Copyleft/guide
6
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Incorporate the compliance guide into main text of the book.

Browse source 
This required resectioning the entire compliance guide to be 'one level up'.
It furthermore required a few other formatting and related changes.
This commit is contained in:
Bradley M. Kuhn 2014-02-20 12:46:33 -05:00
parent 16ffbf69c5
commit 9eb3c521b0
2 changed files with 54 additions and 58 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

110
compliance-guide.tex
View file

@ -1,40 +1,38 @@
\documentclass[letterpaper]{fixme}
% compliance-guide.tex -*- LaTeX -*-
\title{A Practical Guide to GPL Compliance}
\titleformatted{A Practical Guide to GPL Compliance}
\date{August 26, 2008}
\part{A Practical Guide to GPL Compliance}
\keywords{SFLC, software, freedom, law, center, free, open, source, gpl, compliance, violation}
\begin{center}
\subject{SFLC's guide to better compliance with the GPL and related FOSS Licenses}
{\parindent 0in
This part is: \\
\begin{tabbing}
Copyright \= \copyright{} 2008 \= \hspace{.2in} Software Freedom Law Center. \\
Copyright \= \copyright{} 2014 \= \hspace{.2in} Bradley M. Kuhn.
\end{tabbing}
% The below is a horrible hack. What happens is that the HTML generator
% (tex4ht) freaks out when \\ is used in the author field. tex4ht seems
% to have some concept of ``author lists'' but I cannot figure out how to
% use this. I added this code here (and keep carrying it over from doc to
% doc) to get around that problem, but really it should be handled in the
% LaTeX class. -- bkuhn
\vspace{1in}
\ifx \generateHTML \isGeneratingHTML
\author{
<ul class="author"> \Hnewline
<li>Bradley M. Kuhn</li>\Hnewline
<li>Aaron Williamson</li>\Hnewline
<li>Karen M. Sandler</li>\Hnewline
</ul>\Hnewline}
\else
\author{Bradley M. Kuhn \\ Aaron Williamson \\ Karen M. Sandler }
\fi
Authors of this part are: \\
\begin{document}
Bradley M. Kuhn \\
Aaron Williamson \\
Karen M. Sandler \\
\maketitle
\vspace{3in}
Copyright \copyright{} 2008, Software Freedom Law Center. Licensed
\href{http://creativecommons.org/licenses/by-sa/4.0/legalcode}{CC-BY-SA
4.0 unported}.
\section{Executive Summary}
The copyright holders of this part hereby grant the freedom to copy, modify,
convey, Adapt, and/or redistribute this work under the terms of the Creative
Commons Attribution Share Alike 4.0 International License. A copy of that
license is available at
\verb=https://creativecommons.org/licenses/by-sa/4.0/legalcode=. }
\end{center}
\bigskip
\chapter*{Executive Summary}
This is a guide to effective compliance with the GNU General Public
License (GPL) and related licenses. In accordance with the Software
@ -46,7 +44,7 @@ enforcement by copyright holders. It also outlines business practices and
methods that lead to better GPL compliance. Finally, it recommends proper
post-violation responses to the concerns of copyright holders.
\section{Background}
\chapter{Background}
Early GPL enforcement efforts began soon after the GPL was written by
Richard Stallman in 1989, and consisted of informal community efforts,
@ -95,7 +93,7 @@ commercial distributors, redistributors, and resellers on how to avoid
violations in the first place, and to respond adequately and appropriately
when a violation occurs.
\section{Best Practices to Avoid Common Violations}
\chapter{Best Practices to Avoid Common Violations}
\label{best-practices}
Unlike highly permissive FOSS licenses (such as the ISC license), which
@ -120,7 +118,7 @@ software.\footnote{This document addresses compliance with GPLv2,
\S~\ref{lgpl} discusses the key differences between GPL and LGPL
compliance.}
\subsection{Evaluate License Applicability}
\section{Evaluate License Applicability}
\label{derivative-works}
Political discussion about the GPL often centers around the ``copyleft''
requirements of the license. Indeed, the license was designed primarily
@ -172,7 +170,7 @@ source for the GPL'd components and your modifications thereto, but not
for independent proprietary applications. The procedures described in
this document address this typical scenario.
\subsection{Monitor Software Acquisition}
\section{Monitor Software Acquisition}
Software engineers should have the freedom to innovate and import useful
software components to improve your product. However, along with that
@ -210,7 +208,7 @@ the code. Fossology can help you build a catalog of the sources you have
already used to build your product. You can then expand that into a more
structured inventory and process.
\subsection{Track Your Changes and Releases}
\section{Track Your Changes and Releases}
As we will explain in further detail below, the most important component
