When comex (http://twitter.com/comex) and saurik (http://saurik.com/) asked for it (via emails to email@example.com and firstname.lastname@example.org) around last November, I don't think they got any response from Apple —until this year. Then, Apple let them know that it would be up "within a week". I think the iOS 4.1 and 4.2 code actually went up about three weeks after they received that email.
saurik has even more examples of them not releasing the [L]GPL'd code near the top of this post: http://www.saurik.com/id/4 — "Frankly, I wouldn't be surprised at all if Apple ends up on the bad end of a GPL-related lawsuit."
(In my opinion, the fact Apple has posted any code for iOS 4.3 at this point is a big step in the right direction: they're not perfect yet, but at least they've got 8/10 of the projects up.)
The truly weird part, to me, is that with as much (L)GPL code Apple releases they don't seem to have an automatic, systematic system in place to handle that. Even for a project as big as iOS.
The only downside is that the "Checking for new software…" dialog takes fucking forever.
I suspect Apple prefers the simplicity and explainability of "here's the update, same thing for everyone" to "well if this smaller update didn't work in any of a huge variety of ways, you could optionally try this other update"
Do it by checksum. If the checksums don't match, then redownload the changed parts. This is also fully predictable, but it's also far faster.
Not once has Chrome botched itself during an incremental upgrade of itself.
I remember the Visual Studio setup team and their stories about the woes of trying to make downloads as small as possible. You're fighting with:
- wanting the file download to be one step
- what version (or sets of versions?) can you upgrade from? Does this include the one-off patches you were mandated to provide to top-tier (guaranteed bug turnaround time) Fortune 100 partners?
- how do you handle corrupted files or munged bits of the installation that were unchanged between versions?
The list goes on. You'd think things like Setup are boring, but trying to make the experience smooth and good requires and incredible amount of amazingly unglamorous work. It's one of those pieces of the product that nobody notices until it is slow/buggy/has picture of people who are way too happy to be using your product flash during installation.
Legality aside, it looks pretty bad from a human interaction perspective: "we took thousands of man-hours worth of code from the community, but we were too lazy to spend even one man hour to upload a tarball to our website and follow that community's wishes". The fact that they are legally-obligated to not act like that just makes it even worse.
At least, they would need to make sure that none of their proprietary code slips out. That likely involves more than "svn checkout; tar; ftp", maybe even lawyers to check it.
... and if Xcode isn't your thing, just run the script "build-webkit" ...
... build instructions in plain English here ...
I haven't read the LGPL lately, but is that a violation? Do they have to provide enough information to build your own copy?
"For a library, complete source code means all the source code for all modules it contains, plus any associated interface definition files, plus the scripts used to control compilation and installation of the library."
There's a practical aspect to the GPL, here. The spirit of the license is, "if I can't view, modify, build, use, and redistribute the software, it's a violation."
Because doing it manually every time ends up costing more man-hours than having an engineer or two bang up some check/upload script in a morning.
All GPL repositories live in this /gpl/ directory; it gets tarballed and gzipped and dumped into the /other/ location immediately prior to creating the build image.
Maybe Apple's got some whacked-out approach to code management brought on by some funky OS Classic approach, but I doubt it, they are smart people over there.
Despite the articles claim, Apple has not released the source in s timely manner for previous versions of iOS, instead waiting for it to be pointed out or for version N+1 or N+2 to be released first.
Nor, by the way, are they required to release it to any random user out there; they are only required to release it to people who receive the binaries (it's not clear if this must be honoured if the binaries aren't received legally, but I suspect it does).
They made it pretty obvious that they were speculating, and were not trained in law. What, is that illegal now? Is it bad form? Is it offensive? They make a fairly good point about allowing an infinite period of time, which adds to the discussion.
You, by insulting the poster needlessly and grossly missing the point of the post, have added nothing to the discussion.
I usually try to refrain from doing this, since I'm also adding nothing to the discussion, but this is becoming an alarming trend.
You and your sanctimonious defense of people's right to spout what you admit is nonsense are part of the problem. Part of a healthy culture, whether it's our culture at large or "hacker culture" is a respect for facts and thoughtful, informed opinions based on knowledge and experience. The "victim" of my comment is pissing all over a set of ideals that we should all hold sacred.
Aside from that, there are two other reasons to be more civil. One is that it's just a nice thing to do to treat people respectfully even (or especially) when you're telling them they're wrong. But if that doesn't persuade you, it's worth remembering that civility is explicitly required in the HN Guidelines.
A culture that prefers polite nonsense to harsh truth-telling is a weak culture. At the very least, both should be punished, but I don't see that here.
If it's so essential to hold our tongues unless we're formally qualified experts on a topic, there wouldn't be much discussion on HN. That would kind of suck.
"You may convey a covered work in object code form under the terms of sections 4 and 5, provided that you also convey the machine-readable Corresponding Source"
Unless you provide the source, you cannot provide binaries. That means that, unless the source is conveyed (or conveyable) Apple cannot offer binaries based on it.
All we need it a copyright holder to oblige Apple to obey the conditions under which the software is generously provided by the community for Apple to build their very successful products. Apple is free to use the free and open source software other people and companies offer provided they respect the licenses.
The GPLv2 reads: You may copy and distribute the Program ... provided that you ... Accompany it with a written offer, valid for at least three years, to give any third party, for a charge no more than your cost of physically performing source distribution, a complete machine-readable copy of the corresponding source code, to be distributed under the terms of Sections 1 and 2 above on a medium customarily used for software interchange.
Apple does provide access to the code upon request, though it's often not very timely ...
I wonder how untimely would it be to extend their delay forever.
Sad to say, but this is what I would expect from Microsoft, not Apple.
Thus, they're on clear only if they give the source code to anyone who asks. Apparently they don't: giving it "soon" is not giving the source code but merely stating a promise to do so which is not allowed by the license. Ditto for not responding.
See this thread: http://news.ycombinator.com/item?id=2521911
"You may obtain a complete machine-readable copy of the source code for the LGPL-licensed portions under the terms of LGPL, without charge except for the cost of media, shipping, and handling, upon written request to Apple."
My point is that if it takes a year to "process" such requests, it renders their promise to share the source kind of useless. Now we can argue about how many months would be acceptable, but I'm not sure there's much of a point in that. So a license that has some more specific rules regarding how such requests should be handled, would be an improvement.
Big companies don't treat others with kid gloves when it comes to licensing and copyright, so why should we take it from them?
However, I've made an attempt at understanding the source release obligations under the GPL and all I get from it is: When you release to the public, you've got to release the source. But at no point have I found a "it has to be released immediately."
The only clause I can see Apple potentially hiding under is Section 3.B of the GPL.
ie. as long as they have the door open for written requests all is well.
Can someone please clarify for me how the "well intended" spirit of the license works versus the real world legalities and requirements ?
If someone sues, would a court award damages for the copies distributed or enjoin distribution of iOS until they comply? I doubt anyone knows because AFAIK no case has ever made it that far. Typically (L)GPL disputes are settled long before they make it to court, because the cost of litigation for both sides is high compared to the remedy desired (release of modified source).
I wonder if there's a role for "Copyleft Trolls", i.e. litigators who acquire copyrights to GPL or LGPL source, then sue license violators with the intention of collecting damages rather than just compelling release? US copyright law allows statutory damages of up to $150,000 per work infringed. If each source file is a separate work, there could be a lot of money at stake. In other words, the Righthaven strategy applied to source code instead of newspaper pictures. Perhaps I should apply for a business method patent on that idea.
Edit: I would greatly appreciate an explanation of what is inappropriate about the above link.
When releasing a product with GPL/LGPL source, the requirement is to provide either the source or an offer to provide the source which corresponds to the exact version of the source code used in that product "on a medium customarily used for software interchange".
So, if there were tags in the webkit repository that said "iOS-4.3.2", "iOS-4.3.3", etc. then Apple could take a tarball of it and someone requesting source could be provided with the tarball and optionally a link to the correct tag in the repository.
However, waving in the general direction of the source repository and saying "it's all in there somewhere" doesn't constitute compliance. Even if one of the Safari versions tagged in that repository happens to be the exact source that ships in some iOS 4.x, Apple has to make that relationship clear because (AFAIK) iOS is the "product" in this case, not Mobile Safari, given that the two are indivisible from the end user's perspective.
(Again IANAL, so this is all mostly based on lurking the Gpl-Violations.org list, reading their Vendor FAQ, and dealing with some reluctanctly GPL compliant companies.)
Also, seriously, downvoting both GHFigs' and xentronium's comments is pretty lame, folks. (Feel free to downvote mine: I'll never see the score.)
And, for the record: Apple's provided source code (which /is/ heavily modified for the iPhone), when they do provide it, isn't even complete enough to compile (it is missing a bunch of code for the WAK* classes), so Apple has simply never been in compliance with this license.
Then if that gets no satisfaction you have your lawyer send the same letter. Then a nastier letter. Only then do you begin to think about preparing a lawsuit, which is expensive and probably overkill.
What you don't do is put up a passive-aggressive blog post. This post doesn't even tell us how many letters have been sent, or by whom, or to whom, or when. Have we even asked the support folks or the engineers, let alone Apple legal?
I can barely find the stomach to blame Apple's engineering team for prioritizing strict and timely license compliance somewhere below: Making their boss Steve Jobs happy, releasing features that paying customers care about, and sleeping. Fortunately, it is not my job to blame them. It is the job of Apple's legal department to blame them. Has anyone asked Apple's legal department?
Sleep is an important function the brain and body must perform to survive; I would never advocate sleep deprivation.
However, no, Mr Jobs and everyone else can wait as there is a legally binding license governing the release of the code. This is a rare completely black and white issue. The binary is released without the source -> license violation.
I don't think Apple would appreciate it if I downloaded iWork and instead of paying them said "Promoting strict and timely license compliance falls somewhere below sleeping".
Does anyone have a news story about Apple suing the (many, many) Apple software pirates? So far as I've heard, they don't even send very many nasty letters. Presumably not because they don't believe in paying for software, but because it's strategically unwise.
Anyway, if Apple fails to respond in timely fashion to a series of inquiries they can, indeed, eventually be sued, and maybe that will even be the best move. Perhaps a suit against Google will proceed at the same time:
Though in that case, as well, I doubt it will come to that.
(One of the many virtues of starting your own business is that you soon learn all about the practical limitations of contract law. People violate the letter of your contracts all the time. What are you going to do about it? The law is a relatively blunt instrument; it is expensive and difficult to bring it into play, often more difficult than your unpaid invoice is worth.)
Indeed. It seems like applications that have code from non-Google employees have changed, as well as the Linux kernel itself.
I think the blog post is part of the "not yet suing" process too, it tries to build a bit of pressure on Apple in the hope that no lawsuit will be necessary.
which they haven't.
They have released every other version and just haven't released the 4.3.x one yet. There is no indication that they refuse to release it ever, the site still says "Coming Soon" and it has still been < 2 months since 4.3 was released.
Yes, I understand that under the GPL they're supposed to release it simultaneously with the launch, which they failed to do, but is this really front page news?
Is Apple out of compliance with the license? Perhaps. Is this on my list of the ten thousand things I'm most concerned about? No.
And as for your assertion about Microsoft suing Apple in a heartbeat over a similar compliance issue, I think you don't know what you're talking about. Microsoft, to the best of my knowledge, hasn't sued anyone over the hundreds of MS patents they claim Linux violates. It took Apple a few years to get around to suing Samsung.
In other words, Companies' legal teams are usually subject to adult supervision by their CxOs. They don't just go around suing willy-nilly. Many lawyers see conflicts that lead to lawsuits as failures.
Reality is so surprisingly messy.
To put another way: if I were found to be pirating Mac OS X, Apple would be in the right to sue me for intellectual property violation. If I found them to be using my code outside of the license I provided it to them (and the rest of the world) with, I should be in the right to sue them for intellectual property violation. Is this not correct?
(EDIT: fixed problematic grammar)
The two parties eventually settled.
If Apple wants to own Webkit, then answer is simple: require a copyright assignment letter with each patch. Then they can relicense the code whenever they want.
Apple forked Webkit from KHTML. Google contributes to Webkit.
But that's completely besides the point. I just cannot imagine someone working on the same project and ready to sue fellow developer's company just because they did not release the source on the same day.
Then they can relicense the code whenever they want.
