Italian identity card middleware for Linux cannot be packaged for Fedora because a developer assigned an "all rights reserved" licence to his code.
In the ticket [1] where I raised this problem, some developers of the project said that they will investigate to find out if the lines of code of the "wrong" license maybe erased.
My personal opinion is that only THE author must be the one allowed to change the licence of his own code, not another person.
Is that correct?
Best regards
[1]: https://github.com/italia/cie-middleware-linux/issues/16
It is a global issue.
Many of the projects I contribute to require me (or anyone) to sign a special document which deals with the issue and TL;DR says you give (or share) all the needed rights to (or with) the project owners.
Example: https://mariadb.com/kb/en/mca/
So AFAIK anyone _can_ license their code as they wish. It is up to the project owners / maintainers to not allow badly licensed code to their projects. Annoying, but seems to be the only way.
--
Michal Schorm Software Engineer Core Services - Databases Team Red Hat
--
On Mon, Jan 31, 2022 at 12:43 PM Germano Massullo germano.massullo@gmail.com wrote:
Italian identity card middleware for Linux cannot be packaged for Fedora because a developer assigned an "all rights reserved" licence to his code.
In the ticket [1] where I raised this problem, some developers of the project said that they will investigate to find out if the lines of code of the "wrong" license maybe erased.
My personal opinion is that only THE author must be the one allowed to change the licence of his own code, not another person.
Is that correct?
Best regards
legal mailing list -- legal@lists.fedoraproject.org To unsubscribe send an email to legal-leave@lists.fedoraproject.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/legal@lists.fedoraproject.org Do not reply to spam on the list, report it: https://pagure.io/fedora-infrastructure
Hi Germano,
Unfortunately, I don't speak/read Italian, but thanks to Google translate, I had a read of this thread and it seems to be resolved by the end?
As to your question more generally regarding the use of phrase "all rights reserved" - various lawyers I have spoken to (including my own view) see this as a bit of unnecessary language and a vestige of the past.
I would agree with most of the comments in the thread and the overall approach - If I saw a file like those described here where there is a copyright notice, "all rights reserved" and no indication of a license whatsoever, then the assumption is that no license is granted. A license is the way we give permission to some of the rights that copyright otherwise, by default, reserves for the author. However, when there is a project license and signs seem to indicate that "all rights reserved" was not intended to be taken literally, then checking with the author is best to clarify. (as was done here)
FWIW, where there is the same, plus the text of the license or and SPDX identifier or some other obvious license notice, then I would take "all right reserved" to really mean, "all other rights not granted in the stated license are reserved".
My own approach would be to not use "all rights reserved" at all on open-licensed content and just have the copyright notice and a file with the full license text, using SPDX identifiers, in individual files. :)
Thanks, Jilayne
On 1/31/22 4:42 AM, Germano Massullo wrote:
Italian identity card middleware for Linux cannot be packaged for Fedora because a developer assigned an "all rights reserved" licence to his code.
In the ticket [1] where I raised this problem, some developers of the project said that they will investigate to find out if the lines of code of the "wrong" license maybe erased.
My personal opinion is that only THE author must be the one allowed to change the licence of his own code, not another person.
Is that correct?
Best regards
legal mailing list --legal@lists.fedoraproject.org To unsubscribe send an email tolegal-leave@lists.fedoraproject.org Fedora Code of Conduct:https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines:https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives:https://lists.fedoraproject.org/archives/list/legal@lists.fedoraproject.org Do not reply to spam on the list, report it:https://pagure.io/fedora-infrastructure
Dne 31. 01. 22 v 12:42 Germano Massullo napsal(a):
My personal opinion is that only THE author must be the one allowed to change the licence of his own code, not another person.
Is that correct?
It is the **holder** of the rights. As non-native speaker I am not sure I am using the right term, so I will describe.
I am employee of Red Hat. When I write a code then I am the author. The authorship cannot be transfered. But at the same time I am owner of the rights and that can be transfered. In my case, in my employee contract is written that the rights for the work related to my employement goes to Red Hat and Red Hat is the holder of the rights. They can decide what to do: release it under any license, sell it, close it, ... and they re-license.
When you contribute to a project you may agree (not neccessery sign) Contributor Agreement (e.g., [1] in case of Fedora) which may give some rights to the project owner.
Sometime the change of license can be easy and project owner can do it. But sometimes it can be tricky as in case of OSM re-license [2] where every single contributor had to agree with license change.
[1] https://fedoraproject.org/wiki/Legal:Fedora_Project_Contributor_Agreement
[2] https://blog.openstreetmap.org/tag/license-change/
Miroslav
So, shall we just ignore the "all rights reserved" and only look at the license text?
I'm reviewing a package [1] which has the same "problem" and it also carries a separate "all rights reserved" license file aside a BSD and an Apache license files... is it acceptable?
On Wed, Feb 2, 2022 at 12:51 PM Mattia Verga mattia.verga@protonmail.com wrote:
So, shall we just ignore the "all rights reserved" and only look at the license text?
I'm reviewing a package [1] which has the same "problem" and it also carries a separate "all rights reserved" license file aside a BSD and an Apache license files... is it acceptable?
It's extremely common in open source to see license notices coupled with copyright notices that include an "All rights reserved" statement. It doesn't mean anything. It's just an annoying habit rooted in pre-FOSS, pre-software copyright marking practices. I urge anyone reading this list who engages in open source development not to do it. But there's no point in treating it as a problem.
On the other hand, suppose someone contributes a new source file to an upstream project that is licensed under, say, the Apache License 2.0, and they include a copyright notice with an "All rights reserved" statement but no license notice. That is most likely a problem for the following reason: Normally, in open source development, we don't see contributors including copyright notices without license notices in patches etc. (they might have no legal notices at all, which is by far the most common case, or they might have just a license notice, or they might have a copyright and license notice). Also, nowadays, sometimes "All rights reserved" without a FOSS or FOSS-like license notice is used to signal "I am not placing this material under a FOSS license, even though that's what I usually do" -- I typically don't see this in software but nonetheless it is a modern practice that affects how we should interpret "All rights reserved" in code.
I hope this is helpful!
Richard
[1] https://bugzilla.redhat.com/show_bug.cgi?id=2034758 _______________________________________________ legal mailing list -- legal@lists.fedoraproject.org To unsubscribe send an email to legal-leave@lists.fedoraproject.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/legal@lists.fedoraproject.org Do not reply to spam on the list, report it: https://pagure.io/fedora-infrastructure