| HN Mirror

Ignoring the ad hominem attacks, I appreciate your attempt to clarify the situation. However, you are factually wrong about Oracle's position, because they actually offer two different builds of Java - one that is GPL'd (with classpath exception) and one that is commercial[1]. I take the first claim seriously because it's downloadable as a tar.gz file without any license acceptance. However "GPL" is another thing that causes worry among the C-levels (and myself). A superficial reading might be that Oracle's JDK does not come with the GPL encumbrance. But this also raises the question: what differs between the various JDK builds? And again, what is the legal status of "OpenJDK" particularly WRT Oracle?

I personally don't think these are stupid or trivial questions. Nor do I think the answers are obvious. Nor are they nonsense FUD. I am certainly NOT an Oracle partisan - I saw first hand what they did with Sun.

1 - https://jdk.java.net/17/

> A superficial reading might be that Oracle's JDK does not come with the GPL encumbrance.

This is the whole point of the "classpath exception". You can run, build and distribute Java programs under any license you choose.

> But this also raises the question: what differs between the various JDK builds?

Very little typically. Some like RedHat or Amazon enable extra options, like the Shenandoah GC. The big difference is who you contact for support.

> what is the legal status of "OpenJDK" particularly WRT Oracle?

I'm not sure what this question even means, but frankly given Microsoft, IBM and Amazon are all building and distributing their own builds of OpenJDK I don't think there are any significant legal issues, these are all companies with teams of lawyers on retainer.

How about this: what is "OpenJDK"? It used to be an independent open-source clone of the Sun-then-Oracle implementation of the JVM/JLS/JSR specs under a liberal license. Now it seems to mean something different - like a working group that manages the specs, but no longer has a build of it's own. By convention, it seems that Oracle's "OpenJDK build" is the "default" OpenJDK build, but Oracle also provides a "commercial build", which is also, confusingly, an implementation of "OpenJDK".

Meanwhile other vendors have "OpenJDK" builds: Amazon (corretto), Red Hat, etc. This means that they offer binaries that implement the OpenJDK specs.

My mental model is currecntly: So there's a spec and an implementation, OpenJDK can refer to both, and a vendor can have multiple implementations of OpenJDK (spec), and some of impls can be closed/commercial, as in the case of Oracle (and maybe Red Hat?).

OpenJDK was never an independent clone. OpenJDK was started by Sun and was all of the JVM code they could relicense. Contributions to it were done either by Sun themselves, or by companies and individuals that signed a contributor agreement. This has continued under Oracle. Notably this includes Redhat, IBM, Microsoft, Azul, Apple and SAP. Originally the code didn't have enough components to produce a useful JVM, and Redhat put a lot of effort into producing builds that integrated with IcedTea to produce a fully Free Software JVM. Now though the OpenJDK has all of the components needed to produce a JVM.

OpenJDK is Oracle's reference implementation of Java, and provides a GPL+Classpath exception licensed build on their website. Additionally, Oracle provides a build a commercially supported build from their website. The commercial builds from Oracle have included other additions, but over the years the amount of closed sourced add-ons has decreased.

Other vendors provide builds of the OpenJDK, most include additional code, although for the most part the changes are minimal. All of these builds are based on the OpenJDK, and adhere to the GPL+Classpath exception.

There is also Azul Platform Prime/Zing. Which is there own JVM with an LLVM-based JIT, I'm not sure if they're using any OpenJDK code, but if so I assume they have a commercial agreement with Oracle.

StevePerkins 1730 days ago

> How about this: what is "OpenJDK"? It used to be an independent open-source clone

Please educate yourself before spreading misinformation on this forum.

OpenJDK is not a "clone", a "fork", or some other re-implementation of the Oracle JDK. It's the other way around. OpenJDK IS the source code for the Java Virtual Machine and standard library. All binary distributions are based on this source.

Some binary distributions are freely available. Others include additional proprietary tools, or commercial support or whatever, and require paid licensing. But these all derive from the some common upstream.

You are painting a picture that is equivalent to saying that the Linux source code is a "clone" of RedHat Enterprise Linux. That is not accurate whatsoever.

May you get down-voted into oblivion for your rudeness. It's not only unnecessary and uncalled for, but redundant.

If you'd like an example of how to correct someone's misunderstanding in a constructive manner, see sibling comments, which were posted prior to yours by an hour.

[1] https://github.com/openjdk/jdk/blob/master/LICENSE

twic 1730 days ago

> what is "OpenJDK"?

It is an open source project, comprising a codebase, a set of contributors, and various mailing lists, processes, and so on, just like any other open source project.

The codebase is a continuation of the original Sun (later Oracle) JDK, now licensed under GPL 2 [1], with a linking exception that makes it fairly similar to the LGPL [2].

The contributors are mostly employees of big companies, with Oracle having by far the largest share.