In the case of Webkit, Apple does not require copyright assignment. The code was not originally theirs - their version of Webkit is a fork of KHTML, and so the copyright from KHTML is in force. They have to follow the LGPL, because otherwise they have no legal right to use the code in their products.
That's all I'm saying: the question was "who has a legal claim over Webkit", and my answer was "everyone who's contributed".
The LGPL allows Apple to keep the rest of their stack that links against Webkit proprietary. However, they have to release their changes to Webkit.
Here is the exact wording from the LGPL v2:
These requirements apply to the modified work as a whole. If identifiable sections of that work are not derived from the Library, and can be reasonably considered independent and separate works in themselves, then this License, and its terms, do not apply to those sections when you distribute them as separate works. But when you distribute the same sections as part of a whole which is a work based on the Library, the distribution of the whole must be on the terms of this License, whose permissions for other licensees extend to the entire whole, and thus to each and every part regardless of who wrote it.
Quite right, but for this point of pedantry: Apple's fork of KHTML is known as WebCore. That part is LGPL. WebKit (the encompassing project) is BSD and always has been. Safari (the browser) is proprietary.
As far as I can tell, Apple's changes to WebCore are in the public repo. e.g.
Revision 85964, 48.1 KB (checked in by email@example.com, 63 minutes ago)
Just to clarify, that is how GPL licensed software works. There are a lot of different open source licenses that do not require anything.
Some things are easy because the license specifically permits it: you can GPL a BSD-licensed project, for example. In that case, the agreement from the copyright holders comes in the form of the terms of the license.
But I do believe it's supposed to be available from the day
the binaries are out.
"Accompany it" is the key phrase. The source needs to be released at the same time as the binaries.
Section 6 states:
" As an exception to the Sections above, you may also compile or link a "work that uses the Library" with the Library to produce a work containing portions of the Library, and distribute that work under terms of your choice, provided that the terms permit modification of the work for the customer's own use and reverse engineering for debugging such modifications.
You must give prominent notice with each copy of the work that the Library is used in it and that the Library and its use are covered by this License. You must supply a copy of this License. If the work during execution displays copyright notices, you must include the copyright notice for the Library among them, as well as a reference directing the user to the copy of this License. Also, you must do one of these things:"
And 6B specifically says:
"b) Accompany the work with a written offer, valid for at least three years, to give the same user the materials specified in Subsection 6a, above, for a charge no more than the cost of performing this distribution."
So, since Apple is not distributing just the library binary on its own, but rather as part of Safari, Section 6 excepts Section 4. And all they must do, according to 6B, is accompany the work with a written offer (which it does, see Settings/General/Legal) to provide the source. Since no one has specified that they've written to Apple and been denied, they are not in violation of the license.
In the case of Apple, they have made modifications to the library itself. They are then using the library, with modification, in Safari. Safari can be released under any license as outlined in section 5/6 but not the modifications. Those need to be released.
So the answers for "currently" and "cumulatively" differ at least by this metric. And the metric itself is questionable, as the blog post says.
(a) distribute the source code immediately,
along with the binary
(b) provide a written offer in which you promise
to distribute the source-code to anyone
who asks in a timely manner
I'm not in the know if Apple provided such offer, HTC on the other hand ...
And I'm pretty sure somebody requested it by now -- it's not like they are the only contributers to WebKit that would want to merge Apple's changes in master.
In the case of a lawsuit you also have to explain what took you so long to release the source-code -- timely manner is very relative, and in software when things move so fast a couple of months is not soon enough.
I do feel that Apple is somewhat morally justified and should be granted benefit of the doubt, in this particular case, since they invested in WebKit so much. But WebKit got so valuable precisely because it is open-source such that it can be a defacto standard for mobiles. Apple is also not the sole contributer, and they benefited from the work of others, so I don't see why they aren't playing nice.
Also, lots of double standards floating around -- I'm seeing some people that cried wolf on Google's actions regarding postponing the release of Android 3.0, although they are complying with the licenses involved and although they had perfectly understandable business reasons for doing so -- those people are actually trying to justify Apple's actions right now.
I don't know why we treat these stories like some kind of sport, in which everyone cheers for their favorite, but we do, although there isn't anything to gain unless you're a shareholder.
They do. In settings, General -> Legal one finds: