<div dir="ltr"><div dir="ltr">a quick update: the latest release of Rally (<a href="https://pypi.org/project/rally/1.4.0/">https://pypi.org/project/rally/1.4.0/</a> ) doesn't include morph dependency<br></div></div><br><div class="gmail_quote"><div dir="ltr" class="gmail_attr">пн, 4 февр. 2019 г. в 19:57, Andrey Kurilin <<a href="mailto:andr.kurilin@gmail.com">andr.kurilin@gmail.com</a>>:<br></div><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex"><div dir="ltr"><div dir="ltr"><div dir="ltr"><div>Hi stackers!</div><div><br></div></div>Thanks for raising this topic.</div><div dir="ltr">I recently removed morph dependency ( <a href="https://review.openstack.org/#/c/634741" target="_blank">https://review.openstack.org/#/c/634741</a> ) and I hope to release a new version of Rally as soon as possible. <br></div><div dir="ltr"><br><div><div><div><div><div class="gmail_quote"><div dir="ltr" class="gmail_attr">пн, 4 февр. 2019 г. в 17:14, Jeremy Stanley <<a href="mailto:fungi@yuggoth.org" target="_blank">fungi@yuggoth.org</a>>:<br></div><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex">On 2019-02-04 14:42:04 +0100 (+0100), Ilya Shakhat wrote:<br>
> I am experimenting with automatic verification of code licenses of<br>
> OpenStack projects and see that one of Rally dependencies has GPL3<br>
> license<br>
[...]<br>
<br>
To start off, it looks like the license for morph is already known<br>
to the Rally developers, based on the inline comment for it at<br>
<a href="https://git.openstack.org/cgit/openstack/rally/tree/requirements.txt?id=3625758#n10" rel="noreferrer" target="_blank">https://git.openstack.org/cgit/openstack/rally/tree/requirements.txt?id=3625758#n10</a><br>
(so hopefully this is no real surprise).<br>
<br>
The source of truth for our licensing policies, as far as projects<br>
governed by the OpenStack Technical Committee are concerned (which<br>
openstack/rally is), can be found here:<br>
<br>
    <a href="https://governance.openstack.org/tc/reference/licensing.html" rel="noreferrer" target="_blank">https://governance.openstack.org/tc/reference/licensing.html</a><br>
<br>
It has a carve out for "tools that are run with or on OpenStack<br>
projects only during validation or testing phases of development"<br>
which "may be licensed under any OSI-approved license" and since<br>
the README.rst for Rally states it's a "tool & framework that allows<br>
one to write simple plugins and combine them in complex tests<br>
scenarios that allows to perform all kinds of testing" it probably<br>
meets those criteria.<br>
<br>
As for concern that a Python application which imports another<br>
Python library at runtime inherits its license and so becomes<br>
derivative of that work, that has been the subject of much<br>
speculation. In particular, whether a Python import counts as<br>
"dynamic linking" in GPL 3.0 section 1 is debatable:<br>
<br>
<a href="https://bytes.com/topic/python/answers/41019-python-gpl" rel="noreferrer" target="_blank">https://bytes.com/topic/python/answers/41019-python-gpl</a><br>
<a href="https://opensource.stackexchange.com/questions/1487/how-does-the-gpls-linking-restriction-apply-when-using-a-proprietary-library-wi" rel="noreferrer" target="_blank">https://opensource.stackexchange.com/questions/1487/how-does-the-gpls-linking-restriction-apply-when-using-a-proprietary-library-wi</a><br>
<a href="https://softwareengineering.stackexchange.com/questions/87446/using-a-gplv3-python-module-will-my-entire-project-have-to-be-gplv3-licensed" rel="noreferrer" target="_blank">https://softwareengineering.stackexchange.com/questions/87446/using-a-gplv3-python-module-will-my-entire-project-have-to-be-gplv3-licensed</a><br>
<a href="https://stackoverflow.com/questions/40492518/is-an-import-in-python-considered-to-be-dynamic-linking" rel="noreferrer" target="_blank">https://stackoverflow.com/questions/40492518/is-an-import-in-python-considered-to-be-dynamic-linking</a><br>
<br>
I'm most definitely not a lawyer, but from what I've been able to<br>
piece together it's the combination of rally+morph which potentially<br>
becomes GPLv3-licensed when distributed, not the openstack/rally<br>
source code itself. This is really more of a topic for the<br>
legal-discuss mailing list, however, so I am cross-posting my reply<br>
there for completeness.<br>
<br>
To readers only of the legal-discuss ML, the original post can be<br>
found archived here:<br>
<br>
<a href="http://lists.openstack.org/pipermail/openstack-discuss/2019-February/002356.html" rel="noreferrer" target="_blank">http://lists.openstack.org/pipermail/openstack-discuss/2019-February/002356.html</a><br>
<br>
-- <br>
Jeremy Stanley<br>
</blockquote></div><br clear="all"><br>-- <br><div dir="ltr" class="gmail-m_-6569825411684810418gmail-m_-4010563894957726518gmail_signature"><div dir="ltr">Best regards,<br>Andrey Kurilin.<br></div></div></div></div></div></div></div></div>
</blockquote></div><br clear="all"><br>-- <br><div dir="ltr" class="gmail_signature"><div dir="ltr">Best regards,<br>Andrey Kurilin.<br></div></div>