> Sorry, we don't accept code contributions and direct you to the original libxml2 project.
This has me puzzled to the point of being dumbfounded: If libxml2-ee has fixed many security and other flaws in libxml2, then what's the point of directing people back to a project that is relatively flawed?
Licencing it as AGPL is also interesting, since the original was MIT, though I'm not sure they've worked out all of the kinks, given this example from one of the M4 files:
# LICENSE
#
# Copyright (c) 2011 Maarten Bosmans <mkbosmans@gmail.com>
#
# Copying and distribution of this file, with or without modification, are
# permitted in any medium without royalty provided the copyright notice
# and this notice are preserved. This file is offered as-is, without any
# warranty.
qalmakka 8 hours ago [-]
You can't just take an MIT/X11 licence, remove it, and relicense it as it's an explicit violation of the MIT/X11 licence. This however only applies to the original code, so any new addition can be under whatever licence you want, including a more restrictive one. That doesn't change your obligation to reproduce the previous copyright notice as instructed by the licence you got the code under
tannhaeuser 7 hours ago [-]
I get what Nick is trying to do (allow F/OSS to continue receiving security fixes while requiring commercial users to pay), even forwarded his call for help or other support last year. I'm not sure though relicensing MIT code under AGPL is legally sound if your additions are just bug fixes.
qalmakka 4 hours ago [-]
> I'm not sure though relicensing MIT code under AGPL is legally sound if your additions are just bug fixes.
It is: the original unmodified code is still MIT, but the bits you wrote and thus you hold the copyright for are AGPL. The combination of your bits + old bits is AGPL; some judge may argue your derived work isn't derived enough if you just change a few characters though. Still, I may argue that fixing a bug, no matter how trivial, requires you to perform a creative task, which almost definitely is by itself to be considered enough to go above the threshold required by a derived work.
migueldeicaza 8 hours ago [-]
Correct, not many folks understand this.
LunaSea 8 hours ago [-]
In practice, how would you differentiate old code from new code when changes start to flow in?
0x457 5 hours ago [-]
Everything after <GIT SHA> is AGPL unless stated otherwise.
masfuerte 8 hours ago [-]
Presumably, this is (or will be) dual-licensed to enterprise customers who want the bug fixes but don't want to publish their code in accordance with the AGPL. Dual-licensing is much simpler for the author if he doesn't accept contributions.
esbranson 2 hours ago [-]
The corporate freeloading issue must be resolved somehow.
Milpotel 10 hours ago [-]
I hope the code quality will improve and their "we don't need tests because we use fuzzing... sometimes..." attitude changes.
on_the_train 10 hours ago [-]
"Enterprise edition" is usually a sign of parody projects. But this seems to be serious?
hobofan 10 hours ago [-]
When has "enterprise edition" ever been the sign of parody projects?
This has me puzzled to the point of being dumbfounded: If libxml2-ee has fixed many security and other flaws in libxml2, then what's the point of directing people back to a project that is relatively flawed?
Licencing it as AGPL is also interesting, since the original was MIT, though I'm not sure they've worked out all of the kinks, given this example from one of the M4 files:
It is: the original unmodified code is still MIT, but the bits you wrote and thus you hold the copyright for are AGPL. The combination of your bits + old bits is AGPL; some judge may argue your derived work isn't derived enough if you just change a few characters though. Still, I may argue that fixing a bug, no matter how trivial, requires you to perform a creative task, which almost definitely is by itself to be considered enough to go above the threshold required by a derived work.
I hate the fact I can say that. :-/