> But may I ask, why is your company listening to these lawyers. Who should we listen to then?
> I'm not aware of any case law where someone got in trouble for utilizing code published publicly by the author for the purpose of being used (though I can imagine it, IF you're re-distributing the code in question) We are only concerned about code we use with our SAAS, which the user pays for. We include twenty-four 3rd-party modules in out app. And that doesn't include all the dependent modules. > AND you should have known better. I am not a lawyer and I can definitely see you aren't either. The next time the highway patrol pulls me over I'll say I didn't know better. :-) On Wed, Mar 27, 2013 at 9:43 AM, Austin William Wright < diamondma...@users.sourceforge.net> wrote: > If a work is creative enough to be covered by copyright (there's no rule > for code, but usually anything not straightforward and more than a few > lines), then yeah, you need some form of license. > > But may I ask, why is your company listening to these lawyers. > > No, really, while they are *technically* correct in what they say, > perhaps your company should consider also buying the services of an > economist, who would promptly inform you that the expected financial impact > is somewhere in the vicinity of a zero to none. And the lawyers should > theoretically know that too, I'm not aware of any case law where someone > got in trouble for utilizing code published publicly by the author for the > purpose of being used (though I can imagine it, IF you're re-distributing > the code in question). The author of the package would have to know that > you're using the code at all, THEN file a lawsuit, AND ask for damages, AND > demonstrate that there's no implied license AND you should have known > better. > > > On Wednesday, March 27, 2013 10:22:55 AM UTC-7, Mark Hahn wrote: > >> Even as a non-lawyer, I can assert that having no mention of any license >> at all is a real problem. My company won't allow any software to be used >> without a license. >> >> By coincidence our lawyers contacted me a few days ago and wanted to know >> the licensing for the software we use. I went to google on every module >> and I found four different modules with no mention of any license. I sent >> a request for a license to each author (usually submitting an issue). >> >> I am bummed because I have gotten only one response. I will have to >> remove the non-licensed code, replace it, and rewrite my code. I hate >> doing work just for lawyers. >> >> >> On Wed, Mar 27, 2013 at 10:14 AM, Isaac Schlueter <i...@izs.me> wrote: >> >>> I had no idea there were so many experienced IP lawyers on this >>> mailing list! How lucky we are! It's amazing that you all found time >>> to learn JavaScript, what with going to law school, passing the bar, >>> and then becoming familiar with the massive libraries of case-law on >>> this subject! >>> >>> Sadly, I'm not a lawyer, just a simple programmer. So I'm not an >>> expert on these matters, and as a non-expert, I'm not really >>> comfortable encoding strong opinions in npm on the subject. This way, >>> npm is a tool, and humans can work out their preferences using it, >>> however they like. >>> >>> Depending on who you ask, to be valid/enforceable, a license must be >>> one or more of the following: >>> >>> 1. declared in every file >>> 2. declared in any file >>> 3. declared somewhere in a file along with the source >>> 4. mentioned by the author, ever, in any context (even verbally) >>> 5. mentioned along with a link to the full text >>> 6. mentioned by name >>> 7. exist in a database of osi-approved licenses >>> 8. exist in the author's head, even if never mentioned, linked, or >>> printed anywhere else >>> 9. differentiate between variants of the name (ie, "BSD" is not ok, >>> but "BSD-2-clause" is) >>> 10. Nothing. OSS/Free Software licenses aren't actually enforceable. >>> >>> Yes, all of these are real statements that real people have made to >>> me, very confident that they were correct. Some of those people were >>> lawyers. Most were just programmers playing pretend. But as a >>> non-legal-expert myself, I have a hard time telling the difference >>> between a good lawyer, a bad lawyer, and a duck in a lawyer costume. >>> >>> npm has a "license" field, and the common pattern is to also put a >>> LICENSE (or LICENCE, for imperials) file in the root of your project. >>> Do whatever you want. I'm not going to get more involved than that. >>> >>> For me, if you send me a pull req with the same BSD license that I put >>> on all my code, I'll accept it without question. >>> >>> >>> >>> On Wed, Mar 27, 2013 at 10:00 AM, Dick Hardt <dick....@gmail.com> wrote: >>> > Actually, that is not true. There are several MIT licenses, so unless >>> the >>> > actual license text is included, it is ambiguous what the license is: >>> > >>> > http://en.wikipedia.org/wiki/**MIT_License#Various_versions<http://en.wikipedia.org/wiki/MIT_License#Various_versions> >>> > >>> > Having a LICENSE file in the package makes it clear what the license >>> is, or >>> > alternatively stating the full license in the README.md >>> > >>> > -- Dick >>> > >>> > On Mar 27, 2013, at 9:55 AM, Austin William Wright >>> > <diamon...@users.