SQL-Ledger Relicensed, Community Gagged

Ashley Gittins writes "Users of the popular accounting package SQL-Ledger were being kept in the dark about a recent license change. Two weeks ago a new version of the software was released but along with it came the silent change of license from GPLv2 to the 'SQL-Ledger Open Source License' — presumably in an effort to prevent future forks like LedgerSMB. As it turns out, the author was making deliberate attempts to prevent the community from finding out about the license change. No posts to the SQL-Ledger mailing lists asking about the license change were getting past moderation and direct questions to the author were going unanswered. Just recently the license was switched back to GPLv2. This behavior is not a first for this particular project, and is part of the reason for the original LedgerSMB fork. Does a project maintainer have an ethical obligation to notify his or her community of a license change? What about a legal obligation?"

Re:Simader

[daeg]

I came here to say the exact same thing. We have another OSS project that "integrates" with SQL-Ledger (I use that term very loosely) and I am replacing both with, uh, real programming. I am convinced that SQL-Ledger and other hobbled-together "open source" projects are merely fronts for greedy developers that hook businesses with the prospect of free, open source packages that can replace commercial packages that can run into the thousands for even the smallest of businesses. Then, when the company wants to do something more advanced, they find the code is such a steaming pile of crap that they hire the developer(s) to "fix it" for them.

Where to you think the LedgerSMB form came from?

[cheros]

The guys at LedgerSMB had exactly the same problem, and they're busy cleaning up the code. Their stance is different as they provide a service, not software, and they make more sense re Open Source approach to code.

I think the root problem is that the SQL Ledger guy didn't realise what Open Source meant when he 'opened' it. LedgerSMB seems more focused on simply being a reasonable product, and their focus is the SME market who coul dnever afford the gazillion dollar programs..

escrowe vital - was Re:Legal: No, Ethical: Maybe

[speculatrix]

if you have any sense when buying software, and you're big enough to make the vendor agree, then a code escrowe agreement is critical in case the vendor folds (sometimes even have a release condition predicated on the vendor being bought by another company who may abandon the product).

if you're subcontracting the software to another company, then make sure that you have full rights over the code and that you get regular SCCS/RCS/CVS/Subversion snapshots (you need to have direct access to the contractor's repository, don't rely on them to send you dumps) and verify that you can build everything from scratch and get the fully working version.

I've seen the results of failing to do this and the results can get pretty ugly!

SQL-Ledger = Cavalier Security

[The Breeze]

I never even tried SQL ledger, simply because while researching different Linux accounting packages I came across some post by one of the head guys, possibly this "Dieter" doorknob, replying to a user with something very much like the following:

"Well, I wouldn't worry about it. We are not that concerned with security because there's nothing that SQL Ledger works with that would be of interest to anyone except an accountant, and I don't think we need to worry about a bunch of rogue accountants."

That statement alone made me not want to touch the packae, even though it looked very nice otherwise.