I found two apps that seem to be violating the AGPL license. They both use the AGPL-licensed lemmy-js-client library, which means the apps themselves should also use the same license (which is the whole purpose of Copyleft). But they aren’t. I don’t know if Lemmy developers and contributors are aware of this.

The apps:

https://github.com/ando818/lemmy-ui-svelte - Apache license

https://github.com/aeharding/wefwef - MIT license

What should we do about this as a community? I informed one of the app’s developers about this and it doesn’t seem like they care. I wonder if some of the proprietary apps that are being developed right now also rely on this library.

  • poVoq@slrpnk.net
    link
    fedilink
    arrow-up
    15
    arrow-down
    1
    ·
    edit-2
    2 years ago

    They are loading this library via NPM AFAIK, so it is not included in the repo. Of course the final compiled release should be AGPL, but they are free to use a more liberal license in their own repo as long as it allows combining with AGPL software.

    MIT for sure, but I think also Apache license (one way?) allows this so I think on license grounds this is ok. But IANAL.

    • warg@lemmy.ml
      link
      fedilink
      arrow-up
      9
      ·
      edit-2
      2 years ago

      That’s what I thought as well.

      If you just clone the repo there will not be any sources from the AGPL:ed source within the project, only a text mentioning the name.

      However if you build it locally, it will pull in the third party libraries. So as long as they aren’t distributing any built packages without a AGPL-compatible license, I don’t think they are doing anything wrong.

      (IANAL)