Ranter
Join devRant
Do all the things like
++ or -- rants, post your own rants, comment on others' rants and build your customized dev avatar
Sign Up
Pipeless API
From the creators of devRant, Pipeless lets you power real-time personalized recommendations and activity feeds using a simple API
Learn More
Comments
-
The "devrant" tag doesn't mean "developer rant" because there are no finance and HR folks here. Every rant is a "developer rant". Who would have thought this?
The "devrant" tag is for shit about devrant.com itself. -
ezpz7454y@RememberMe There's a ton of C# libraries that are open-source, but the licensing to actually use them can be expensive. Typically hundreds, or even thousands of dollars. It's extremely frustrating when you're working on a small project. It gets even worse when other people use them as dependencies for their own open source projects. So just one library could end up costing you several thousand dollars to license. I keep running into that problem. You really have to read the fine print before deciding to use one.
-
ezpz7454y@jespersh For example, I was looking at https://github.com/tgjones/gemini, which has the Apache license, and is free to use in commercial projects, however, one of its modules depends on https://github.com/xceedsoftware/..., which is not free for commercial use. So in order to use Gemini, I'd have to pay $419 to Xceed.
-
Recursive dependency licence management is a surprisingly hard problem. New packages may be added, or existing ones may change their licence.
That's why SPDX was invented, see: https://en.wikipedia.org/wiki/...
At its simplest level, it just means including a well-defined source text comment as first line in every source text file so that you can grep through everything and figure out what licences you even have onboard.
It's particularly useful to avoid a breach of copyright by unknowingly including GPL'ed components. -
@ezpz
This is why web development is so much easier.
You just install, or even copy paste everything together regardless of licensing models, then deploy it all to a backend server so no one will ever know the extent of your piracy.
I've seen a private Github repository mirroring the Laravel Nova package (which you can normally only install after paying the $99/project license to access their package server), with over 200 companies having permissions so they can set the mirror as a composer source. -
KDSBest7714y@bittersweet tbh I don't understand why web dev protects you here. If I develop a backend noone knows either. Even without a web frontend.
-
@KDSBest Yeah definitely. It's just application development where it often becomes more apparent, but in web frontend you have to be careful as well.
Related Rants
Welcome to the C# open-source community. That'll be $900.
devrant
csharp