Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

> For legal reasons, we could not contribute directly (their patches)

What were the legal reasons?



Most likely what is documented at https://sqlite.org/copyright.html

> SQLite is open-source, meaning that you can make as many copies of it as you want and do whatever you want with those copies, without limitation. But SQLite is not open-contribution. In order to keep SQLite in the public domain and ensure that the code does not become contaminated with proprietary or licensed content, the project does not accept patches from people who have not submitted an affidavit dedicating their contribution into the public domain.

> All of the code in SQLite is original, having been written specifically for use by SQLite. No code has been copied from unknown sources on the internet.

They want to be freaking sure they are the original authors / they can release the code in the public domain.

Public domain is tricky and does not exist in the same way everywhere. Where I live, you just can't decide to put something in the public domain, you need to use something like CC0 [1]

[1] https://creativecommons.org/share-your-work/public-domain/cc...


This is the one case where NIH syndrome is warranted: Entangled legal issues & legal dependencies are no fun for anyone.


Why can they not just license the thing under CC0? Won't someone contributing implicitly understand that their contribution will also be licensed under CC0? This feels like it's more complicated than it needs to be.


Well for starters, SQLite is almost a decade older than CC0...


So? No reason they can't use it now.


Looks like this: https://www.sqlite.org/copyright.html

Kind of weird, couldn't they use a CLA?


It's not enough to guarantee the code has not been copied from somewhere / can be released in the public domain. The only way to have this guarantee is to write it yourself.


I suppose that's true, but that's no different from any other project, no? If I write a contribution to React that wasn't actually mine, it doesn't matter that it's just open source and not being released into the public domain, it's still a violation of the real author's copyright.

So if they've chosen a different risk model than essentially every other company doing open source software then that's up to them, but I'm not sure the need for it follows from it being public domain?


> I'm not sure the need for it follows from it being public domain?

There's something specific about the public domain that in many places, you can't just decide to release something in the public domain. I guess that's why they actually accept contribution but require an affidavit dedicating the contribution into the public domain. IIUC an affidavit specifically needs to be witnessed by taker of oaths, which probably ensures that the work can indeed be put in public domain.

Not sure it's the whole story, or even the main reason, or the correct analyze, though.


Ah, it sounds like there are a variety of laws throughout the world. It does sound like the US recently moved to allow digital signatures for this and related purposes though. See https://scarincihollenbeck.com/law-firm-insights/copyright-o...


> It's not enough to guarantee the code has not been copied from somewhere / can be released in the public domain.

FWIW, within the sqlite project we have a very strict policy against copy/paste of anything from outside sources. If we don't write it ourselves, it doesn't get added to the canonical source tree, no exceptions.


A CLA only covers the things you wrote, and while you ensure in the CLA that you only contribute things you wrote and are allowed to license to them, it is possible that you lie, so there is the danger (although a small one), that contributors might upload proprietary code written by others. IANAL




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: