The issue between WINE and Parallels has been solved. “On July 2nd, Parallels sent the modified sources to me (Stefan Dosinger). I looked at them, and they are functionally mostly unmodified, except of some changes to get wined3d to compile on Windows(nameless unions, and similar things). What is yet to be verified is if these are the sources used to build the libs shipped in Parallels Desktop for Mac.”
Whoa!!!
.. who doubted it?
I never doubted it. The lawyers needed to be fed before they regurgitated the “ok to release”.
Are they also including either source code or the required offer, good for three years, to their customers?
If you read the linked page, it states they’re happy to give the sources out to anybody who wants them, not to mention the fact that a copy of them is linked to directly there.
did they even ask them for the source first before going public ? I hope they won’t get sued back for FUDing on Parallels :p
Still, Parallels likely should have mentioned wine in the doc and how to get the source.
Yes they did:
http://osnews.com/story.php/18179/Parallels-Accused-of-LGPL-Violati…
Or, in short, they started contacting Parallels the first week of June. They went public June 30th.
Edited 2007-07-02 23:20
Excuse me, stop using FUD unless you actually *know* what it means – simply throwing it around removes any possible real impact of it when used in a real situation later on.
Regarding the issue at hand, they had over a month to resolve the situation – if they were investigating it, they should have mentioned it, if they were working on it, they should have mentioned it.
The problem with businesses is that they *FAIL* to communicate – they need to openly communicate and say, if they are going to take a x number of days, they should disclose that “yes, we used wine sources, however, we need to seperate the LGPL code from out own to ensure that we don’t disclose proprietary third party or our own code”.
This is just the tip of the iceburg; you get the same situation with Apple, Sun, and many other organisations – they need to disclose “this is where we are, this is where we’re going – this is who we’re partnered with, this is what we’ve used from the opensource community” – being secret squirl about this just brings to the forefront all sorts of conspiracy theories, and quite frankly companies involved only have themselves to blame.
“yes, we used wine sources, however, we need to seperate the LGPL code from out own to ensure that we don’t disclose proprietary third party or our own code”.
Well if they said that, wouldn’t they be in violation of the LGPL? If they added their own proprietary code to the LGPL library, then that code now must be released under the LGPL if they ever redistributed the said binary. Proprietary code that they do not want released must not be part of the same library as per the LGPL. If these sources were NOT used to build the distributed library and they took stuff out of them before they provided them, they are still violating the license.
There are other, more valid excuses for needing to seperate code out, such as if they for some weird reason, do not have a snapshot of the source for the version released and have to dig that up to provide the source, that is a much more valid reason (ie, they added a new feature to the library and want to surprise everyone else with it when they release the new version of the program using the library)
If you think that, then obviously you know next to nothing about the LGPL and the purpose of it; may I suggest that you research into a little more.
You can link against it, but in regards to the ‘seperation’ – I’m not sure how big of a mess their code is, but given how craptacular some companies are, I wouldn’t be surprised if there were some ugly hacks involved.
At the end of the day, the issue has been resolved. and it been much ado about nothing; then again, wine having been screwed over once by software vendors in the past, don’t want a repeat of the same situation again – it was outlets like osnews.com and so forth which turned a mole hill into a mountain.
did they even ask them for the source first before going public?
You’d know this from RTFA, but yes. They contacted them nearly a month ago, and set up a very dry wiki page to keep track of the ongoing efforts – a wiki page they didn’t publicize. It all came out when someone else stumbled upon the page and made it known.
In other words, WINE themselves never did go public with any complaints. The situation was discovered and reported by third parties, and only then did Parallels do anything. As far as I’m concerned, that shows a real lack of respect for the people who made the code they decided to use.
Still, Parallels likely should have mentioned wine in the doc and how to get the source.
They did mention an email address where people should write to get the code. They just didn’t respond to said requests.
Claiming to make the code available but not doing so until public pressure is brought to bear (pressure which didn’t originate from WINE) and then using that as evidence they are “happy” to release code leaves a slightly sour taste in my mouth.
Regardless of motivation (perhaps the publicity was simply bad timing and they were about to release the code by themselves already. maybe), they have released the code and are in compliance for now. Best to move on at this point I suppose. Yay for all involved?
This isn’t FUD and Parallels still isn’t fulfilling their obligation.
The LGPL states that sources must be made available at the SAME TIME in binary and source form. Parallels violated that. They must also be made available in substantially the same location. There is no source link next to the binary link.
While I appreciate that Parallels is making an honest effort to comply and don’t think they should be sued, you’re being completely outrageous thinking that Parallels has been slandered. It’s still accurate to say that Parallels is an open-source violator since they didn’t publish the sources at the same time as the binary (something they can never fix since time machines have yet to be invented).
Please don’t go around yelling at open-source developers for asking (quite nicely) that their intellectual property rights be respected. They don’t ask for much – and no money. They simply ask that the sources be made available and at the same time and in substantially the same way as the binaries. It’s not rocket science and for these few requirements they get years of premium development for FREE.
Same location? Is that an LGPL-only requirement?
