I have a query regarding the GPLv3 license of NodeBB and commercializing my final product
-
@scottalanmiller Indubitably.
Be all that as it may... a decent attorney is maybe $250-$500/hr, depending on geolocation data? So a couple hours consultation up front offers some advantage, at least defensive position wise, in an increasingly litigious world were might makes right and the little guy gets worked.
I trust we are all familiar with a certain Federal District Court in a certain part of Texas, eh?
To reiterate salient take aways:
- Indubitably. As Scott emphatically states; it should not.
- Any new biz venture w/any hopes of not loosing early in the game is well advised to develop some relationship legal eagle side. Not all are scum. Cultivate a relationship w/one you feel comfortable with. Document that you at made at least some effort at due diligence up front cuz it's a wacked out world out there, eh?
INAL... but I did get sued once by a mightier than thou bully boy. And prevailed w/o it costing me a small fortune. Not anything I'd want to repeat. But... Just sayin'...
-
@gotwf said in I have a query regarding the GPLv3 license of NodeBB and commercializing my final product:
So a couple hours consultation up front offers some advantage, at least defensive position wise, in an increasingly litigious world were might makes right and the little guy gets worked.
My guess is that you'll find that it's not a couple of hours. Either its a tremendous amount of time and extremely costly, or it doesn't CYA and is rarely going to be an attorney that knows this as well as decades of the industry.
Normal companies don't use an attorney for GPL basics. It's a dangerous path that, of course, lawyers want you to think that every line of code needs legal review.
I'm not against CYA and I keep an lawyer on retainer and use the constantly. But never for code license review, you could never afford software that way.
-
@gotwf said in I have a query regarding the GPLv3 license of NodeBB and commercializing my final product:
INAL... but I did get sued once by a mightier than thou bully boy. And prevailed w/o it costing me a small fortune. Not anything I'd want to repeat. But... Just sayin'...
Right, but did the lawyer correct you from making a mistake or just confirm that you didn't. And did that prep ahead of time protect you or would you have been the same regardless?
Bullies will come after you regardless. And a lawyer paid to rubber stamp the obvious shouldn't help CYA.
-
@scottalanmiller Jeeze. Everyone wants a debate today...
First off, hey, I already agreed w/you. The OP seems nervous about it so I suggested they talk to a legal eagle. Lawyers read things differently from normal folk. If the OP is really that nervous, and seems they are, a couple hours consultation wherein they can confidentially discuss details my well be worth the peace of mind.
Otherwise... not.
Second off, my incident was DMCA related, a far more complex can of worms.
We now return you to your regularly scheduled programming. Peace.
-
@gotwf said in I have a query regarding the GPLv3 license of NodeBB and commercializing my final product:
@scottalanmiller Jeeze. Everyone wants a debate today...
First off, hey, I already agreed w/you. The OP seems nervous about it so I suggested they talk to a legal eagle. Lawyers read things differently from normal folk. If the OP is really that nervous, and seems they are, a couple hours consultation wherein they can confidentially discuss details my well be worth the peace of mind.
Otherwise... not.
Second off, my incident was DMCA related, a far more complex can of worms.
We now return you to your regularly scheduled programming. Peace.
Yeah, DMCA is an enemy of the public - a tool to attack. The GPL is meant to protect the OP.
The advantage to a GPL code base is that lawyers have covered it a lot and that stuff is all available for free, no need to pay until you want a code review. For basic questions, it's all covered better by the experts who've been over it a lot, rather than one off first timers or whatever.
The risk is that a lawyer is almost certainly inexperienced in this as it's so rare that GPL has any need for council, but every lawyer is going to happily recommend spending many hours with them. But the GPL is so well known in tech circles and so well covered by lawyers for decades, there would actually be more risk to introducing a new lawyer to the mix because you always risk that they don't understand the material or are the wrong type of lawyer, and risk that they will just use the opportunity to generate huge bills without producing anything of value.
It's a little like insurance. Sounds good, but when you write code, often carrying insurance increases your chances of something going wrong and rarely covers anything that does go wrong. So the more insurance you have, often the more risk you have and the less cash you have to protect against it. It can easily have the opposite effect that it feels like it would have.
In general, I'm a HUGE "always have a lawyer" proponent. But with this kind of stuff, it's so basic to code writing and needed so continuously and only the dev has the code use insight to really know how it applies, that I think the lawyer is actually a risk, or at very least a waste.
-
The real question is.... why are we worried about the GPL that is designed and has been proved and well known for decades to ensure that the OP is safe to do what they want here - that's it's point... but ignoring the non-GPL MongoDB license that does NOT provide for commercial use?
It's not the GPL license here that is viral or scary. The GPL doesn't even come into effect in the situation described.
But MongoDB when used under normal conditions has a EULA that says anything using it is open source. So using NodeBB is of zero concern, but using MongoDB is a huge risk here and will easily get used "by accident" if it is installed.
There are ways to buy commercial use licenses, but you have to be aware of it. The GPL concern is really just 20 year old Microsoft FUD that they tried to use to scare people in the ear before they embraced open source and that has been long ago torn apart as being ridiculous. But the new, aggressive MongoDB use rights that are not related to MongoDB's code is the real concern and will almost certainly cause all or more problems than the OP is talking about and isn't even being discussed.
-
@scottalanmiller And damn good reason, in an ideal world, to find replacement for mongodb. Kind of sad Mongo chose this path. But oh, well, into each life some rain must fall. When I first started putz'ing about with NodeBb I spent significant effort chasing the elusive Postgresql unicorn variant... which ended being more headache than I was willing to endure. So I endure the Mongo curse as least of requisite evils.
-
@gotwf said in I have a query regarding the GPLv3 license of NodeBB and commercializing my final product:
@scottalanmiller And damn good reason, in an ideal world, to find replacement for mongodb. Kind of sad Mongo chose this path. But oh, well, into each life some rain must fall. When I first started putz'ing about with NodeBb I spent significant effort chasing the elusive Postgresql unicorn variant... which ended being more headache than I was willing to endure. So I endure the Mongo curse as least of requisite evils.
Yeah, it's been easy, fast, etc. But I'd love to see something else in use now.
-
@scottalanmiller we're finding that Redis and Mongo have their drawbacks, although for production builds in our SaaS and premium offerings, mongo has been rock solid.
I personally see the winds a-changin' wrt mongo licensing, and so we will either double down on psql or investigate other options, but no word on what direction we will go as of yet.
-
@julian said in I have a query regarding the GPLv3 license of NodeBB and commercializing my final product:
@scottalanmiller we're finding that Redis and Mongo have their drawbacks, although for production builds in our SaaS and premium offerings, mongo has been rock solid.
I personally see the winds a-changin' wrt mongo licensing, and so we will either double down on psql or investigate other options, but no word on what direction we will go as of yet.
Nothing is perfect. Other than the licensing, we've been super happy with MongoDB. But we've dropped it for all of our own products due to licensing problems. Just more risk and/or complication that we want to deal with.
ScyllaDB is worth an investigation. And, of course, PostgreSQL is always amazing and super universal.
We use tons of PostgreSQL for other kinds of workloads. And if you do PostgreSQL as the standard, you get CockroachDB by default, too.
-
@julian said in I have a query regarding the GPLv3 license of NodeBB and commercializing my final product:
Eh? What's cockroachDB, can it survive a nuclear blast?
Thanks for the recomendations, we'll consider them
I think that that's the reference, yes. It's a NoSQL database that is PostgreSQL API compatible. It's open source and free. It's definitely not as fast as PostgreSQL, but it has a great web GUI and is a "drop in" for PostgreSQL but with different behaviour characteristics. So PostgreSQL will be way better for normal NodeBB deployments, but if someone wants a geographically diversified server farm, CockroachDB will do that using NoSQL mechanisms behind the scenes. it's pretty cool.
CockroachDB | Distributed SQL for always-on customer experiences
CockroachDB is a distributed database with standard SQL for cloud applications. CockroachDB powers companies like Comcast, Lush, and Bose.
(www.cockroachlabs.com)