Is there an actual license file somewhere? Not only is the title of the page not necessarily authoritative enough, but public-domain dedication is not a thing in many countries, which is why CC-0 exists.
> but public-domain dedication is not a thing in many countries, which is why CC-0 exists.
Has there ever been a real instance of this distinction actually mattering? Has a German software company ever gotten into real trouble because they used American public domain code without a locally valid license?
It seems like an academic objection for lawyers to wring their hands about. Risk adverse organizations with investors will demand licenses for software like SQLite because a few thousand dollars to eliminate a minuscule remote risk is basically nothing to a software business. But does your average German FOSS hacker bother to buy a license to SQLite? Would that really be a rational use of their own money? I doubt it.
SQLite3 is in every phone and every laptop and... Do Apple, Google, etc. have to do something special in order to use SQLite3 in Germany? Have there been any court cases about this? Have there been any fines issued or paid over this? IMO the whole Germany-doesn't-have-public-domain thing is just FUD.
SQLite offers to sell licenses to organizations that worry about it, Apple and Google have probably bought such licenses to cover their asses in Germany just in case.
The courts might not make common law, but there could still be no court cases at all about public domain software, which would be pretty telling that those just don't come up even though there's an abundance of public domain source code.
That is true, still it has a comprehensive copyright page which includes this rather explicit permission:
> Anyone is free to copy, modify, publish, use, compile, sell, or distribute the original SQLite code, either in source code form or as a compiled binary, for any purpose, commercial or non-commercial, and by any means.
On some level, no open-source license matters, you are not going to get in trouble for stealing some rando's GitHub repository. In fact they would never find out.
However if this aspect is important enough to you that you put it in the very title of your site, you should probably do it in a way that actually works for people.
> However if this aspect is important enough to you that you put it in the very title of your site, you should probably do it in a way that actually works for people.
I assert that public domain does work for people, even Germans in practice. It doesn't work for risk averse corporations.
The point of a license is entirely to mitigate risk. I trust open-source developers to not go after me and my meager projects, but still I appreciate when they take the 2min needed to slap a legal-like document on their library.
When you refuse to do that, and decide to spend way more than 2min explaining your belief that this might not be required (though you are not a lawyer, have no court decisions to back it up, and have otherwise done a limited review of a few countries), you are making the conscious decision to go out of your way to increase the risk on me. I don't appreciate that, but does that really make me "risk-averse"?
American FOSS developers who put their code in the public domain are taking those 2 minutes to slap a legal-like document on their code. A short document telling other programmers that the code is public domain clearly communicates the intent and wishes of the author to other developers.
They're giving something to the world for free, with no strings attached, clearly communicated. But despite that, some people will complain because it wasn't done in precisely the correct way to keep corporate lawyers in a notoriously legalistic and pedantic foreign country happy.
Any legal-like document that mitigates risk for one parry does so by restricting another party.
So, its natural that people will choose not to do more of than they see as necessary to deal with speculative risks raised by third-parties who are often either not attorneys, or attorneys for people whose interests are not aligned with those whose action is sought, based on some foreign legal system with which thr actor is unfamiliar.
If you don't like what you are being offered for free, you are, of course, at liberty to move along.
I am also at liberty to offer a comment on it on this here comment section... If you feel like the point of this site is to offer silent upvotes, you are at liberty to do that.
Usually copyright is the author's right and only the author can enforce that right, so it would take the public domain author to sue users, which I suppose rarely happens.
Not sure. But I think SQLite won't look at contributions from non-public domain countries. I mean, they aren't really open to contributions anyhow, but being public domain was mentioned to me by Richard as a mistake they made that they've had to deal with.
> being public domain was mentioned to me by Richard as a mistake they made that they've had to deal with
This doesn't sound right. Did he explain to you why he thinks he's stuck with it? He has the legal right to release SQLite other some other license and does so when companies pay him for it.
Generally speaking, nothing about putting code in the public domain precludes collaborating with other developers. SQLite's caution against accepting contributions (even when the contributor is another American willing to sign over their contribution to the public domain) probably has more to do with Oracle being notoriously litigious and nasty. Not accepting contributions reduces the risk of one day being sued by Oracle, since it reduces the risk that Oracle IP might accidentally show up in SQLite. This would be a concern regardless of what sort of license SQLite used.
If you're not worried about that sort of thing, there is nothing which prevents an American FOSS developer from accepting public domain contributions from other developers.
Going from memory, he was warned by legal or something, that someone from a place where public domain didn't exist as a concept couldn't give them code and say it was public domain.
He's on here occasionally, so maybe he'll jump in but I think the issue is the contributors might not be able to put things into the public domain.
djb is also a German citizen https://cr.yp.to/cv/cv-20080915.pdf (Citizenships: USA; Germany; Native language: English. Language courses: French (advanced), German, Danish.)
This library has been around since 2008 and chances are you are using software that includes it right now, e.g., if your web browser used djb-derived cryptography included in your browser when connecting to HN.
If I wrote software using djb code and made money from it, and djb asked me for a percentage, then I would happily pay. The chances of that happening are probably nil, particularly the first part. Alternatively, if I wrote software using djb code and he asked me to refrain from doing something, then I would probably comply. He has a strong reputation for being right. Again, the chances of being asked for anything seem to be nil anyway.
Assuming devurandom.c, i.e., randombytes(), is used in djb-authored cryptography, which itself or close derivatives are now used widely, how many of the folks working on the projects listed at the web pages below are using public domain djb code without a license (I don't know the answer, I'm asking a question). One might guess by looking at these lists that the "status quo" is to accept djb's public domain designation.
OpenSSH uses djb cryptography for generating ed25519 keys, among other things. That uses randombytes() as in crypto_api.h above.
djb's randombytes() is simply a wrapper around /dev/urandom, OpenSSH's randombytes() in ed25519.c is a wrapper around arc4random_buf(). arcrandom_buf() is a wrapper around arc4random(). arc4random() uses djb cryptography placed in the public domain.
No idea what software the parent writes but as an end user I would prefer to avoid it since apparently they have to avoid widely used, publicly vetted code because it's in the public domain.
