[wp-hackers] meenews: obfuscated code

Chip Bennett chip at chipbennett.net
Thu Nov 25 14:24:33 UTC 2010


On Thu, Nov 25, 2010 at 7:56 AM, Otto <otto at ottodestruct.com> wrote:

> On Thu, Nov 25, 2010 at 7:08 AM, Chip Bennett <chip at chipbennett.net>
> wrote:
> >> If you look at http://wordpress.org/extend/plugins/about/ You will see
> >> clause 5 of the requirements being if no license is specified it is
> >> GPLv2.
> >>
> >> Indeed it does say that, but that statement doesn't make it so.
> >
> > Only the *copyright holder* can specify the license of a copyrighted
> work.
> > So, if no license is specified, then *there is no license*.
>
> The copyright holder did specify the license. They did it by uploading
> it to the repository without an explicit license attached.
>

No. The failure to specify the license is what causes WPORG to *claim*
certain rights, primarily, the right to redistribute the code under the
terms of GPLv2.

If the copyright holder, for whatever reason, disagreed with that claim, he
could very easily get a court to rule in his favor. (Not that it would
matter; to my knowledge, if such a person were to request to WPORG that the
code be removed from SVN entirely, that request would be granted, anyway.)

>
> The plugin is assumed to be GPLv2 when it lacks a specific
> declaration. This is because the author (and copyright holder) of the
> plugin took affirmative action to not only submit it for inclusion but
> also to upload it to the repository using SVN. Given that the
> requirements are known, this action makes it implicitly  licensed, and
> as it states on http://wordpress.org/extend/plugins/about/, the lack
> of a stated license makes it GPLv2.
>

But *assuming* a license is not the same as being *granted* that license.

You likewise cannot *assume* that "the requirements are known" to the
copyright holder - especially for the reason that I pointed out already. The
SVN request page *does not include the requirements*, and does not require
any affirmative action on the part of the copyright holder that submitting
that form is in any way tied to acceptance of the "requirements". Likewise
for SVN-commit access.

There's nothing legally binding in any of this.

I'm not saying that it *couldn't* be done in a legally-binding way (in fact,
I'm sure it can - and in fact, I think it *should* be). I'm just saying that
the way it's implemented currently, it's not legally binding.

>
> You *can* declare a license on a work through an implicit action. You
> do not need to specify it outright. Look at the Terms and Conditions
> for many different sites, for example. Usually they contain a clause
> to the effect of "you grant us a perpetual, non-revocable, license to
> publish any material you submit to the service in whatever media we
> choose" or similar. This is a *license*, and by using the service, you
> agree to the terms. Yes, you retain copyright to your work, but the
> act of submitting it somewhere can indeed put a license on it.
>

Indeed such sites exist, with such terms and conditions. But they do so in a
way that is entirely different from what WPORG does with Plugins. WPORG
doesn't even contain even a semblance of the above-stated clause. WPORG
doesn't claim that the site has a particular license, it claims that the
copyrighted code is "explicitly" a certain license.

>
> We require explicit licensing in the themes directory not because it's
> necessary, but because we want to make theme authors aware of
> licensing and what it means.
>
> And because it ensures that the end user knows the license under which he
has rights for the Theme.

But, I would treat explicit licensing of third-party code as a necessity. It
is beneficial to copyright holders and end users alike, because it
eliminates the possibility of ambiguity or confusion for all parties.

Chip


More information about the wp-hackers mailing list