Say I push to a public repository an original file that I cover under a specific license. I later (or even immediately) find out that this license is incompatible with other licenses in the project. (Say one is the GNU GPL and the other is something incompatible with it.) I would like to know how I should responsibly and professionally handle mistakes like these.
If this mistake simply means that this particular project snapshot is technically against license for other people to build, then I imagine the responsible thing to do is push a new version of the file to add a second, compatible license or altogether replace the first license with a compatible one.
On the other hand, if it’s against license to be distributing this snapshot even in source form (and having them in the repository history is, technically, “distributing”), I imagine I should additionally attempt (or ask the repository owner, when it’s not me) to clear that particular commit from history.
Which of the above is closer to the truth? And are the implications/actions that I’m describing in each case correct?
2
If you have files with incompatible licenses in your project, then it is a license violation. This means that you do not have the right to distribute the project in that state.
The responsible actions to take when such a license violation is detected depend on who owns the copyright to the various parts.
- The easiest fix, which should always be possible, is to remove the files (or library) that cause the license violation.
- If you are the sole copyright holder of the files that cause the violation, you could change the license on those files to a license that is compatible with the other licenses.
- If you are not the copyright holder, or there are multiple copyright holder, you will need to get explicit agreement from all of them to change a license.
You are probably not required to rewrite history on the archive, but if you provide downloads outside of the repository (for example, binaries for various platforms), you should ensure that the version with license violations is no longer available.
1