[riot-devel] openthread and riot - license issues?

Kaspar Schleiser kaspar at schleiser.de
Mon Oct 24 12:15:28 CEST 2016


Hi,

On 10/24/2016 10:59 AM, Martine Lenders wrote:
>     "WHICH LICENSES MAY NOT BE INCLUDED WITHIN APACHE PRODUCTS?"
> 
>     from [0]. But RIOT is not an "APACHE PRODUCT"... , :-)

> Well we do it the other way around, we include (in this instant I mean
> linking) a non-LGPL product within a LGPL product. The code itself isn't
> even included, but downloaded from source. AFAIK this is fine*.

I think what Alexander wants to point out is that above statement can be
misread as "Apache 2.0 and LGPLv2.1 are incompatible from Apache's
perspective.

Here [1] is an interesting thread which should clarify the issue.
In essence, the Apache foundation has a *policy* that *Apache foundation
projects* may not use mandatory LGPL'ed components, in order for
downstream users to not have to deal with LGPL's requirements.

That does not mean that the Apache License 2.0 ("AL 2.0") is
incompatible with LGPLv2.1.

I've contacted the FSF (again) to clarify our specific "AL 2.0 package"
problem, and I'm waiting for them to answer. But currently I read the
licenses as follows:

1. LGPLv2.1 does not consider a released binary as derivative work if
the LGPL'ed code is only linked to non-LGPL'ed code, and the distributor
of that combined work distributes the means necessary to replace and/or
debug the LGPL'ed part. As packages are available as source, this
constraint is satisfied, thus from the LGPLv2.1 perspective using AL 2.0
packages is fine.

2. AL 2.0 has a linking exception: "For the purposes of this License,
Derivative Works shall not include works that remain separable from, or
merely link (or bind by name) to the interfaces of, the Work and
Derivative Works thereof." Thus using an AL 2.0 as package is fine.

Kaspar

[1] https://issues.apache.org/jira/browse/LEGAL-192


More information about the devel mailing list