I'm curious what license you're using (since there's no mention in the readme). It seems clear that you wrote this to be open source and help people. Since there's no license information, third parties (ie, people who aren't you) should assume that they have no right to use it (that it's proprietary since there's nothing offering other rights). You've said it's open source, but under what terms can I (or TaxCloud) use it?
A lot of open source licenses don't require attribution. If you had licensed this under the GPL2 or MIT licenses, would you still consider what they did wrong?
It's crappy (in the plagiarism way) to take someone else's code and try to make people think you wrote it. You haven't explicitly licensed your code under any license and so, to be conservative, third parties should operate under the assumption that the code is proprietary. However, many times open source does allow you to fork something and make it your own. For example, Joomla is a fork of Mambo. The codebase has evolved, copyright notices have been changed, and there isn't credit back to Mambo on the website. If it were a less known project, many people might assume that it all originated with Joomla (and, in fact, with Mambo seemingly dead and it having been quite a while since the fork, I'm guessing a lot of newer people wouldn't find out).
Often times, open source licenses don't require attribution. It might have been that the person at TaxCloud got your email telling them about your open source project and assumed an MIT license for it. One shouldn't assume things like that, but people make more egregious errors.
Anyway, it would be nice to know what license the open source code is governed by (and this is true for many more projects that just don't have a license file) and I hope you're able to resolve the situation in a way which makes things better for you.
How do you define attribution? Both GPLv2 and MIT require you to retain the copyright notice which I would consider a form of attribution (i.e. I wrote it and not you).
"You haven't explicitly licensed your code under any license and so, to be conservative, third parties should operate under the assumption that the code is proprietary"
I would have guessed that without an explicit license, open source is free for anyone to take/modify/reuse. After all, it is open source.
In other words, the default would be the most permissive license. You suggest it is the opposite - that without a license, the code should be considered proprietary. Can anyone more familiar with open source licenses clarify?
Creative work (including source code) automatically falls under "all rights reserved" bucket unless the author specifically states other licensing terms.
In this case the author didn't so his work is still "all rights reserved" and no-one can use it.
You're confusing "source code available" with "open-source".
"Open source" is a shortcut for: "source code available and under open-source license".
Wikipedia says "A typical software license grants an end-user permission to use one or more copies of software in ways where such a use would otherwise potentially constitute copyright infringement of the software owner's exclusive rights under copyright law." http://en.wikipedia.org/wiki/Software_license
You may be basing your prior belief on e.g. Wikipedia's claim (scroll down) that "A primary consequence of the free software form of licensing is that acceptance of the license is essentially optional — the end-user may use, study, and privately modify the software without accepting the license." IANAL, but this statement seems dangerously incorrect to me. It may be technically correct that you do not "have" to accept the license terms--but then if you are downloading the software, or creating derivative works without a license, you would be violating the law. E.g.
Uploading or downloading works protected by copyright without the authority of the copyright owner is an infringement of the copyright owner's exclusive rights of reproduction and/or distribution. - http://www.copyright.gov/help/faq/faq-digital.html#p2p
It is true in the sense that there are conceivable ways to use FOSS without accepting the licence. There are common ways like dual-licensing (if the license is GPL and the company has all the copyrights they can still sell me a different license) or even fair use (someone could create a parody of FOSS and publish it).
How do you know it is open source without a license? Sure you can see the source code, but I wouldn't have said that is what makes it open - its the license that does.
Looking at the examples it's really hard to know if this stuff was copied. How else would you write this sort of stuff? This seems like really simple, straightforward code.
A lot of it seems to be about creating a hash based on a well-defined data type. Is there some other way of doing this that makes sense in Ruby?
Similarly, he points out similar variable names. If you have a variable containing an API key what do you call this besides "api_key"?
Maybe these are just poorly chosen examples, but if these are the best evidence the author has I don't think there's grounds for flipping out quite yet.
A few things stand out as distinctive in terms of Ruby style. For example, for self.send "#{sym}=", val, I'd much prefer to see send :"#{sym}=", val. And "sym" is a poor choice of variable name semantically when it's really referring to an attribute name.
If I were writing this, I'd probably have a single hash that defines the SOAP names and internal names then dynamically create those accessors and dynamically create the hash in to_hash rather than have repetition. DRY and all that. So there are other ways to go about it.
There's not a great deal to go on, of course, but the chance of two independent Rubyists stumbling across an identical solution syntax-wise is far from high (though is not minuscule, either.)
Valid point. When I first looked at the code I knew the initialize code was fairly common, but then I noticed the unnecessary require. I started to explore a bit more and noticed that the style changes from the copied code[1]. They also place their require statements immediately after module declaration[1]. Not to mention the use of single quotes vs double quotes.