As far as I know, both GPL and LGPL only require that whoever provides a binary also has to provide the source for the derived version. This also means that Parallel can’t just get into the clear just by linking to a source download on the WINE project page, even if the lib was unmodified. It’s their responsibility; not a shared responsibility.
However, they are not required to offer a link either. They can choose to mail it if they want. The license just requires that they make it available for three years, that they cannot charge you more than it costs them to send it to you (they can charge you say … $2 for the CD, but they can’t charge you $50 for the CD), and that the source be in (to poorly paraphrase) a commonly readable state. So a binary decompilation doesn’t count for the winelib and I doubt they could do a search/replace to obfuscate the variable and function names, either.
The reason downloads are made available by most projects is because it’s easier than burning up a bunch of CDs for everyone (even if they get paid for it).
—
A little off-topic. I always thought it was amusing that seeders on torrents are giving you binaries, but they don’t always give you sources. Funny how quick new technologies seem to make simple concepts like distribution of GPLed code seem antiquated. After all, when was the last time you got the source code from a project under the stipulations of the GPL/LGPL in the mail? It was a lot more common not too long ago.
No, you’re not required to distribute it from the same location by the LGPL– the previous poster is incorrect. The LGPL section 4 states that a binary redistribution of the library must include the source. But section 6 says that a program that uses the library may opt to provide the source for the library upon request (section 6c of LGPL 2.1: “Accompany the work with a written offer, valid for at least three years, to give the same user the materials specified in Subsection 6a, above, for a charge no more than the cost of performing this distribution.”)
What’s more, the LGPL 2.1 doesn’t explicitly state how much of a delay from the request of the source code under section 6c and delivery is acceptable. I believe under US law it’s difficult to prosecute anyone for failure to deliver something less than 8 weeks after ordering something, especially when a delivery date was never promised.
So I don’t think you can even say that Parallels was ever legally out of compliance with the LGPL, although they were definitely in danger of doing so.
good first step for parallels, now how about offering the source as a download or something like they should of in the first place….
Edited 2007-07-02 23:56
http://www.parallels.com/en/licensing/
good enough for the gpl
Edited 2007-07-03 03:31
If you want to receive any of the listed sources codes, please send your request to [email protected]
We are all aware of that statement, and have been since the first article on the subject.
good enough for the gpl
Yes, but only if you actually respond to requests. It’s not good enough to say you will and then not do it, which was the situation until a day or so ago. The promise of action does not make them compliant if there is no action. It’s almost worse, since it elicits smug comments about how they are obviously compliant (“can’t you people see that statement?! It says they are compliant so it must be true!”), even though until a day or so ago they simply weren’t.
actually no it isn’t….
It would be *good enough* to not be worried about if they were responsive to emails and so forth but as it is….
Edited 2007-07-03 07:10
Here it is Monday, and it looks like public pressure did in a day, what a little bit of discussion couldn’t do in nearly a month.
Or it could just be people came back from enjoying their weekend off
.
I wouldn’t argue the public story sped things up though.
Any response that involves “the lawyers” is going to take 30 days. Not to mention the fact that I am sure they actually wanted to do an audit and make sure they had modified the code. If they didn’t then they were already in compliance, it sounds like they made almost no changes and probably had thought they had mad no significant changes.
Perhaps the open source and corporate worlds would get along better if they assumed people were innocent until proven not to be.
Can you show us in the LGPL where it says you have a 30 day grace period AFTER being asked???
deanlinkous, since the LGPL allows response by mail to requests for source code, the answer to your question is FTC Part 435.1, section 1, part ii:
“(1) To solicit any order for the sale of merchandise to be ordered by the buyer through the mails unless, at the time of the solicitation, the seller has a reasonable basis to expect that he will be able to ship any ordered merchandise to the buyer: (i) Within that time clearly and conspicuously stated in any such solicitation, or (ii) if no time is clearly and conspicuously stated, within thirty (30) days after receipt of a properly completed order from the buyer.”
it does???? where?
I am also not sure why FTC 435.1 would apply since this isnt a mail order solicitation to sale something.
Mad props for trying tho…
I just read version 3 of the LGPL, and much to my surprise, it seems you don’t need to supply the source for a library if all you do is link to it at runtime. See section 4 of the LGPL: You can “convey a Combined Work” provided that you a) give prominent notice that you use it, b) include a copy of the GPL and the LGPL, c) include the copyright notice of the library if your app displays copyright notices during runtime, d) do one of the following: 0. Convey the Minimal Corresponding Source, or 1. Use a suitable shared library mechanism, and finally e) provide Installation Information if you are required to do so under GPL section 6.
Interesting, no? If I’m mistaken, please let me know.
How can anyone outside of the commercial app be so sure? I would love it if this is an out in the open pacifier.
Well for any piece of software using GPL’d(or any free software licence) you ultimately have to take the developer at their word.
Either way, when I see companies using free software, but not having the source directly on their server for download(even if others have it available), I still just like ask for the source sometimes, just to see if they are honest and abiding by the license. Sometimes they are confused at first, but none has failed yet, though I never asked parallels since I didn’t know they used WINE code, that and it’s been a while since I’ve done that.