**sourceforge.net> wrote: >>> > >>> > A license is something that is granted by the author at >>> distribution-time, >>> > it need not be included in the package contents. If an author wholly >>> owns >>> > the copyright on their work, they can offer the program to you under >>> any >>> > license they want, regardless of what the file inside the repository or >>> > package says. >>> > >>> > So that paragraph doesn't actually, really, do anything - it's not a >>> > clause/stipulation (that is to say, it has no "teeth"). Granted that >>> the >>> > author is able to make the full text of the license available upon >>> request, >>> > a package that the author says is MIT licensed, even without including >>> the >>> > full text, is still MIT licensed. >>> > >>> > On Wednesday, March 27, 2013 9:12:03 AM UTC-7, kapouer wrote: >>> >> >>> >> Hi, >>> >> saying the author's work is MIT licensed is not enough, >>> >> the full text of the license must be there too, as written >>> >> in its second paragraph : >>> >> >>> >> The above copyright notice and this permission notice shall be >>> >> included in all copies or substantial portions of the Software. >>> >> >>> >> I write this here because i see countless node modules in this case, >>> >> whose authors probably believe their software to have a very liberal, >>> >> free, and open-source license - but they have de facto no license at >>> all. >>> >> >>> >> Jérémy. >>> >> >>> >> PS: because i see one module per day in this situation >>> > >>> > >>> > -- >>> > -- >>> > Job Board: http://jobs.nodejs.org/ >>> > Posting guidelines: >>> > https://github.com/joyent/**node/wiki/Mailing-List-** >>> Posting-Guidelines<https://github.com/joyent/node/wiki/Mailing-List-Posting-Guidelines> >>> > You received this message because you are subscribed to the Google >>> > Groups "nodejs" group. >>> > To post to this group, send email to nod...@googlegroups.com >>> >>> > To unsubscribe from this group, send email to >>> > nodejs+un...@**googlegroups.com >>> >>> > For more options, visit this group at >>> > http://groups.google.com/**group/nodejs?hl=en?hl=en<http://groups.google.com/group/nodejs?hl=en?hl=en> >>> > >>> > --- >>> > You received this message because you are subscribed to the Google >>> Groups >>> > "nodejs" group. >>> > To unsubscribe from this group and stop receiving emails from it, send >>> an >>> > email to nodejs+un...@**googlegroups.com. >>> >>> > For more options, visit >>> > https://groups.google.com/**groups/opt_out<https://groups.google.com/groups/opt_out> >>> . >>> > >>> > >>> > >>> > >>> > -- >>> > -- >>> > Job Board: http://jobs.nodejs.org/ >>> > Posting guidelines: >>> > https://github.com/joyent/**node/wiki/Mailing-List-** >>> Posting-Guidelines<https://github.com/joyent/node/wiki/Mailing-List-Posting-Guidelines> >>> > You received this message because you are subscribed to the Google >>> > Groups "nodejs" group. >>> > To post to this group, send email to nod...@googlegroups.com >>> >>> > To unsubscribe from this group, send email to >>> > nodejs+un...@**googlegroups.com >>> >>> > For more options, visit this group at >>> > http://groups.google.com/**group/nodejs?hl=en?hl=en<http://groups.google.com/group/nodejs?hl=en?hl=en> >>> > >>> > --- >>> > You received this message because you are subscribed to the Google >>> Groups >>> > "nodejs" group. >>> > To unsubscribe from this group and stop receiving emails from it, send >>> an >>> > email to nodejs+un...@**googlegroups.com. >>> >>> > For more options, visit >>> > https://groups.google.com/**groups/opt_out<https://groups.google.com/groups/opt_out> >>> . >>> > >>> > >>> >>> -- >>> -- >>> Job Board: http://jobs.nodejs.org/ >>> Posting guidelines: https://github.com/joyent/**node/wiki/Mailing-List-* >>> *Posting-Guidelines<https://github.com/joyent/node/wiki/Mailing-List-Posting-Guidelines> >>> You received this message because you are subscribed to the Google >>> Groups "nodejs" group. >>> To post to this group, send email to nod...@googlegroups.com >>> >>> To unsubscribe from this group, send email to >>> nodejs+un...@**googlegroups.com >>> >>> For more options, visit this group at >>> http://groups.google.com/**group/nodejs?hl=en?hl=en<http://groups.google.com/group/nodejs?hl=en?hl=en> >>> >>> --- >>> You received this message because you are subscribed to the Google >>> Groups "nodejs" group. >>> To unsubscribe from this group and stop receiving emails from it, send >>> an email to nodejs+un...@**googlegroups.com. >>> >>> For more options, visit >>> https://groups.google.com/**groups/opt_out<https://groups.google.com/groups/opt_out> >>> . >>> >>> >>> >> -- > -- > Job Board: http://jobs.nodejs.org/ > Posting guidelines: > https://github.com/joyent/node/wiki/Mailing-List-Posting-Guidelines > You received this message because you are subscribed to the Google > Groups "nodejs" group. > To post to this group, send email to nodejs@googlegroups.com > To unsubscribe from this group, send email to > nodejs+unsubscr...@googlegroups.com > For more options, visit this group at > http://groups.google.com/group/nodejs?hl=en?hl=en > > --- > You received this message because you are subscribed to the Google Groups > "nodejs" group. > To unsubscribe from this group and stop receiving emails from it, send an > email to nodejs+unsubscr...@googlegroups.com. > For more options, visit https://groups.google.com/groups/opt_out. > > > -- -- Job Board: http://jobs.nodejs.org/ Posting guidelines: https://github.com/joyent/node/wiki/Mailing-List-Posting-Guidelines You received this message because you are subscribed to the Google Groups "nodejs" group. To post to this group, send email to nodejs@googlegroups.com To unsubscribe from this group, send email to nodejs+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/nodejs?hl=en?hl=en --- You received this message because you are subscribed to the Google Groups "nodejs" group. To unsubscribe from this group and stop receiving emails from it, send an email to nodejs+unsubscr...@googlegroups.com. For more options, visit https://groups.google.com/groups/opt_out.
