this post was submitted on 14 May 2026
233 points (99.2% liked)
Technology
84597 readers
3946 users here now
This is a most excellent place for technology news and articles.
Our Rules
- Follow the lemmy.world rules.
- Only tech related news or articles.
- Be excellent to each other!
- Mod approved content bots can post up to 10 articles per day.
- Threads asking for personal tech support may be deleted.
- Politics threads may be removed.
- No memes allowed as posts, OK to post as comments.
- Only approved bots from the list below, this includes using AI responses and summaries. To ask if your bot can be added please contact a mod.
- Check for duplicates before posting, duplicates may be removed
- Accounts 7 days and younger will have their posts automatically removed.
Approved Bots
founded 2 years ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
view the rest of the comments
The GPL explicitly grants anyone the right to share, distribute, and even modify the source code. So yes, that is exactly what it means. They cannot claim they wrote it, but they can absolutely both share and distribute the source code, and are in fact required to if they do make modifications to it. It's literally the main thing the license is even about.
Small sidenote: distribution of modified source code of GPLv2/v3 covered projects is only mandatory to those who have access to a binary version of the modified sources.
e.g. if you take a GPLv2 covered project that is a simple HTTP server, and you give the binary nobody, then you're not required to share the source (if the HTTP server is AGPL covered then you need to provide it to anyone who can access the HTTP service and requests the source).
This is an important distinction, as you can't demand the source of a GPL project from someone who cloned it and made modifications to their own use without distributing a binary of those changes. If I fork Orca and make some changes, and showcase those as screenshots, you have absolutely no right to demand the source for it. If I were to send you a binary of Orca with my changes, then you'd have the right.
I mean this distinction is obviously not applicable here but I wanted to make sure the GPL summary is fully correct. Which is the best kind of correct.
Wait, i thought that technically correct was the best kind of correct ? i have been LIED TO.
A fully correct statement is categorically a technically correct statement, therefore the two are not contradictory.
You statement is, also, technically correct. And therefore a fully correct statement is the best kind of correct, via the transitive property.
I demand to see your source code
maybe my thinking is off then, but in my mind it's mainly for first and second parties? as in, orca and bambu both have to share the source when sharing the binary, not necessarily immediately but on request. anything built on top of gpl code can be closed unless it's agpl. as a third party to all this, can rossman share the code bambu has made on top of orca?
Your thinking is off, the GPL and derived licenses like the AGPL are viral on purpose. They apply to everybody who uses, downloads, or accesses the software (in the case of the AGPL) and they are explicit about this:
what i'm reading from that is that both parties must agree that the work has been conveyed. with the risk of going all sovcit, if the conveyed item is a binary, and the producer does not send the source code to the consumer as instructed by the license, can the consumer really pull the source and distribute it? surely if the license is broken the work falls back on default pecmissiots, e.g. all rights reserved?
Maybe read the GPL ;)
But the language defines that if you distribute a binary, you must make the source available, and that source is allowed to be taken, modified, redistributed as binary and source, as long as the person doing the modifications attributes you and all other previous authors.
It doesn’t matter if that binary comes as a firmware on a device the user purchased.
The distributor does not have to distribute the source with the binary, they just have to make it available, for free, and they cannot stop anyone using it as defined above.
Breaking the license does not change how the software is licensed, it just puts the entity doing the violations in violation of a license.
In the general case, the person or persons who distributed the binary would then have done so illegally. In order to distribute, you have to follow the terms of the license. So them attempting to go after anyone downstream of them at that point is sort of like calling the police because someone stole your drug stash. And if there's an upstream beyond the illegal distributors, they're practically waving a "Sue me now!" placard in their direction.
The originator of the code, above whom there is no upstream, is allowed to offer it under more than one license (including a mixture of free and closed licenses), but the specific license in force has to be specified with each distributed copy.
AGPL can be closed too, the license bases the right to the source based on the access to the end product:
GPLv2/v3 - if you have the binary executable output of the GPLv2/3 covered source, you must be granted access to the exact source used to make the binary. This applies to legitimately sourced binaries only - if you were to hack into a company's servers and get a binary of a modified GPL product, this wouldn't apply. But extracting a binary from a device you own IS a legitimate access (so e.g. if your phone uses U-boot, the manufacturer must grant you access to their modified U-Boot sources used to build the bootloader)
AGPL - if you have (legitimate) access to a service you can request the source. This is so e.g. web services can be made into GPLed code where modifications must be released (negating the requirement of possession of a binary, since you can't possess a binary that runs on a remote server). e.g. let's say I run GTK app via browser using kasmVNC - if the app is GPL, I don't have to provide the source, if it's AGPL, I have to provide the source.
are you sure about that first one? yes they have to give you the source, but what happens if they don't? i've genuinely not thought about that before.
That's where legal actions come into place.
I've managed to force multiple Chinese companies to release sources that were adamant they don't have to, just by threatening to report them to the FSF and SFC - both bodies have been wildly successful in prosecuting licence breaches.
Also both the EU and the US have now precedents and laws in place that allow fast-tracking obvious licence violators' blocking from the market. For a small Chinese company whose main target market is the west, it's a major blow if their sales and export are blocked because they won't release the source.
So they try to play hardball, but it's like modern lifts - the moment you press the right buttons suddenly they do exactly what you want them to.