this post was submitted on 26 Jun 2023
126 points (97.7% liked)

Open Source

31713 readers
114 users here now

All about open source! Feel free to ask questions, and share news, and interesting stuff!

Useful Links

Rules

Related Communities

Community icon from opensource.org, but we are not affiliated with them.

founded 5 years ago
MODERATORS
 

I found two apps that seem to be violating the AGPL license. They both use the AGPL-licensed lemmy-js-client library, which means the apps themselves should also use the same license (which is the whole purpose of Copyleft). But they aren't. I don't know if Lemmy developers and contributors are aware of this.

The apps:

https://github.com/ando818/lemmy-ui-svelte - Apache license

https://github.com/aeharding/wefwef - MIT license

What should we do about this as a community? I informed one of the app's developers about this and it doesn't seem like they care. I wonder if some of the proprietary apps that are being developed right now also rely on this library.

Update: wefwef now includes the AGPL license in the repo. Thank you to the Lemmy user who reported it to the author and to the author for quickly resolving the issue :)

you are viewing a single comment's thread
view the rest of the comments
[–] [email protected] 16 points 2 years ago* (last edited 2 years ago) (3 children)

They are loading this library via NPM AFAIK, so it is not included in the repo. Of course the final compiled release should be AGPL, but they are free to use a more liberal license in their own repo as long as it allows combining with AGPL software.

MIT for sure, but I think also Apache license (one way?) allows this so I think on license grounds this is ok. But IANAL.

[–] [email protected] 10 points 2 years ago* (last edited 2 years ago) (1 children)

That's what I thought as well.

If you just clone the repo there will not be any sources from the AGPL:ed source within the project, only a text mentioning the name.

However if you build it locally, it will pull in the third party libraries. So as long as they aren't distributing any built packages without a AGPL-compatible license, I don't think they are doing anything wrong.

(IANAL)

[–] [email protected] 3 points 2 years ago

Agreed, I think this is a misunderstanding as well of the AGPL but IANAL

load more comments (1 replies)