top | item 19338890

(no title)

granos | 7 years ago

I used to work for a company with a very large user base. On 2 separate occasions we found code with GPL2 notices. One was in a header file and the other was in a monitoring script (we were technically distributing this script because of our corporate structure and who was running the servers).

Management took the issue very seriously -- in both cases the code was pulled and the features rebuilt. Annual trainings were introduced to make sure people were aware of licenses and that they can't just pull in code without looking. The company actually contributes quite a bit to open source.

You're absolutely correct that most companies wouldn't take the risk. I've seen this taken so far as to need Legal approval for including any new libraries. Unfortunately a lot of developers don't understand what they are doing regarding licenses. They don't understand that they are taking a risk on behalf of the company when they include code with a copyleft license.

Every place I've ever worked for has used code in production with licenses requiring attribution, but it's very rare that I've seen it actually done.

discuss

No comments yet.