
Tell HN: Discord is violating open source licenses - alexhultman
As you might understand, having your own private open source library used by Discord is something big. Something that makes your effort worth while. So you download the distribution and look for your own, hard earned, copyright notice. Well it&#x27;s not there because fuck you.<p>What I found by downloading the (Linux) Discord client from discordapp.com was that they clearly were distributing source copies of my project, but it had no license or copyright mentioning me (which is required). I also found that they are distributing ffmpeg binaries but I couldn&#x27;t find any matching LGPL license or source code in the distribution.<p>So of course I contacted them. First via GitHub where I have reached them before, and then two times via their support people on their home page. I get about the same response as any one else: &quot;I&#x27;m sorry but we cannot help you. Were you satisfied with the support response?&quot;.<p>It&#x27;s not okay for companies to pull their pants down and take a big dump on your personal work. Not when they clearly do not even bother with complying with basic open source exchanges. If I write something I want to be properly mentioned as is required in my very license.<p>Discord, is this so fucking hard to understand?
======
b1naryth1ef
(Discord Dev here)

Hey Alex, this definitely sounds like a miss on our part, so apologies.

As you know, we're fans of uws and not including the original license was a
screw-up in our automation. We're working on fixing it and immediately
releasing it with the proper license. I've also asked support to follow up
with you directly in case there are further issues.

For the contact, either opening an issue on one of our repos or emailing our
legal team (abuse@discordapp.com) would have been guaranteed to get you an
accurate response. Unfortunately the verbiage you used in the email is very
similar to that used in other support tickets we get for our API, and our team
(as they did in your case) forwards users on to our API chat which can provide
more in-depth/advanced support.

~~~
socmag
It's nice to see you've reached out to Alex publicly.

Any time someone or an organization brings in someone else's code and makes
use of it, no matter what the license we really need to recognize that, it's
just the morally responsible thing to do.

As far as ourselves, we're definitely using uWS and that is not going to go
without recognition.

Nobody should need to "open a ticket", send an email or post on HN to get that
sorted.

npm install and git clone making it way too easy for people not to give a crap
about the works of others.

Good to see you guys are doing the right thing, uWS is a serious piece of tech
and well worth recognition.

------
Etheryte
For anyone else slightly confused at first: the Discord Linux release
([https://discordapp.com/download](https://discordapp.com/download)) includes
uWebSockets in ./resources/bootstrap/discord_rpc/uws.js.

This is only the JS source code and there is no licensing information attached
whatsoever.

This directly conflicts with uWebSocket's licence
([https://github.com/uWebSockets/uWebSockets/blob/master/LICEN...](https://github.com/uWebSockets/uWebSockets/blob/master/LICENSE)),
which clearly states:

 _" 3\. This notice may not be removed or altered from any source
distribution."_

~~~
peterwwillis
One of the reasons the GPL is suggested to be applied to every source file is
to make sure people don't miss it, which can cause issues like this (the other
reason being to fully convey exclusion of warranty)

------
nemothekid
> First via GitHub where I have reached them before, and then two times via
> their support people on their home page.

I don't know why you thought dev/tech support would be the path you go down.
This is a legal issue, so if this matters to you, send them a legal notice.
I've done the work of exporting their contact for you abuse@discordapp.com
(from [https://discordapp.com/tos](https://discordapp.com/tos))

~~~
geofft
Informally, sending a question via legal avenues is a good way for a company
to go into "Our lawyers will be in touch, we can't say anything more on advice
of counsel" mode - if you think a question can be satisfactorily resolved
without lawyers (and I'd hope that "can you follow the rules" is a question
that most people can answer with "yes"), everything will be more pleasant on
all sides if the company doesn't go into lawyers-only mode.

Formally, neither the (US) legal code nor the zlib license says that you need
to contact a violating company via some particular channel. A company is a
single legal entity, and if you've contacted them somehow, you've contacted
them, and they're now willfully violating the license.

Practically, abuse@ seems wrong; that's likely to reach an abuse department
(which is just a specific support role that's empowered to do a specific
subset of tasks), not a legal department.

~~~
dsp1234
More specifically, the abuse@ is clearly their DMCA department, whose response
is very likely to be something along the lines of, "this isn't a valid DMCA
complaint, please review the instructions at X, and submit the appropriate
documentation. Once we have that, we'll remove the 3rd party content."

------
vecplane
The library in question would be uWebSockets?

[https://github.com/uWebSockets/uWebSockets](https://github.com/uWebSockets/uWebSockets)

~~~
TheDong
If so, that's the zlib license, which requires no acknowledgement for binary
distributions.

If they distributed the sourcecode, they'd have to include the license, but
the zlib license has nothing to say about compiling it in.

~~~
alexhultman
They are distributing both binary (no problem here) and source (problem).

~~~
charlesdm
Maybe I'm an idiot, but I don't see any problems?

——————————

Copyright (c) 2016 Alex Hultman and contributors

This software is provided 'as-is', without any express or implied warranty. In
no event will the authors be held liable for any damages arising from the use
of this software.

Permission is granted to anyone to use this software for any purpose,
including commercial applications, and to alter it and redistribute it freely,
subject to the following restrictions:

1\. The origin of this software must not be misrepresented; you must not claim
that you wrote the original software. If you use this software in a product,
an acknowledgement in the product documentation would be appreciated but is
not required.

2\. Altered source versions must be plainly marked as such, and must not be
misrepresented as being the original software.

3\. This notice may not be removed or altered from any source distribution.

——————————

a) This software is provided ‘as-is’, and as the author, you are not liable
for damages if someone uses your library for something crazy.

b) Anyone can freely use it, for any purpose, with following restrictions:

1\. “If you use this software in a product, an acknowledgement in the product
documentation would be appreciated but is not required.”. They decided not to
acknowledge the use of your library. You explicitly said this is OK.

2\. Altered source code -> probably not.. it’s a web socket handling library.

3\. This notice may not be removed. They have probably not removed it from
their source code, given they distribute a binary.

~~~
alexhultman
Can you find this notice in their distribution? I have looked in their client
UI and in their client tar.gz but I cannot find anything. I can however easily
find my project in there (I would think the license would be nicely placed
where the sources are).

~~~
packetized
Can you share where you found the project files in the client tar.gz?

edit: Found it, uws.js in resources/bootstrap/discord_rpc.zip

edit2: This is arguably worse, but the argument may be "it's a compiled
binary":

    
    
      -bash-4.1$ strings discord_rpc.node | grep uws.*cpp$
      ../../discord_common/native/third_party/uws/nodejs/addon.cpp
      ../../discord_common/native/third_party/uws/nodejs/addon.cpp
      ../../discord_common/native/third_party/uws/src/EventSystem.cpp
      ../../discord_common/native/third_party/uws/src/Extensions.cpp
      ../../discord_common/native/third_party/uws/src/HTTPSocket.cpp
      ../../discord_common/native/third_party/uws/src/Network.cpp
      ../../discord_common/native/third_party/uws/src/Server.cpp
      ../../discord_common/native/third_party/uws/src/UTF8.cpp
      ../../discord_common/native/third_party/uws/src/WebSocket.cpp
      ../../discord_common/native/third_party/uws/nodejs/addon.cpp
      ../../discord_common/native/third_party/uws/src/HTTPSocket.cpp
      ../../discord_common/native/third_party/uws/src/WebSocket.cpp
      ../../discord_common/native/third_party/uws/src/EventSystem.cpp
      ../../discord_common/native/third_party/uws/src/Extensions.cpp
      ../../discord_common/native/third_party/uws/src/Network.cpp
      ../../discord_common/native/third_party/uws/src/Server.cpp
      ../../discord_common/native/third_party/uws/src/UTF8.cpp
      -bash-4.1$

~~~
dsp1234
_edit2: This is arguably worse, but the argument may be "it's a compiled
binary":_

discord_rpc.node is an ELF file. It's hard to see how that would not be
considered a binary distribution (if it was that file alone, and not being
distributed with source files)

~~~
packetized
You're correct, I was a bit too quick on the 'reply' button there.

------
packetized
Would you mind sharing with HN the data that you shared with the Discord team?
I'm afraid that you didn't link what the project was, or how exactly it's a
"private open-source library", which seems like a self-contradictory
statement.

------
devwastaken
From the attitude many discord devs have shown in their channels towards other
devs, this doesn't surprise me. Unless you make bots for discord, there is
little respect. Especially if you're creating your own UI features that
Discord just 'happens' to implement once they get popular. While
simultaneously turning around and bashing said platform it was possible in in
the first place.

Also, dev/tech support is absolutely the correct path in many cases, because
they /lead/ you to legal, if necessary. Why users are claiming otherwise does
not reflect the purpose of having a support network. Infact,
abuse@discordapp.com is much more for actual abuse of discord TOS, not
directly legal matters. I could easily turn it around and ask why anyone would
think /that/ is the correct contact.

~~~
alexhultman
Right, I agree 100%. Support should be able to direct the communication to
where it makes sense. I cannot be hanging out on Snapchat or follow them on
Twitter or things like that, I just need support for my issue.

It truly is a world for the rich - money makes money. Censor and sue
everything that goes in your way. Get bigger, sue more. Get richer. Disregard
everything in your path.

------
rodionos
They're on the Widely Adopted list [0] for the library.

I would give them extra time to respond. I don't see a valid reason or
motivation on their part not to fix it.

0: [https://github.com/uWebSockets/uWebSockets#widely-
adopted](https://github.com/uWebSockets/uWebSockets#widely-adopted)

------
hd4
If you don't get a satisfactory response from contacting them as nemothekid
said, contact the EFF

[http://www.eff.org](http://www.eff.org)

~~~
geofft
The EFF are wonderful people but this isn't quite their usual business. I'd
probably contact the Software Freedom Conservancy or the Software Freedom Law
Center, who engage in free-software compliance efforts (including, if
absolutely necessary, lawsuits).

------
Oscaron
They just amended it in their fork:

[https://github.com/hammerandchisel/uWebSockets/commit/cf2ebb...](https://github.com/hammerandchisel/uWebSockets/commit/cf2ebba898b81ac5b36ea4d583944d5e4938ec9b)

~~~
Oscaron
NVM. I see they responded.

------
packetized
Of note, they also appear to have forked a version of uWebSockets from Sep
2016 [0] in their Github org.

0:
[https://github.com/hammerandchisel/uWebSockets](https://github.com/hammerandchisel/uWebSockets)

~~~
LennyPenny
Looks like they include the license now

[https://github.com/hammerandchisel/uWebSockets/commit/cf2ebb...](https://github.com/hammerandchisel/uWebSockets/commit/cf2ebba898b81ac5b36ea4d583944d5e4938ec9b)

------
jacquesm
Then sue them.

~~~
alexhultman
I like your style

------
alexhultman
So this post gets 60 upvotes in 30 minutes and is immediately censored by HN
and taken off the front page. Right, thank you very much for stealing my work,
giving me no credit and then censoring my appeal.

~~~
peterwwillis
Did HN steal your work?

~~~
alexhultman
Hello, troll

~~~
peterwwillis
I'm not trolling you, i'm asking you what HN has to do with this. You got all
huffy at HN for not featuring your post crying about a license and then
implied HN is at fault for stealing your work and then "censoring" you. Get
off your high horse and try not to act like an emotional child if you want
people to take you seriously.

