Facebook Relents on React.js License Issue via @InfoSecHotSpot

Facebook Relents on React.js License Issue  via @InfoSecHotSpot

  • Well, it’s safe to use code from Facebook’s React.js library in open source projects.
  • At issue is a license Facebook created by taking an existing open source license, modifying it with a short patent caveat, then calling it the BSD+Patents license.
  • The issue was with the patent clause Facebook had added to the license, which states that anyone using the code, directly or indirectly, cannot take legal action against Facebook for any patent infringement involving any software without losing the right to use and distribute the code.
  • The problem wasn’t with patent protections: Many open source licenses, including Apache, have patent clauses preventing users from suing over any patents the covered software might infringe, but Facebook’s license seeks to protect the company from infringement by any and all of its software.
  • Then on Friday, Facebook’s engineering director, Adam Wolff, announced in a blog post, “Next week, we are going to relicense our open source projects React, Jest, Flow, and Immutable.js under the MIT license.

It’s safe to go back in the water again. Well, it’s safe to use code from Facebook’s React.js library in open source projects. The folks at the social site have done an about-face and will be changing React.js’s license to MIT, along with the licenses for Jest, Flow and Immutable.js. The announcement came exactly a month after we reported on a licensing brouhaha that had resulted in a standoff between Facebook and the Apache Foundation.

It’s safe to go back in the water again. Well, it’s safe to use code from Facebook’s React.js library in open source projects. The folks at the social site have done an about-face and will be changing React.js’s license to MIT, along with the licenses for Jest, Flow and Immutable.js. The announcement came exactly a month after we reported on a licensing brouhaha that had resulted in a standoff between Facebook and the Apache Foundation.

At issue is a license Facebook created by taking an existing open source license, modifying it with a short patent caveat, then calling it the BSD+Patents license. Facebook had claimed the license to be GPL compatible, which was pretty much accepted at face value since its base, the three-clause BSD license, is an accepted open source license.

Except it wasn’t compatible, a fact that wasn’t recognized until long after code from React.js, a front-end library for building JavaScript interactive UIs, was being used by a considerable number of open source projects. The problem first began coming to light at the Apache Foundation in May, and on July 15 the foundation declared the license to be “Category X,” making it off-limits to developers using the popular Apache license. Any BSD+Patents code already incorporated into Apache licensed projects was ordered to be removed by August 31.

The issue was with the patent clause Facebook had added to the license, which states that anyone…

Facebook