Skip to content

Update Introduction to Open Source License Compliance Management (LFC… #138

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
myagi2019 merged 1 commit into from
Mar 18, 2026
Merged

Update Introduction to Open Source License Compliance Management (LFC… #138

Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
6 changes: 4 additions & 2 deletions ...e Content/Introduction to Open Source License Compliance Management (LFC193).md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -297,7 +297,9 @@ Depending on the Open Source license(s) involved, your compliance obligations ma

### Open Source Compliance Issues that May Occur During the Distribution of Software
Copy link
Collaborator

@winterrocks winterrocks Mar 18, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This heading is something that we could/should reword a bit.
The chapter is talking more about "hidden" or "silent" "distribution or possible network license (AGPL (also SSPL, but that's not an open source license) issue and this heading does not really reflect that.

Some ideas (quick and needs to be discussed with broader group):

  • Open Source License Compliance Issues with network licenses and silent client-side code executions
  • Open Source License Compliance Issues with AGPL and similar license and executing JavaScript or similar code on client side browsers

Copy link
Collaborator Author

@myagi2019 myagi2019 Mar 18, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

opened issue - we can discuss in next call.

Copy link
Collaborator

@winterrocks winterrocks Mar 18, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

opened issue - we can discuss in next call.

Good. I think that after a couple of months not looking at the material, new "issues" come up.


For some Open Source licenses, access via a computer network can “trigger” license conditions. For example, in the case of applications downloaded to a user’s machine or mobile device and JavaScript, web client, or other code that is downloaded to the user’s machine or browser. All versions of the [Affero General Public License (AGPL)](https://en.wikipedia.org/wiki/GNU_Affero_General_Public_License) require providing modified source code if “users interact with it remotely through a computer network.”
Some Open Source licenses include conditions that are triggered when software is accessed or used over a computer network. In these cases, license obligations may apply even if the software is not distributed in the traditional sense. For example, server-side applications accessed through a web interface can activate these requirements. Under all versions of the [Affero General Public License (AGPL)](https://en.wikipedia.org/wiki/GNU_Affero_General_Public_License), if users interact with a modified program remotely through a computer network, the service operator should make the corresponding source code available to those users.

Additionally, services that (automatically and silently) deliver executable code such as JavaScript or other client-side components to a user’s device or browser from a server, is often overlooked and can also trigger license conditions.
Comment on lines +300 to +302
Copy link
Collaborator

@winterrocks winterrocks Mar 18, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

These are good changes. Heading (see the comment above) is something we could tweak a bit, but maybe for the next LFC193 update.


### Open Source Compliance Issues that May Occur with Untracked Modification

Expand Down Expand Up @@ -618,7 +620,7 @@ What is static linking? (TRUE/FALSE - PLEASE ADD FALSE QUESTIONS ***LIKE THIS***

In the context of Open Source license compliance which of the following questions are important to ask around the distribution of software? Select all answers that apply. (MULTIPLE CHOICE - PLEASE ADD FALSE QUESTIONS ***LIKE THIS***)

- Who is the software component distributed to?
- Who is the software component distributed to (i.e. distributed internally or externally to the Organization)?
Copy link
Collaborator

@winterrocks winterrocks Mar 18, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Good clarification!

- ***To which countries the software is distributed?***
Copy link
Collaborator

@winterrocks winterrocks Mar 18, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

It is good that the question has: "In the context of Open Source license compliance".

- How is the software component distributed?
- Is source code included or offered?
Expand Down