[Owasp-leaders] Open source licence advice

Dr. Dirk Wetter dirk.wetter at owasp.org
Thu Jan 27 05:33:08 EST 2011


this is probably not the answer you like but license compatibility and
avoiding somebody selling it sounds definitely like legal battle ground.

IANAL, however e.g. Apache v2 is to my knowledge not compatible with GPLv2
however with GPLv3. For LGPL (v2/v3) it might depend on the version and
what is done with the component within ZAP. You also cannot just change
licenses of code you don't own.

Only my 0,02 €


psiinon schrieb, Am 01/27/2011 10:59 AM:
> Hi folks,
> OK, so this isnt about the summit, but maybe it will be a bit of light
> relief ... or maybe not ;)
> Just wondering if anyone can advise on open source licences compatibility.
> I'm _not_ asking for strict legal 'you wont be sued' advice (although
> obviously that would be great;) just pragmatic feedback.
> Background for those who've read this far:
> The Zed Attack Proxy is based on Paros which was licensed under the
> Clarified Artistic Licence.
> We now include other components which are licensed under a variety of
> other ways, like Apache v2, LGPL.
> I dont really care what open source licence we use as long as it means
> people feel comfortable using ZAP in any way they want (apart from
> selling it;) and we dont abuse the licences of the other components we
> use.
> We currently use Apache v2, but one of the other devs is worried that
> might clash with some of the other licences.
> Any thoughts?
> Many thanks,
> Psiinon
> _______________________________________________
> OWASP-Leaders mailing list
> OWASP-Leaders at lists.owasp.org
> https://lists.owasp.org/mailman/listinfo/owasp-leaders

More information about the OWASP-Leaders mailing list