Put a BSD license on securable-module.js

RESOLVED FIXED

Status

Add-on SDK
General
RESOLVED FIXED
7 years ago
7 years ago

People

(Reporter: atul, Unassigned)

Tracking

Firefox Tracking Flags

(Not tracked)

Details

Attachments

(1 attachment)

(Reporter)

Description

7 years ago
Other projects with different licenses, such as Firebug and Narwhal, would like to use securable-module.js as a generic chrome-space CommonJS module loader. However, in order to do this, securable-module.js needs to be under a BSD license.

Kevin Dangoor has gotten agreement from Gerv and Luis that relicensing the file should be fine (that's assuming that Atul or some other MoCo person is the only one to have changed that file... if anyone else has changed it, we'd need their permission to relicense as well).

Once we have everyone's permission, we can go ahead and put a BSD license at the top of the file.

According to github, this is the edit history of the file since it was added to the SDK:

  https://github.com/mozilla/addon-sdk/commits/master/packages/jetpack-core/lib/securable-module.js

(Before it was added to the SDK, I was the only one to touch the file.)

That means we need sign-offs from myself, Irakli, Myk, Warner, and Drew to put a BSD license on this.

On a side note, I'm interested in discussing+learning more about what's involved in getting the SDK's code as a whole to be easier for other projects to reuse in this way.

Comment 1

7 years ago
A couple of comments:

1. That list of people are all MoCo employees, right? Effectively, that means that Mozilla Corporation owns their work and we don't actually need their explicit permission to relicense. (Not that anyone will have any issues with relicensing :)

2. Generally speaking, the MPL (or tri-license) is friendly for reuse. People can use MPL-licensed code alongside code with any license of their choosing. In the case of this particular module, there was some concern about shipping the file with Firebug only because the MPL is a less-known/less-explored license and some people working on Firebug work in organizations with a whole lot of lawyers.
(Reporter)

Comment 2

7 years ago
Created attachment 493970 [details]
Pointer to pull request
(Reporter)

Comment 3

7 years ago
Comment on attachment 493970 [details]
Pointer to pull request

Hey Myk, could you take a look at this real quick? If there aren't any legal objections, it'd be really great if we could get this in ASAP so that we unblock the Firebug team and other folks who would like to reuse this kode.
Attachment #493970 - Flags: review?(myk)
Just to clarify (since there was some miscommunication between Julie, Harvey, Myk and I this morning), there are two applicable project policy rules here:

1) When we're contributing specific code to a specific existing third-party project which is BSD-licensed (such as Firebug), we're OK with "matching" their licensing policy.

2) When we're writing code ourselves for "Mozilla projects" like Jetpack, we use the reuse-and-sharing-friendly tri-license (hopefully soon to be the reuse-and-sharing-friendly MPL 2.) 

[These rules should be encapsulated in the flowchart here: http://www.mozilla.org/MPL/license-policy-flowchart.png and policy here: http://www.mozilla.org/MPL/license-policy )

Gerv and I understood when talking to Kevin that we were talking about #1 here; if so, Gerv's permission still stands. Using BSD for all of Jetpack (i.e., #2) is still not OK. Hope that clarifies.
Comment on attachment 493970 [details]
Pointer to pull request

Luis, you're absolutely right that in this bug we're talking about relicensing a single file (securable-module.js) that is in Jetpack's Add-on SDK repository <https://github.com/mozilla/addon-sdk> in order to be able to share that file with specific existing third-party projects (Firebug, Narwhal), and we are not talking about relicensing the entire Add-on SDK codebase in this manner (although folks should feel welcome to have that conversation in the appropriate fora, perhaps plugging into existing conversations about the MPL 2!).

And thus your and Gerv's approvals stand, and it's ok to do this.  The patch itself also looks good, so r=myk!
Attachment #493970 - Flags: review?(myk) → review+
Great thanks!
Honza
(Reporter)

Comment 7

7 years ago
Myk, when can this land?

Comment 8

7 years ago
(In reply to comment #5)
...
> 
> Luis, you're absolutely right that in this bug we're talking about relicensing
> a single file (securable-module.js) that is in Jetpack's Add-on SDK repository
> <https://github.com/mozilla/addon-sdk> in order to be able to share that file
> with specific existing third-party projects (Firebug, Narwhal), and we are not
> talking about relicensing the entire Add-on SDK codebase in this manner
> (although folks should feel welcome to have that conversation in the
> appropriate fora, perhaps plugging into existing conversations about the MPL
> 2!).

My comment here is absolutely off-topic for this bug, but the people on the CC list here are the ones who need to consider this issue. (I would be happy to discuss via email).

At present the jetpack model requires addon authors to use the MPL because the jetpack model is based on shipping MPL code with every addon created by others. At minimum this will create a significant barrier for commercial use of jetpack, since lawyers will have to review the license issues and the jetpack SDK (because the re-distribution of the SDK causes the addon author to assume liability for intellectual property in the SDK).

As an example, I would not work on jetpacks because I have limited resources and I don't want to spend them dealing with this kind of problem. I think other technical people may come to the same conclusion.  Of course some commercial developers will be willing and you may well decide that is satisfactory for your purposes. I only want to be sure you know about this issue.
(Reporter)

Comment 9

7 years ago
John, that's a great point, do you think you could bring it up on the Jetpack google group for discussion?

Comment 10

7 years ago
I agree that this last bit would be better as a thread on the Jetpack list, but I wanted to clear this up:

(In reply to comment #8)
> At present the jetpack model requires addon authors to use the MPL because the
> jetpack model is based on shipping MPL code with every addon created by others.


This is not correct. The MPL only stipulates that the changes a developer makes *to the files that came with the Jetpack SDK* must be licensed under the MPL. Any files created by the addon developer can be licensed under whatever terms they wish.

MPL 2.0 is apparently a good deal smaller than the current MPL version, so that may help make understanding the MPL a bit easier.

Comment 11

7 years ago
Yes, I guess "use" implies "license under" but I meant "deal with lawyers about". Anyway I opened this thread:

http://groups.google.com/group/mozilla-labs-jetpack/browse_thread/thread/64402b4337a951a4
https://github.com/mozilla/addon-sdk/commit/a602b8f2a075795720d1f70b87c7907583887ee1
Status: NEW → RESOLVED
Last Resolved: 7 years ago
Resolution: --- → FIXED
You need to log in before you can comment on or make changes to this bug.