[freedomben]

Is GPL vs. MIT even relevant in this case? GPL only requires providing sources with the distributed binary, but for server-side code you don't distribute the binary so don't have to publish sources. The whole point behind the AGPL is to close this loophole.

Further I don't think the change to GPL even fixed the author's original concern of something like AWS taking it and standing up a service on it. The GPL wouldn't prevent that because again, no binary distribution.

I don't doubt that the author was told this by Sid at OCV, but it seems like a misunderstanding on both their parts of what the licenses actually require and don't require.

[gowld]

The link "Changed to GPL v3" was actually "change to Enterprise Edition license. So that's a bizarre comment to make in the blog post.

https://github.com/goauthentik/authentik/commit/4671d4afb4d3...

[trane_project]

The whole thing about how GPL propagates to unrelated works that happen to use a GPL licensed software is a misunderstanding. One that the FSF foundation is happy to propagate, but not one that would hold in court.

The concept of derived work in copyright law has nothing to do with how the binaries are linked together nor is an entire work derived from a GPL library just because they happen to call it at one point. Lawyers look at this very differently.

See https://www.linuxjournal.com/article/6366

[dahdum]

I don’t see definitive statements in that article. It’s a lawyer stating opinion, using qualifiers like “in most cases” and “I would argue”. Most concerning is:

> This is a complex topic that courts and lawyers disagree on

I would argue, in most cases, the benefits aren’t worth the risk, nor the legal fees spent to ascertain and manage that risk.