[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: EllisLab, Inc. CodeIgniter license



On Wed, 29 Oct 2008 21:08:54 +0100 Carl Fürstenberg wrote:

> Had a short discussion on #debian-mentors about this license, and it
> was found out that it probably failed the dissident test. But as I'm
> unsure, I would like help from you reviewing the following license:

Let's take a look at each part of the license, then.
My usual disclaimers apply: IANAL, TINLA, IANADD, TINASOTODP.

> 
> 
> Copyright (c) 2008, EllisLab, Inc.
> All rights reserved.

"All rights reserved" is technically false, since many permissions are
granted in the following.  This sentence was probably added just to
follow some absurd rules that apply (or maybe used to apply) in some
strange jurisdiction...
Anyway, its presence is harmless, AFAIK.

> 
> This license is a legal agreement between you and EllisLab Inc. for the use
> of CodeIgniter Software (the "Software").  By obtaining the Software you
> agree to comply with the terms and conditions of this license.

I don't particularly love licenses that claim they must be agreed upon
just to *obtain* the Software.
I think downloading and using the Software should be unrestricted,
while the license should kick in only when one wants to copy or
redistribute, with or without modification.
Anyway, I don't think that this flaw means *by itself* that the license
fails to meet the DFSG.

> 
> PERMITTED USE
> You are permitted to use, copy, modify, and distribute the Software and its
> documentation, with or without modification, for any purpose, provided that
> the following conditions are met:

The important permissions are here granted, but with the restrictions
that follow.
Let's examine them.

> 
> 1. A copy of this license agreement must be included with the distribution.
> 
> 2. Redistributions of source code must retain the above copyright notice in
>    all source code files.
> 
> 3. Redistributions in binary form must reproduce the above copyright notice
>    in the documentation and/or other materials provided with the distribution.

No problem that I can see, so far.

> 
> 4. Any files that have been modified must carry notices stating the nature
>    of the change and the names of those who changed them.

An obligation to maintain a sort of change-log is normally acceptable.
The second part of the clause is more troublesome: depending on how it
should be interpreted, it could meet the DFSG or fail to do so.
If I am allowed to modify a file, document the nature of the change and
put a nickname (or a pseudonym, or even the term "anonymous") as the
name of the modifier, then I think this clause complies with the DFSG.

On the other hand, if I am compelled to disclose my own identity in
order to distribute a file modified by me, then I think that this
clause fails DFSG#1, since being forced to disclose one's own identity
can be a fee.
See also  http://lists.debian.org/debian-legal/2007/05/msg00015.html
for a more detail explanation of the issue (found in another license).

> 
> 5. Products derived from the Software must include an acknowledgment that
>    they are derived from CodeIgniter in their documentation and/or other
>    materials provided with the distribution.

This is acceptable, IMHO.

> 
> 6. Products derived from the Software may not be called "CodeIgniter",

This is considered acceptable (as a compromise!) per DFSG#4.

>    nor may "CodeIgniter" appear in their name, without prior written
>    permission from EllisLab, Inc.

IMHO, this goes beyond what is permitted (as a compromise!) by DFSG#4,
since it forbids an infinite set of names, rather than a single one.
I cannot use any of the following names for a derived product:
CodeIgniterNG, CodeIgniter++, SuperCodeIgniter, TinyCodeIgniter, ...

Please note that the PHP license (up to version 3.01) has a clause to
the same effect.
I personally think that the PHP License (up to version 3.01), fails to
meet the DFSG (even for PHP itself).  This is my own opinion and was
stated several times on debian-legal, but other people seem to disagree
and/or don't seem to care much.  See my analysis of the license at
http://lists.debian.org/debian-legal/2005/11/msg00272.html
for further details.

> 
> 
> INDEMNITY
> You agree to indemnify and hold harmless the authors of the Software and
> any contributors for any direct, indirect, incidental, or consequential
> third-party claims, actions or suits, as well as any related expenses,
> liabilities, damages, settlements or fees arising from your use or misuse
> of the Software, or a violation of any terms of this license.

Warning: indemnification clause: is it acceptable?
It smells as non-free, but I would like to know the opinion of other
debian-legal regulars...

> 
> DISCLAIMER OF WARRANTY
[...]
> LIMITATIONS OF LIABILITY
[...]

Typical stuff for warranty disclaimer and limitation of liability...
I didn't notice anything special.


In conclusion, I think this license has three main issues:
 * clause 4, which could force identity disclosure (thus failing DFSG#1)
 * clause 6, which goes beyond what is permitted by DFSG#4
 * indemnification clause, which could possibly fail some DFSG

My advice is to try and persuade upstream to adopt a well-known and
widespread Free Software license, such as the 3-clause BSD license, for
instance.


-- 
 On some search engines, searching for my nickname AND
 "nano-documents" may lead you to my website...  
..................................................... Francesco Poli .
 GnuPG key fpr == C979 F34B 27CE 5CD8 DC12  31B5 78F4 279B DD6D FCF4

Attachment: pgp7CXPFBiOKa.pgp
Description: PGP signature


Reply to: