tl;dr license review
TRANSCRIPT
![Page 1: TL;DR License Review](https://reader031.vdocument.in/reader031/viewer/2022013004/58702d261a28ab81258b5e5f/html5/thumbnails/1.jpg)
Not long ago, in a galaxy very close
Someone broke the Internet!
Well, just the Javascript ecosystem
For about two hours
But hey, it was still HUGE!
![Page 2: TL;DR License Review](https://reader031.vdocument.in/reader031/viewer/2022013004/58702d261a28ab81258b5e5f/html5/thumbnails/2.jpg)
Azer KoçuluOpen Source developer working on framework called Kik
Bob StrattonPatent AgentKik Interactive
![Page 3: TL;DR License Review](https://reader031.vdocument.in/reader031/viewer/2022013004/58702d261a28ab81258b5e5f/html5/thumbnails/3.jpg)
What happened next?
1. Azer unpublished all his packages from NPM.
2. One of his packages, called left-pad, is a dependency of another more popular package called line-numbers, which is a dependency of Babel, React, and countless others.
3. Without left-pad in NPM, line-numbers and other packages and builds soon began breaking (including Kik Interactive).
Azer broke the NPM ecosystem!
1. Javascript community quickly tracked the problem to Azer’s left-pad library and organized to fix it.
2. NPM had to republish left-pad, under a different owner from a backup.
3. In about 2 hrs, the problem was solved, but a deep flaw in the community was exposed.
![Page 4: TL;DR License Review](https://reader031.vdocument.in/reader031/viewer/2022013004/58702d261a28ab81258b5e5f/html5/thumbnails/4.jpg)
Questions arose
1.Did NPM stole Azer’s code when they republished his package?
2.Was NPM’s procedure right?
3.Is there any fault in Azer’s hand, Kik’s hand or even NPM?
The Open Source community strong foundation are its
licenses
![Page 5: TL;DR License Review](https://reader031.vdocument.in/reader031/viewer/2022013004/58702d261a28ab81258b5e5f/html5/thumbnails/5.jpg)
TL;DR;License Review
![Page 6: TL;DR License Review](https://reader031.vdocument.in/reader031/viewer/2022013004/58702d261a28ab81258b5e5f/html5/thumbnails/6.jpg)
Apache License v2You can do what you like with the software, as long as you include the required notices. This permissive license contains a patent license from the contributors of the code.
![Page 7: TL;DR License Review](https://reader031.vdocument.in/reader031/viewer/2022013004/58702d261a28ab81258b5e5f/html5/thumbnails/7.jpg)
GNU General Public License v3You may copy, distribute and modify the software as long as you track changes/dates in source files. Any modifications to or software including (via compiler) GPL-licensed code must also be made available under the GPL along with build & install instructions.
![Page 8: TL;DR License Review](https://reader031.vdocument.in/reader031/viewer/2022013004/58702d261a28ab81258b5e5f/html5/thumbnails/8.jpg)
GNU Lesser General Public License v3This license is mainly applied to libraries. You may copy, distribute and modify the software provided that modifications are described and licensed for free under LGPL. Derivatives works (including modifications or anything statically linked to the library) can only be redistributed under LGPL, but applications that use the library don't have to be.
![Page 9: TL;DR License Review](https://reader031.vdocument.in/reader031/viewer/2022013004/58702d261a28ab81258b5e5f/html5/thumbnails/9.jpg)
MIT LicenseA short, permissive software license. Basically, you can do whatever you want as long as you include the original copyright and license notice in any copy of the software/source.
![Page 10: TL;DR License Review](https://reader031.vdocument.in/reader031/viewer/2022013004/58702d261a28ab81258b5e5f/html5/thumbnails/10.jpg)
BSD-3The BSD 3-clause license allows you almost unlimited freedom with the software so long as you include the BSD copyright and license notice in it (found in Fulltext)
![Page 11: TL;DR License Review](https://reader031.vdocument.in/reader031/viewer/2022013004/58702d261a28ab81258b5e5f/html5/thumbnails/11.jpg)
Mozilla Public License 2.0MPL is a copyleft license that is easy to comply with. You must make the source code for any of your changes available under MPL, but you can combine the MPL software with proprietary code, as long as you keep the MPL code in a separate file. Version 2.0 is compatible with GPL version 3. You can distribute binaries under a proprietary license, as long as you make the source available under MPL.
![Page 12: TL;DR License Review](https://reader031.vdocument.in/reader031/viewer/2022013004/58702d261a28ab81258b5e5f/html5/thumbnails/12.jpg)
What license Azer used in left-pad?
![Page 13: TL;DR License Review](https://reader031.vdocument.in/reader031/viewer/2022013004/58702d261a28ab81258b5e5f/html5/thumbnails/13.jpg)
Do What the F**k You Want To Public License (WTFPL)
The WTFPL is almost a public domain grant. It is super-permissive. Basically, do whatever you want. Note, however, that it is not a trademark license.
![Page 14: TL;DR License Review](https://reader031.vdocument.in/reader031/viewer/2022013004/58702d261a28ab81258b5e5f/html5/thumbnails/14.jpg)
Questions/Comments?