Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

It is not true that AGPL is incompatible with responsible disclosure. Responsible disclosure timelines mean that the source code would be published long before anyone had time to complain about the source not being available.

Enforcement is hard, but AGPL is strictly stronger than GPL which doesn't evenninvitr enforcement on sharing server code.

Yes, many companies avoid AGPL software. That isn't a problem for AGPL-leaning authors, that's the point.



Even if (probably) no one has time to complain about it, you'd still technically be violating the license by withholding code, right?


Probably. AGPL says you need to "provid[e] access to the Corresponding Source from a network server at no charge, through some standard or customary means of facilitating copying of software", and GPLv3 also seems to require digital distribution of software to include immediate source access. GPLv2's source requirement, on the other hand, can be satisfied by a "written offer" to provide the source no matter how the binary is distributed; I think this is (along with apathy) how Apple gets away with taking months to publish GPLv2 sources.


That exposes whoever does this to uncharted legal territory.

There are many reasons why AGPL is used in extremely few projects of any relevance, compared to other GPL licences, or BSD, MIT, etc.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: