apache v2 license in its COPYING file:

 yeah 2017-2009= err... 8 years: it's too long ago for me to remember
details. i have never been a fan of permissive licenses: however
pyjamas was a project i inherited and so there was not a lot of choice
*sigh*.

> I'm putting this back to invalid. Whether it was your intent at the
> time, you offered this code to the world under the terms of the COPYING
> file in the pyjamas repo back in 2009.

agreed.

well at least this exercise has prompted me to take an interest in the
code again. i notice there's some modifications made: also i tested
it out on lintian (in debian) which is a single wildcard "*" and
there's clearly something amiss: not one of the matches is correct.

i'll check this out and get back to you (separate bugreport).

l.

To post a comment you must log in.
This report contains Public information  Edit
Everyone can see this information.

Other bug subscribers