The VMware open source lawsuit – and what it means for you

The VMware Open Source Lawsuit – And What It Means For You
Table of Contents

The various headlines discussing the lawsuit against VMware have probably caught your eyes. Long and detailed articles discuss the lawsuit, the GPLv2 open source software license and the VMware implications.

But what does all this mean for software developers? In this post we briefly explain what the lawsuit is all about, and more importantly – what does it all mean for you.

The lawsuit

Top Linux contributor Christoph Hellwig is suing VMware for violating the GPLv2 free software license with its use of Linux and other source code in a component of its product. Hellwig’s suit is supported by the Software Freedom Conservancy.

At the core of the lawsuit is the fact that open source software, such as Linux, is free to use but comes with a license. When using open source software, you must legally comply with the terms of the license. The terms can be as simple as mentioning the use of the software in the release notes. Other licenses can impose certain restrictions on distribution or on the Intellectual Property of your software.

In this case, according to the Conservancy, VMware has used parts of the Linux Kernel software (which is open source) to create some of their products, without complying with the Linux Kernel open source license.

About the GPLv2 license and this case

The GNU General Public License Version 2 (GPLv2) is the most widely used license for free and open source software.

GPLv2 requires modifiers of the open source software (for example, allegedly, VMware) to provide their customers with access to the source code of the modified software.

What do the suing parties expect VMware to do?

According to the Conservancy, they have asked VMware to take the necessary steps to comply with the terms of GPLv2. VMware claim that they already comply with these terms.

The issue is now debated in a German court.

What does this mean for you?  

You too probably use open source software to develop better software products, reduce development costs and get to market faster.

Open source software is free to use but has a license attached to it. The license requires you to do certain things: in many cases complying requires you to mention the open source components in the release notes. In other cases it requires you to provide copy of the source code to your users or customers.

To comply with the requirements of open source software, you need to do the following:

  1. List all your open source components. Make sure you know of all of them – some open source components may contain other open source components (dependencies). Our research of 300K open source components shows that on average, every component has 7.1 dependencies.
  2. See what open source license is attached to each component, and what the license requires you to do to comply.
  3. Do what it takes to comply.

An update: in a CBR article, VMWare explains why it thinks that it complies with the GPL license requirements, and the Software Freedom Conservancy talks about the increase in GPL violations volume and why enforcing the GPL license terms is so important for the open source community and the software developers community.

Stay up to date on open source licenses

Recent resources

Mend.io is a Strong Performer in the Forrester Wave™ Software Composition Analysis, Q4 2024

See why Mend.io is recognized as a Strong Performer in The Forrester Wave™ Software Composition Analysis (SCA) Q4 2024 report.

Read more

Mend.io & HeroDevs Partnership: Eliminate Risks in Deprecated Package

Announcing an exclusive partnership between Mend.io and HeroDevs to provide support for deprecated packages.

Read more

All About RAG: What It Is and How to Keep It Secure

Learn about retrieval-augmented generation, one complex AI system that developers are using.

Read more