Armory License Scan and The Ability To Sell Armory Games


#1

I am currently investigating Armory and its dependencies to make sure, as much as possible without being a lawyer, that we can legally sell Armory games. I know that this question has been asked before on the forum and the conclusion is that it is perfectly safe to sell Armory games because Armory is ZLib licensed. It is true that Armory is ZLib licensed, but it is also of concern what the licenses of Armory’s dependencies are.

I am using a tool called Fossology to scan every file of Armory and it’s dependencies for licenses and copyrights. I just finished getting the scan results published here so that anybody can review.

There are a staggering amount of individual licenses and copyrights in the Armory SDK that might go unnoticed and it is quite a lot of information to look through. The scan of Kore found 34 unique licenses in 1005 files, and that is only one component of the Armory SDK.

I am going to be going through the scanner findings and posting any concerns here. Particularly we need to be careful of GPL dependencies. I have a contact that has been in the computer industry for 20 years and he warned me and my team when we said that we were using an Open Source engine. He said that if there was anything GPL, even if it was just a tiny NPM package, that we could get shut down. It would be horrible to make a great game, try to sell it, and get sued because there was a GPL dependency in Armory that we hadn’t noticed. I want to take every precaution to make sure that doesn’t happen.

@lubos and @RobDangerous I want to bring you in on this because I think that this is important for allowing commercial use of both of your projects.

Initial Concerns

I haven’t had time to go through the codebase completely yet, but here are the first of my findings.

No copyright in the Armory licence.

The Armory licence doesn’t actually specify a copyright. I am no lawyer, but I think that it would be wise to have the copyright owner specified. I understand that copyrights fall by default to the author of any work, but when it comes to legal matters I believe that it is better to be explicit rather than implicit and it isn’t hurting anything to add the copyright.

Edit: Contributor Copyrights

The license should also include “and contributors” in the copyright statement. As far as I understand, all of the contributors to Armory currently own copyright on the portions of code that they wrote. This is fine, because, if they contributed to the project, they contributed to it under the terms of the ZLib license meaning that everybody can use their contributions under those terms just like the rest of the original codebase.

I think that this does mean that relicencing the project with any license that is not compatible with the original ZLib license would require contacting all of the contributors to get their permission to change the license.

There are other projects such as Haxe which copyright the project only under the organization and do not include contributors in the copyright. This should mean that the Haxe Foundation has the exclusive right to the Haxe codebase and could re-license it however they want to because they are the full owners. If it was desired that Armory be owned exclusively by Lubos or by the Armory organization, then it would probably be necessary to get permission from all current contributors to grant ownership of all of their contributions to Lubos.

Water and World Shader are Licenced Non-Commerically

The licence scan detected two non-commerically licenced shaders for the world-pass and the water-pass shaders. These should be replaced with commercially usable shaders.

Disclaimer

To reiterate I am not a lawyer. While I have done my best to understand the way Open Source projects and licensing works, I cannot guarantee that I have a perfect understaning of the law. Regardless, the point of these comments and my voicing of concerns is to do what we can to help keep the project safe and usable. Even if I may not know for sure the legal details, I think that we can still take precautions and do the best that we can to address what might become issues in the future.


Armory or UPBGE?
#2

License Should be At The Top of Every File

I think that it would be good to put the Armory and Kha licences at the top of every file that is under those licenses. This is something that I have seen done on other projects including Godot. Again, I think that being verbose about the licensing is going to be better than leaving it up to interpretation, especially when there are multiple licenses involved, such as with the Haxe and Python code of Armory being under different licenses ( ZLib and GPL respectively ).

I found a tool called addlicense that would be useful for automating the process of adding the licenses to the files.


#3

Kha itself is zlib licensed, everything it depends on at runtime is either zlib or public domain with the exception of the Haxe standard lib which is MIT license and lz4 which is BSD license - in practice that means you have to mention those somewhere in your product. lz4 is in the process of being replaced with a public domain lib (see https://github.com/Kode/Kore/tree/lz4x).
If you find anything which contradicts that, please inform me about it and I’ll take care of it.
Copyright message is intentionally “the Kha Development Team” and yes, changing the license would require all contributors to agree on that - but that’s independent of the copyright statement, you could only avoid it by making all contributors sign a contract. GitHub has functionality for that but I don’t want that. Also won’t add license headers in the source files, it’s just silly and doesn’t help with anything - the git history is a much more proper copyright statement.


#4

Sounds good. Thanks for your response. :+1:


#5

I just finished looking through all of the Armory licenses and it looks like we are pretty good! I was worried for a little bit because there were quite a lot of detected GPL licenses, but pretty much all of it isn’t actually included in the game.

There are only 4 files that should probably be replaced with non GPL alternatives ( other than the two shaders mentioned above ):

I found those in the khacpp repo which is forked from hxcpp so I opened up the issue in hxcpp. Those files won’t cause problems if you don’t need to talk to a mysql database in a C++ build of your game.

Yay! :tada:


#6

Good catch! Will wait for Hugh’s answer, then kick 'em out, don’t think anyone needs that.


#7

cool, is Qub3d going with Armory then?


#8

Qub3d actually shut down. I haven’t been on the project for months now. Unless somebody rebooted it that I wasn’t aware, I don’t think it exists anymore. Now I am working on starting a game with my own team.


#9

Now the only other thing that I think would be good to do for licensing is to get a THIRD_PARTY_NOTICES.txt file in Armory so that users can easily attribute the authors of the software in Armory. That way they can just put the notices in that file into the credits of the game to satisfy the requirements of the project’s licenses. I’ll probably try to put together that file myself some time, but it isn’t immediately critical until somebody wants to sell a game.