The OpenJDK project releases source code, but does not itself distribute binary builds. In this respect, it is like numerous other open source projects, such as GNU coreutils.

Binary builds are made and distributed by operating system distributors (Red Hat, Debian, FreeBSD, etc), and also by various independent groups. As usual, each distributor may or may not add its own patches before building, and may or may not contribute these upstream. Eclipse Adoptium (formerly known as AdoptOpenJDK) [1] does not apply significant proprietary patches (just branding stuff), so it's a good place to get a plain vanilla OpenJDK build. Amazon's Corretto [4] in principle could contain whatever patches Amazon thinks are cool, but in practice usually just has a few backported bugfixes [5]. Azul's Core (formerly known as Zulu) has a bunch of patches (i couldn't find a list), and an option of commercial support) [6]. Oracle have a couple of builds, but you can ignore them. There are also builds from SAP, Bellsoft, and maybe others, but i have never really looked into them. Most people i know just use the AdoptOpenJDK / Adoptium builds, or whatever their distro gives them.

EDIT: I got the Adoptium thing slightly wrong. AdoptOpenJDK made builds; those builds are now called Eclipse Temurin. Eclipse Adoptium is some sort of 'marketplace' where different builds are validated and made available. To me, this sounds like one of those Apache grand ideas that won't go anywhere, but we'll see.

[2] https://opensource.stackexchange.com/questions/1410/what-is-...

[3] https://adoptium.net/releases.html

[4] https://aws.amazon.com/corretto/

[5] https://docs.aws.amazon.com/corretto/latest/corretto-11-ug/p...

[6] https://www.azul.com/products/core/

Yes, that all seems so trivial a small child could understand it. So what's my problem?! /s

But seriously, you don't see how this might be confusing? And what you've described is really only the tip of the iceberg. Who defines the specs? Who writes the compliance tests with the specs? Who runs those and certifies that implementations are compatible? What limits are there on entities that make builds, either on the patches they can apply (and still call it "Java") or the licenses they can adopt? What does "GPL with classpath exception" mean in the real world, that JDK-itself changes must be upstreamed, but linked applications need not be? What are the limits there?

The point is, getting an open source JDK binary is not easy, especially if you want to understand what you're getting. "OpenJDK" may exist as an OSS project, but I wouldn't call it typical. Not because it doesn't release binaries (although I just discovered it does, provided by Oracle for Windows/Linux only), but because of the license, the owner, and the owner's relationship to binary builders. The binaries you can get in practice have unknown additions from the vendor, and possible adjustments to the license (or is only Oracle allowed to make alternative licenses for an OpenJDK build?)

Compare java distribution to, say, node or python. Is it really fair to accuse someone who is confused of being an idiot?

> What does "GPL with classpath exception" mean in the real world, that JDK-itself changes must be upstreamed, but linked applications need not be? What are the limits there?

The exception is very broad and fairly simple.

Azul has a good breakdown of it https://www.azul.com/blog/why-the-classpath-exception-is-so-...

The short answer though is if you link to a GPL+Classpath exception library you may distribute the results under any license you choose.

boulos 1730 days ago

Hmm. Without Corretto, which is "recent", I don't see how your argument holds. "No" seed stage company is going to use something from Azul, and probably not from "regular" IBM either (that is, exempting RedHat).

Without Corretto, I think Oracle really has poisoned the well.

[1] https://aws.amazon.com/corretto/

It's particularly confusing because "OpenJDK" used to be an independent group who's purpose was to build a fully open-source Java - and it was Apache licensed. Now, it seems that "OpenJDK" refers to a specification and/or working group which NO LONGER provides a build, instead relying on vendors to do so, and indeed the vendors have wide latitude about how they license it.

This is genuinely complicated, I'm not a lawyer or a software license expert, and I don't understand it. And honestly, based on some of the haughty and arrogant, but factually wrong, comments I've been seeing, I suspect that a lot of people think they understand it, but don't.

boulos 1730 days ago

Which is exactly your point! The uncertainty/confusion is now super high due to Oracle's actions. It's literally fear, uncertainty, and doubt.

It's a bit like GPL and other open source licensing in the early days ("better not touch GPL code at all") rather than the now commonplace "Ahh, yes. No to AGPL, but GPL is fine since we won't distribute it. We'd prefer APL" practices.

I absolutely believe that experts in licensing understand the OpenJDK / Corretto / Microsoft's OpenJDK distro and so on. But it really did go from "yeah, openjdk is no problem" to "hmm, do we understand this?".

> "OpenJDK" used to be an independent group who's purpose was to build a fully open-source Java - and it was Apache licensed.

You've confused OpenJDK with Apache Harmony. The Harmony project dissolved in 2011, essentially being killed by IBM's decision to join the OpenJDK project instead.