to maintaining GPL compliance is inclusion of the complete and
@ -229,7 +227,7 @@ scripts, engineers' notes, and documentation. Your developers will also
benefit from a system that tracks the precise version of source that
corresponds to any deployed binary.
\subsection{Avoid the ``Build Guru''}
\section{Avoid the ``Build Guru''}
Too many software projects rely on only one or a very few team members who
know how to build and assemble the final released product. Such knowledge
@ -246,7 +244,7 @@ Make a rule that adding new components to the system without adequate
build instructions (or better yet, scripts) is unacceptable engineering
practice.
\section{Details of Compliant Distribution}
\chapter{Details of Compliant Distribution}
In this section, we explain the specific requirements placed upon
distributors of GPL'd software. Note that this section refers heavily to
@ -256,7 +254,7 @@ and \href{http://www.fsf.org/licensing/licenses/gpl.html#section6}{GPLv3}.
It may be helpful to have a copy of each license open while reading this
section.
\subsection{Binary Distribution Permission}
\section{Binary Distribution Permission}
\label{binary-distribution-permission}
% be careful below, you cannot refill the \if section, so don't refill
@ -305,7 +303,7 @@ in this section, but you may wish to refer back to this section after
reading the thorough discussion of ``Corresponding Source'' that appears
in \S~\ref{corresponding-source}.
\subsubsection{Option (a): Source Alongside Binary}
\subsection{Option (a): Source Alongside Binary}
GPLv2~\S~3(a) and v3~\S~6(a) embody the easiest option for providing
source code: including Corresponding Source with every binary
@ -340,7 +338,7 @@ Please note that while selection of option (a) requires distribution on a
physical medium, voluntary distribution via the Internet is very useful. This
is discussed in detail in \S~\ref{offer-with-internet}.
\subsubsection{Option (b): The Offer}
\subsection{Option (b): The Offer}
\label{offer-for-source}
Many distributors prefer to ship only an offer for source with the binary
@ -498,7 +496,7 @@ with your product but cannot actually deliver \emph{immediately} on that
offer when your customers receive it, you should expect an enforcement
action.
\subsubsection{Option (c): Noncommercial Offers}
\subsection{Option (c): Noncommercial Offers}
As discussed in the last section, GPLv2~\S~3(c) and GPLv3~\S~6(c) apply
only to noncommercial use. These options are not available to businesses
@ -508,7 +506,7 @@ the offer they received from the vendor; they must provide their own offer
or corresponding source to their distributees. We talk in detail about
upstream software providers in \S~\ref{upstream}.
\subsubsection{Option 6(d) in GPLv3: Internet Distribution}
\subsection{Option 6(d) in GPLv3: Internet Distribution}
Under GPLv2, your formal provisioning options for Corresponding Source
ended with \S~3(c). But even under GPLv2, pure Internet source
@ -543,7 +541,7 @@ v2. Indeed, many such important clarifications are included in v3 which
together provide a compelling reason for authors and redistributors alike
to adopt GPLv3.
\subsubsection{Option 6(e) in GPLv3: Software Torrents}
\subsection{Option 6(e) in GPLv3: Software Torrents}
Peer-to-peer file sharing arose well after GPLv2 was written, and does not
easily fit any of the v2 source provision options. GPLv3~\S~6(e)
@ -555,7 +553,7 @@ provision obligations for non-peer-to-peer binary distributions. Finally,
you should ensure that binaries and source are equally seeded upon initial
peer-to-peer distribution.
\subsection{Preparing Corresponding Source}
\section{Preparing Corresponding Source}
\label{corresponding-source}
Most enforcement cases involve companies that have unfortunately not
@ -568,7 +566,7 @@ you have followed those principles in your development, you can meet the
following requirements with ease. If you have not, you may have
substantial reconstruction work to do.
\subsubsection{Assemble the Sources}
\subsection{Assemble the Sources}
For every binary that you produce, you should collect and maintain a copy
of the sources from which it was built. A large system, such as an
@ -583,7 +581,7 @@ required for your Corresponding Source releases. Collecting
subdirectories of GPL'd and LGPL'd components is the first step toward
preparing your release.
\subsubsection{Building the Sources}
\subsection{Building the Sources}
Few distributors, particularly of embedded systems, take care to read the
actual definition of Corresponding Source in the GPL\@. Consider
@ -651,7 +649,7 @@ Details about what differs when the work is licensed under LGPL is
discussed in \S~\ref{lgpl}, and specific details that are unique to
GPLv3's installation instructions are in \S~\ref{user-products}.
\subsubsection{What About the Compiler?}
\subsection{What About the Compiler?}
The GPL contains no provision that requires distribution of the compiler
used to build the software. While companies are encouraged to make it as
@ -686,7 +684,7 @@ about where you got it, what version it was, and who to contact to acquire
it, regardless of whether your compiler is FOSS, proprietary, or
internally developed.
\subsection{Best Practices and Corresponding Source}
\section{Best Practices and Corresponding Source}
\S~\ref{best-practices} and \S~\ref{corresponding-source} above are
closely related. If you follow the best practices outlined above, you
@ -710,7 +708,7 @@ build system and no source tracking. Address these issues by installing a
revision system, telling your developers to use it, and requiring your
build guru to document his or her work!
\section{When The Letter Comes}
\chapter{When The Letter Comes}
Unfortunately, many GPL violators ignore their obligations until they are
contacted by a copyright holder or the lawyer of a copyright holder. You
@ -720,7 +718,7 @@ under the GPL\@. This section outlines a typical enforcement case and
provides some guidelines for response. These discussions are
generalizations and do not all apply to every alleged violation.
\subsection{Communication Is Key}
\section{Communication Is Key}
GPL violations are typically only escalated when a company ignores the
copyright holder's initial communication or fails to work toward timely
@ -752,7 +750,7 @@ generally find that FOSS developers and their lawyers are willing to
have a reasonable dialogue and will work with you to resolve a violation
once you open the channels of communication in a friendly way.
\subsection{Termination}
\section{Termination}
Many redistributors overlook GPL's termination provision (GPLv2~\S~4 and
GPLv3~\S~8). Under v2, violators forfeit their rights to redistribute and
@ -812,7 +810,7 @@ Given that much discussion of v3 has focused on its so-called more
complicated requirements, it should be noted that v3 is, in this regard,
more favorable to violators than v2.
\section{Standard Requests}
\chapter{Standard Requests}
As we noted above, different copyright holders have different requirements
for reinstating a violator's distribution rights. Upon violation, you no
@ -859,13 +857,13 @@ unlikely to find a better value or more generous license terms for similar
software elsewhere. Treat the copyright holders with the same respect you
treat your corporate partners and collaborators.
\section{Special Topics in Compliance}
\chapter{Special Topics in Compliance}
There are several other issues that are less common, but also relevant in
a GPL compliance situation. To those who face them, they tend to be of
particular interest.
\subsection{LGPL Compliance}
\section{LGPL Compliance}
\label{lgpl}
GPL compliance and LGPL compliance mostly involve the same issues. As we
@ -888,7 +886,7 @@ engineering for debugging such modifications'' to the library. Therefore,
you should take care that the EULA used for the Application does not
contradict this permission.
\subsection{Upstream Providers}
\section{Upstream Providers}
\label{upstream}
With ever-increasing frequency, software development (particularly for
@ -942,7 +940,7 @@ burden of the vendor's inattention to GPL compliance. Ask the right
questions, demand an account of your vendors' compliance procedures, and
seek indemnity from them.
\subsection{User Products and Installation Information}
\section{User Products and Installation Information}
\label{user-products}
GPLv3 requires you to provide ``Installation Information'' when v3
@ -984,7 +982,7 @@ with GPLv2, the license gives you clear provisions that you can rely on
when you are forced to cut off support, service or warranty for a customer
who has chosen to modify.
\section{Conclusion}
\chapter{Conclusion}
GPL compliance need not be an onerous process. Historically, struggles
have been the result of poor development methodologies and communications,
@ -1008,8 +1006,6 @@ ready-made for their products.
\vfill
\end{document}
% LocalWords: redistributors NeXT's Slashdot Welte gpl ISC embedders BusyBox
% LocalWords: someone's downloadable subdirectory subdirectories filesystem
% LocalWords: roadmap README upstream's Ravicher's Fossology readme CDs iPhone

2
comprehensive-gpl-guide.tex
View file

@ -97,7 +97,7 @@ attending the course.
\input{gpl-lgpl}
%\input{compliance-guide}
\input{compliance-guide}
%\input{enforcement-case-studies}