The VMware open source lawsuit – and what it means for you

March 12, 2015 Neta Weinryb

The various headlines discussing the lawsuit against VMware have probably caught your eyes. Long and detailed articles discuss the lawsuit, the GPLv2 open source software license and the VMware implications.

But what does all this mean for software developers? In this post we briefly explain what the lawsuit is all about, and more importantly – what does it all mean for you.

The lawsuit

Top Linux contributor Christoph Hellwig is suing VMware for violating the GPLv2 free software license with its use of Linux and other source code in a component of its product. Hellwig’s suit is supported by the Software Freedom Conservancy.

At the core of the lawsuit is the fact that open source software, such as Linux, is free to use but comes with a license. When using open source software, you must legally comply with the terms of the license. The terms can be as simple as mentioning the use of the software in the release notes. Other licenses can impose certain restrictions on distribution or on the Intellectual Property of your software.

In this case, according to the Conservancy, VMware has used parts of the Linux Kernel software (which is open source) to create some of their products, without complying with the Linux Kernel open source license.

About the GPLv2 License and this Case

The GNU General Public License Version 2 (GPLv2) is the most widely used license for free and open source software.

GPLv2 requires modifiers of the open source software (for example, allegedly, VMware) to provide their customers with access to the source code of the modified software.

What do the suing parties expect VMware to do?

According to the Conservancy, they have asked VMware to take the necessary steps to comply with the terms of GPLv2. VMware claim that they already comply with these terms.

The issue is now debated in a German court.

What does this mean for you?  

You too probably use open source software to develop better software products, reduce development costs and get to market faster.

Open source software is free to use but has a license attached to it. The license requires you to do certain things: in many cases complying requires you to mention the open source components in the release notes. In other cases it requires you to provide copy of the source code to your users or customers.

To comply with the requirements of open source software, you need to do the following:

  1. List all your open source components. Make sure you know of all of them – some open source components may contain other open source components (dependencies). Our research of 300K open source components shows that on average, every component has 7.1 dependencies.
  2. See what open source license is attached to each component, and what the license requires you to do to comply.
  3. Do what it takes to comply.

This may sound like a lot, but the WhiteSource service makes it easy and literally effortless. If you give us one hour over the phone, we will be happy to show you how.

 

An update: in a CBR article, VMWare explains why it thinks that it complies with the GPL license requirements, and the Software Freedom Conservancy talks about the increase in GPL violations volume and why enforcing the GPL license terms is so important for the open source community and the software developers community.

Previous Article
Open Source Due Diligence – a Serial Entrepreneur Shares a Story of Two Very Different M&A Processes

Over the years I have been involved in several startups as a founder, advisor and investor. I also had the ...

Next Article
FFIEC Guidance: the effortless path to controlling risks when using open source components
FFIEC Guidance: the effortless path to controlling risks when using open source components

The FFIEC (Federal Financial Institutions Examination Council) has released the "Risk Management for the Us...