zlacker

[return to "Open source liability is coming"]
1. sevagh+F6[view] [source] 2023-12-29 18:40:30
>>daniel+(OP)
I find this article and the reactions here confusing. This seems to me like unequivocally a good thing for open-source devs.

Making commercial vendors who rely on open source software liable for bugs is fantastic news, that's how it always should have been. You can't have a commercial company throw their hands up and say "well github.com/cutefuzzypuppy is at fault for writing an open-source npm package we used so harm to our customers is not our fault!"

◧◩
2. omnico+98[view] [source] 2023-12-29 18:46:10
>>sevagh+F6
The article is misleading unless you read the whole thing and the reactions are standard knee-jerk ones from HN users that didn't need to read past "EU" to assume the worst possible misinterpretation.
◧◩◪
3. within+p9[view] [source] 2023-12-29 18:51:36
>>omnico+98
I read the article, but it was quite ambiguous, at least to me. It isn't very well written / clear on what is actually going on.
◧◩◪◨
4. omnico+5a[view] [source] 2023-12-29 18:55:04
>>within+p9
I agree it's very ambiguous, but if you read the whole thing it's clear that when dev A releases code under an open source license and it's included in a commercial product by company B that then harms person C, the liability will be on company B. Most of the hot-under-the-collar responses here are assuming it will fall on dev A, which is a misinterpretation the article's author did not do much to discourage.
◧◩◪◨⬒
5. sevagh+2b[view] [source] 2023-12-29 18:59:09
>>omnico+5a
Actually, I may have missed buried lede in this case where there is no company B, and citizen C is harmed by dev A's github project.

That is actually kinda concerning, if my MIT license of "no guarantee" won't protect me.

Other commenters who got it:

>>38808821

>>38808756

[go to top]