http://www.perlmonks.org?node_id=514904


in reply to Re^14: Why non-core CPAN modules can't be used in large corporate environments.
in thread Why non-core CPAN modules can't be used in large corporate environments.

That's the entire point of why I'm making such a fuss, it can very easily become more than just theoretical nonsense. If you just copy OS code into your internal application and do not attribute it correctly, your manager/successor/etc. may come along, see this code and also find out that it is being distributed for free by someone else they don't know (who happens to be the original author John Doe, but how is your manager supposed to know that). Your company then decides to sue John Doe for copyright infringement and he is left with the mess all because you forgot/didn't care to include his copyright in the code. This is a very real danger, and because of that you should always include attribution (aside from the fact that it is factually illegal not to do so and just plain disrespectful towards John Doe who after all has done a lot of work which you now profit from).

There are all sorts of caveats you can bring to this such as you may be the only one who ever sees/handles the code, you think you can always tell your manager later who wrote this subroutine or you don't think your company would ever be so mean as to sue someone. To which I reply this is real life and shit happens, you should attribute code for the same reason you check for success on an open call, it may work 99% of the time but the 1% it doesn't work it'll blow up in your face and someone will get hurt. Also, we were talking about code that is integrated into a corporate codebase where the developer has little to no control over what happens with the code afterwards. If all you have is a website which you tinker with on your own and you mix in another person's code without attribution noone will find out or care and Richard Stallman won't come round your house to kneecap you. But if your website becomes hugely popular and you sell it off to $megacorp for $megabucks and suddenly the authorship of this code is in question things become different (okay, Richard still wouldn't kneecap you because he's a nice guy, but he'd have a point to ;-).

And IMO it's just plain ethically wrong to take the code from someone who is making it freely available, and has gone out of his way a lot to help you with it and then not do the single thing he asks in return, which is that you properly attribute the code to him. I don't know if ethical issues are just theoretical for you, they aren't for me.


Debugging is twice as hard as writing the code in the first place. Therefore, if you write the code as cleverly as possible, you are, by definition, not smart enough to debug it. -- Brian W. Kernighan