Sublicensing - how to deal?

With fairly recent events, I got more aware of what “sublicensing” can mean. As a result, my very personal take has become to try to steer clear of anything where sublicensing is a thing in the future, but maybe I’m over-reacting?

After getting attracted by the EUPL through EUPL - a better choice for European citizens?, I found that it has contains words on sublicensing, which seem pretty broad.
I also read up on the Mozilla Public License, version 2.0 ('cause @ddevault mentions it a little here and there), and it does mention sublicensing too, but seems to do so in a much more limited way.

How are others thinking around this (admittedly quite narrow) topic?

Sublicensing isn’t necessarily a bad thing – it’s an important part of free software. It’s how software re-use is possible. One application of sublicensing is the Redis debacle, but another application is, say, vendoring Gecko into your project so that you can have a customized JavaScript runtime, or picking up just the functions you need from a library so you don’t need the whole dependency, or can use it as a starting point for something new. All of these use-cases depend on sublicensing.

Sublicensing is also quite common with copyleft, but it requires special provisions to account for, generally in the form of a whitelist of compatible licenses specified in the license text.

Oh, does this mean that the inclusion of pieces of code with a “compatible license” is an application of sublicensing too? I thought that was a separate unrelated thing…

EDIT: sorry if I appear dense… got a cold, brain is cotton.

Yes, that’s exactly it :slight_smile:

Don’t worry, it’s not a stupid question, these things are confusing.

1 Like