top | item 30086949

(no title)

It is listed as MIT in the package.json, the LICENSE file, and the plugin.xml file. That’s more than reasonable enough to consider it MIT, and that’s where license information would be picked up by e.g. any license-scanning tools.

With the multiple contradictory statements, even just within the README, though, my company’s lawyer would say we can’t use this dependency at all if I showed it to them.

discuss

y4mi|4 years ago

Afaik, the MIT licence grants you the freedom to do whatever you want with this code.

This code is written to share revenue with the author after a threshold, but that's merely the application/code working as intended.

You're free to fork the code, remove this sharing and republish the dependency under another name for example, that's the only thing that MIT is about

vertex-four|4 years ago

The argument in this thread is that you can’t, and you agreed to the other License Agreement. See the root comment, which thinks that this code is not under the MIT license.

kroltan|4 years ago

I agree in principle. It is bad form to not try to respect industry conventions.

However, blaming "e.g. any license-scanning tools" is not correct either, since that would be clearly a limitation of the license tool, encoding assumptions of location and standardization that are nothing more than convention. I mean this in the sense that if you went to court and your excuse was "my tool didn't pick that up", you would probably not be victorious, since the terms were laid out clearly for human consumption.

And I agree, a lawyer would not want to use this dependency, but it shouldn't take a lawyer to do that. You are responsible for the legal implications of using anyone else's software.