Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Invalid AGPL license with 1000 requests threshold ? #307

Closed
Tearion opened this issue Dec 8, 2022 · 2 comments
Closed

Invalid AGPL license with 1000 requests threshold ? #307

Tearion opened this issue Dec 8, 2022 · 2 comments

Comments

@Tearion
Copy link

Tearion commented Dec 8, 2022

Hi,
we moved from the older schema validation to the newest package from nuget.org and where suprised by a limit on 1000 requests per hour.

There is no information about this threshold in the license file in the code repository or nuget.org desctiption. Our developer just updated the package, because he got a depricated hint on his visual studio.
So from my side it feels a little bit missleading, if you implement a threshold, that stops the open source software from working, that is licensed under a AGPL license. It feels more like a shareware.

if (_validationCount > maxOperationCount) { throw new JSchemaException("The free-quota limit of {0} schema validations per hour has been reached. Please visit http://www.newtonsoft.com/jsonschema to upgrade to a commercial license.".FormatWith(CultureInfo.InvariantCulture, maxOperationCount)); } }

The other thing is that i'm currently not sure, if it is possible to combine a AGPL license and a commercial license for the same source code. I found serveral discussions on stack overflow for another open source / commercial product that indicates, it could be a problem:
https://opensource.stackexchange.com/questions/13075/can-a-company-offering-a-dual-license-agpl-paid-commercial-product-require-comme

So in our case, we removed the whole packages from newtonsoft.

Is it possible to adjust the information on nuget.org and check your license conditions?

Thanks
@Tearion Tearion changed the title Invalid AGPL license with 1000 requests treshold ? Invalid AGPL license with 1000 requests threshold ? Dec 8, 2022
@JamesNK
Copy link
Owner

JamesNK commented Dec 8, 2022
edited

Dual licensing is normal and common - https://www.synopsys.com/blogs/software-security/software-licensing-decisions-consider-dual-licensing/

The question in the issue you linked is about someone who publish software as AGPL but prohibited it from being used by commercial software. They can't prohibit that. AGPL can be used with commercial software. However, AGPL is viral, and the requirement to publish the entire app's source code usually isn't desirable.

@brunomartinspro
Copy link

brunomartinspro commented Oct 19, 2023
edited

Getting this error in snyk, how should i correctly handle the licensing issue?

License issues:
  ✗ AGPL-3.0 license [High Severity][https://snyk.io/vuln/snyk:lic:nuget:newtonsoft.json.schema:AGPL-3.0] in Newtonsoft.Json.Schema@3.0.15

@JamesNK JamesNK closed this as completed May 29, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@JamesNK @brunomartinspro @Tearion