

NVD3 is back - maxaf
http://nvd3.org/statement.html
Please see Novus' official statement on nvd3 with an explanation, apology, and commitment to its permanent status as an open-source project. We know this was a shock and a major inconveniece, but we want to regain the community's trust and involvement. Please see the full statement at:<p>http://nvd3.org/statement.html
======
foobar2k
I call bullshit on their stated reason for taking it down

 _we believed it was prudent to take it down to undertake a code review to
assess if there were any issues_

There's a lesson here in making apologies. The best 360s and/or apologies are
unreserved, never give an excuse.

~~~
erre
I think their stated reason is very much to be expected: they are a financial
institution, their whole business model (and therefore mentality) is to act
quickly to decrease risk. Makes perfect sense that they would take it down
first and judge later.

I'm not saying it was the right thing to do, but it's consistent with what I
would expect, assuming the scenario is true (internal code, open-sourced
without some higher-up knowing about it, higher-up hears about it, freaks
out).

------
new299
It's great that they decided to open source it (again?). But in some ways it
would also have been interesting to see this go to court and establish a
precedent on the authority required to license software.

Whose signoff do you need? A developer, your manager?, the CEO? Is it enough
for people within the company to be "generally aware" of the fact. Seems like
an interesting question to me.

~~~
pyre
Sounds like they might have an official policy on how to release stuff as
open-source, but it wasn't followed.

~~~
new299
sure, but what I mean is legally how does that policy need to be established?
Does the CEO or board need to give individuals explicit authority to produce
license agreements?

Some random googling brought up:

"Executing Corporate Contracts. Except as otherwise provided in the articles
or in these bylaws, the board of directors by resolution may authorize any
officer, officers, agent, or agents to enter into any contract or to execute
any instrument in the name of and on behalf of the corporation." [1].

But does this apply to software licenses too? As a user of a software package
is there any reasonable way for me to determine that the correct legal
procedure has been followed. If the source has been out there under the GPL
for 9 months, could they still revoke the license because it wasn't
authorised? Or have they not done due diligence?

As a software engineer, what kind of authorisation should I be looking for?
Does it need to come from upper management?

Those are the kind of issues that might have come up in a court case, and
perhaps have been resolved to some degree (perhaps it's already been tested in
a previous case, and I'm unaware of it).

[1] [http://danashultz.com/blog/2010/06/28/who-can-sign-a-
contrac...](http://danashultz.com/blog/2010/06/28/who-can-sign-a-contract-for-
a-corporation/)

~~~
lmm
From your own link: (b) Any contract or conveyance made in the name of a
corporation which is authorized or ratified by the board, or is done within
the scope of the authority, actual or apparent, conferred by the board or
within the agency power of the officer executing it, except as the board's
authority is limited by law other than this division, binds the corporation,
and the corporation acquires rights thereunder, whether the contract is
executed or wholly or in part executory.

Also 313\. Subject to the provisions of subdivision (a) of Section 208, any
note, mortgage, evidence of indebtedness, contract, share certificate, initial
transaction statement or written statement, conveyance, or other instrument in
writing, and any assignment or endorsement thereof, executed or entered into
between any corporation and any other person, when signed by the chairman of
the board, the president or any vice president and the secretary, any
assistant secretary, the chief financial officer or any assistant treasurer of
such corporation, is not invalidated as to the corporation by any lack of
authority of the signing officers in the absence of actual knowledge on the
part of the other person that the signing officers had no authority to execute
the same.

Obviously that only applies to California, but the first sounds like you only
have to verify that the person releasing to you appears to have the authority
to do so; the second one specifically mentions vice presidents so it might be
best to get a release from that level.

One wrinkle I'm aware of here in the UK is that you can't have a binding
contract if one party receives no consideration for it. So you're on much
firmer legal ground if you can arrange to pay $1 for your license.

IANAL

------
nthitz
Good to see a (hopefully) happy ending to this story. Good on you Novus for
doing the right thing!

~~~
mrchess
I wonder what happened to Bob. He isn't even a contributor.

~~~
bobmonteverde
I'm still here, and ready to continue contributing

~~~
mrchess
Awesome! Was afraid something bad happened.

------
billyjobob
It says that they regret attempting to revoke the GPL (which goes with out
saying, since they got huge negative publicity) but it doesn't seem to
acknowledge that revoking the GPL is not possible. Therefore there is nothing
to stop them trying this again if they ever think no one is watching. I
wouldn't rely on this software for anything mission critical.

~~~
jordanthoms
There were interesting legal questions before to do with how an unauthorized
release affects things - but this clearly an official release so that doesn't
apply. If the GPL licence is valid, it clearly cannot be revoked.

~~~
gamegod
IANAL but I presume the corporation is the copyright owner, not the developer.
The developer is not authorized to act on behalf of the copyright owner.

------
misiti3780
Great:

A couple of that examples dont work though:

<http://nvd3.org/ghpages/stackedArea.html>

<http://nvd3.org/ghpages/multiBarHorizontal.html>

etc.

~~~
maxaf
We've experienced a (seemingly unrelated) GitHub Pages snafu that ended up
borking the original nvd3.com. What you see on nvd3.org now is a cheap
knockoff that will be fixed.

------
pebb
Looks like they got owned by this:

QUOTE

    
    
      I'm one of the 30 other individuals that acutally patched and commited changes for Bob to include in nvd3.js; I'm looking for contacts for the other 29 contributors.  (Please contact me at using the feedback form on congocart.com or master-technology.com) I would like one of us (I'm willing to volenteer) to contact Mr. Qunibi of Novus partners in a position of consensuses from those who actually have code in the product.
    
       My thoughts that would I believe be amicable (i.e. win/win) to both sides is that they can have our permission to take ALL of our changes closed source in the own future versions as long as we also (the community) may use the last release under the open source (Apache) license it has been under since shortly after it was released on there official novus github account and go our own separate way.   I know my changes were really early to the library and some of my code may not even exist anymore (lol).   
    
        But I believe the cost for them to audit the whole library and rip out all of our changes and rewrite it all could be major -- I believe Bob could legally remove all of our code; but for the actual re-implementation Bob would have to hand it off to someone to do a fully clean-room version to make them legally safe from being sued.   And that could be very costly in time and resources.   Cost wise for them It might even be cheaper for them to ditch the last 6-7 months of changes and to just revert to the version before my patch/commit (which was issue #3  <G>).     So I think we might be able to make this a win/win proposition if I can get the consensuses of the other 29 contributors.   
     Nathanael A.

~~~
lloeki
Please people, make things readable [0]:

    
    
        I'm one of the 30 other individuals that acutally patched and commited changes
        for Bob to include in nvd3.js; I'm looking for contacts for the other 29
        contributors.  (Please contact me at using the feedback form on congocart.com
        or master-technology.com) I would like one of us (I'm willing to volenteer) to
        contact Mr. Qunibi of Novus partners in a position of consensuses from those
        who actually have code in the product.
    
        My thoughts that would I believe be amicable (i.e. win/win) to both sides is
        that they can have our permission to take ALL of our changes closed source
        in the own future versions as long as we also (the community) may use the
        last release under the open source (Apache) license it has been under since
        shortly after it was released on there official novus github account and go
        our own separate way.   I know my changes were really early to the library
        and some of my code may not even exist anymore (lol).   
    
        But I believe the cost for them to audit the whole library and rip out all
        of our changes and rewrite it all could be major -- I believe Bob could
        legally remove all of our code; but for the actual re-implementation Bob
        would have to hand it off to someone to do a fully clean-room version to
        make them legally safe from being sued.   And that could be very costly in
        time and resources.   Cost wise for them It might even be cheaper for them
        to ditch the last 6-7 months of changes and to just revert to the version
        before my patch/commit (which was issue #3  <G>).     So I think we might
        be able to make this a win/win proposition if I can get the consensuses of
        the other 29 contributors.   
        Nathanael A.
    

[0]: Use what's best for you, but I pasted in vim, then 5gqq 8G=G gg>G

~~~
iso-8859-1
where can I read how that Vim command works?

~~~
hahainternet
The numerical prefix repeats commands in vim, so '5gqq' means '5 times, format
line'. The default format will wrap the text to an acceptable level, and 5
lines encompasses the 3 text lines plus the whitespace. The command 'gqq' here
is a single one, you can read more with ':help gqq'.

8G moves to line 8, and =G is a command combined with a movement. The =
command by default will remove any indentation on these lines, and the 'G'
movement means 'to the end of the file'. This will remove the indentation from
the 2nd and 3rd lines/paragraphs and the signature.

gg means 'move to top' and >G is another action/movement. > indents lines, and
G means 'to the end', so this indents every line by one.

Hope that helps.

~~~
iso-8859-1
Thanks