The author writes about his love of contributing to open source, but since his code has no license this may not even be open source code at all. The author should put some kind of license with his code so that it is used the way he wishes. If he wants credit, there are attribution licenses out there. GPL may help to get contributions back to your code. Different licenses will have different results.
Also, hypothetically, if the official API was GPL and he used that as a starting point - in fact he could be the one in violation of the GPL for not including copyright info in his code.
Isn't the Oracle case more about the definition of an API (what I would consider to be the header files, for example), versus this, which is more of an implementation of an API, though?
Agreed, I should have clarified that I meant hypothetically if the author started out with some example code that was supplied by the API owner under the GPL.
Although you still get copyright protection without it, a comment at the top of every source file with your name and the license makes it very easy for people to figure out who owns what. You didn't have any license, you didn't have any authorship or copyright headers in your source code, and then you asked the company that "stole" your code to take a look and share the code with others.
The problem is that you're communicating in a very vague manner: you should be explicit about all of your expectations and intentions so others interacting with you don't have to guess what you're thinking.
Imagine how this interaction would have gone if your source file started with:
# Copyright (c) 2012 My Consulting Firm
# This program is free software: you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by
# the Free Software Foundation, either version 3 of the License, or
# (at your option) any later version.
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
# You should have received a copy of the GNU General Public License
# along with this program. If not, see <http://www.gnu.org/licenses/>.
And you emailed them saying:
"Hello. I've created a gem that's licensed under the GPLv3 for interacting with your service. Please feel free to link to it or redistribute it on your website under the same terms."
My guess is: this problem would have never occurred.
What do you really expect from them? Being vague isn't helping the situation.
- If you just want attribution and an apology, ask for that.
- If they dont know what you want, they may just remain silent.
It was probably a lower-level mixup, some programmer was in a hurry, had too many tickets under his name, and rushed out a solution. The company was probably unaware.
Making veiled references to some action you might take just means they will refer it to a lawyer, who will say, "Just keep quiet and dont change anything right away. It's unlikely he has an Oracle-vs-Google sized budget to make a case, and anything you say or do might work against you. Rewrite it as soon as you can think of another justification, and be sure to create an email trail for that."
If hurry means more than 8 months. I edited the post to include the date I contacted them (August 24, 2011). The writing style for the copied code vs additional code they wrote is inconsistent.
Actually, it does. If you don't have an OSS license, it defaults to standard copyright, which means TaxCloud has even less legal right to copy the code.
Drew could have used a license that legally granted commercial use without attribution, and in that case he'd have a bigger problem.
The author (or his company) always has the copyrights (if it is not sold) and thus can license it any way(s) wanted, for example und open source licenses.
Authors in certain countries can also release their code into the public domain -- that would be the only situation where there is no copyright involved anymore.
A general request (not specifically towards the author): If you release a project under open source license, please be specific about what kind of attribution you would like to get when your project is used within a product.
Giving credit would be so much easier if one could use for example Maven or npm to automatically create a list of attributions that could be then formatted and included in the "About page".
I think you are creating a storm in a tea cup. I agree that there has been some copy pasting of code blocks. But that's life and the nature of writing.
That require is a smoking gun for sure, but I'm not too sure about the copyright claim. It's their copyright on the API in the first place, and there are a limited number of ways to wrap an API in Ruby.
It's sleazy to cut and paste code without attribution, but this post comes off as way too confrontational considering the company hasn't had a chance to respond yet. (Which response is perfectly likely to be "Ah shit, brain fart, sorry.")
This is really strange; I just don't understand why the company would do this. It doesn't make any sense, unless an employee in the company was too lazy to write his own stuff and wanted to pass off someone else's work as his.
I think the arguments here are weak. Using a builder is extremely common in API wrappers like this (I just did this myself wrapping an API in Ruby). In the second example, the code you pointed out was similar really wasn't that similar. Someone else made a good point: because this is an API wrapper there's really only a limited number of ways to do things.
Still, there's a good chance that someone looked at it to see how you did things -- these things are hard to prove. Regardless, I think your response is a bit over the top? Does it warrant this nasty blog post, or could you have just emailed the dude and said, "Hey, I noticed you guys may have been inspired by my code, a lot of appeared similar. I am licensing under GPLvXXX [or whatever your license is] and it requires some attribution if you guys did use some of my code." I suspect they would have happily given it to you. If they refused, well, then maybe then would have been the time for the rant. :)
No offense, but the way you handled this, you are coming off like some guy having a temper tantrum on the internet, instead of a developer with valid grievances handling this maturely.