Ollama violating llama.cpp license for over a year

(github.com)

202 points Jabrov | 2 comments | 16 May 25 10:36 UTC | HN request time: 0.488s | source

Show context

rlpb ◴[16 May 25 11:40 UTC] No.44004169[source]▶

I don't see how this claimed issue is valid.

https://github.com/ollama/ollama/blob/main/llama/llama.cpp/L... says:

"The above copyright notice and this permission notice shall be included in all copies or substantial portions of the Software."

The issue submitter claims:

"The terms of the MIT license require that it distribute the copyright notice in both source and binary form."

But: a) that doesn't seem to be in the license text as far I can see; b) I see no evidence that upstream arranged to ship any notice in their binaries, so I don't see how it's reasonable to expect downstreams to do it; and c) in the distribution world (Debian, etc) that takes great care about license compliance, patching upstreams to include copyright notices in binaries isn't a thing. It's not the norm, and this is considered acceptable in our ecosystem.

Maybe I'm missing something, but the issue linked does not make the case that there's anything unacceptable going on here.

replies(6): >>44004268 #>>44004435 #>>44004436 #>>44005493 #>>44005587 #>>44009880 #

1. Tomte ◴[16 May 25 13:55 UTC] No.44005587[source]▶

>>44004169 #

The need to extract license and copyright information for binary distribution is universally accepted among Open Source license compliance practitioners and lawyers.

There is a whole industry of tools around it (Fossid, Fossa, BlackDuck, Snyk), as well as Open Source projects ( FOSSology, scancode, oss-review-toolkit).

Re: Debian, they have copyright files in their packaged that are manually curated by Debian Developers and should include all those license texts and copyright notices.

replies(1): >>44009593 #

2. rlpb ◴[16 May 25 20:36 UTC] No.44009593[source]▶

>>44005587 (TP) #

Ah - we're talking about different things.

I was concerned about the implication (or so I thought) that a binary executable should provide the required documentation (eg. via --version or similar). You are thinking about the text being included as part of a binary redistribution. That did not occur to me, because to me, GitHub issues refer to sources, not binary redistributions.

But of course GitHub does have a Releases page. If those binary redistributions do not contain the license text, then I accept that's something that Debian does do, and is the norm in our ecosystem.

But as other commenters have said, it's not completely clear that this is actually a violation of the license, since https://github.com/ollama/ollama/releases/tag/v0.7.0 for example bundles both source and binary downloads and the bundle does contain the license text via the source file download. Certainly anyone who downloads the binary from the maintainer via GitHub does have the required notice made available to them.

↑