-
Notifications
You must be signed in to change notification settings - Fork 173
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Remove or relicense EPL-2.0 only dependencies #1625
Comments
keyed-set
For some transparency, the licensing did require a conversation with my company's legal team, whereas normally these things are entirely frictionless. However, here is what we determined:
I will leave this issue open because I still think it would help zenoh's adoption to remove or relicense these transitive dependencies, but feel free to close it if its not something the zenoh team is willing to do. Thank you for your patience with this issue, and thank you for zenoh! Its a very impressive piece of software. |
Hello @TheButlah, you may want to reach out ZettaScale at [email protected] since more options are available for the commercial version of Zenoh. |
Hi @kydos, my post is about issues in zenoh's licensing potentially limiting zenoh's adoption. Calls to subscribe to commercial versions is exactly the type of thing that I'm worried about :) Regardless, my company is moving forward with the existing license of zenoh, as described above. We believe the licensing of its transitive dependencies is not ideal but also is low risk. |
Describe the bug
the following crates that zenoh depends on are EPL-2.0, and not dual licensed like zenoh is. That means that consumers of zenoh will be forced to comply with the EPL-2.0 license, which is weakly copyleft and more importantly, is an uncommon license and has indemnity clauses that other licenses do not have. In particular, these indemnity clauses give additional legal burdens on users of zenoh, especially if they talk about how they use zenoh in their products. The odd nature of the license will prompt companies adopting zenoh to have tedious conversations with their legal teams, some of which will not be willing to take the risk.
Would zenoh consider either removing these dependencies or asking the authors to relicense under a permissive license?
Dependencies that are EPL-2.0 only:
keyed-set
ring-buffer-spsc
token-cell
validated_struct
validated_struct_macros
The text was updated successfully, but these errors were encountered: