Copyleft licensing implications of BEAM "Applications"

Does anyone have any links/resources regarding the copyleft licensing implications of using a mix library as an Erlang/BEAM Application? I ran across a GPL licensed project that works primarily as an independent BEAM application.

It made me wonder what the legal implications of running/using a mix project with a GPL license. In a normal library based language where you have to call into the code it’s straightforward. But given the BEAM acts in many ways more like an operating system (I use it pretty much as such in IoT), does using an application act more like linked code or an OS process? Technically speaking, BEAM processes send messages, without requiring calling into a library.

Personally for my company, I err on the side of caution and don’t use GPL’ed Elixir code, but it makes me wonder. Has anyone else thought about this?

There is a lot of confusion about GPL and how it applies, and people are usually scared about using GPL licenses server-side for no reason. Disclaimer: I am not a lawyer (but I did quite a lot of research back in the day on the subject), and this is my understanding of the problem.

People are usually scared about using GPL (both v2 or v3) libs in their server-side applications, because they think they’ll have the obligation to release the source code of the application under GPL if they do so, since it’s becoming derivative product and GPL acts like a virus.

GPL, however, requires you to release source code of derived product only if you distribute the software, and - also often important - only to people you distribute compiled version to. Of course you can release the source to general public, or people who you distributed source to can do it freely too, but you don’t have to put the app source code on your web site, unless you distribute the compiled version as well for everyone.

The common use case where it’s totally unjustified to fear of using GPL libraries (server-side) is when you are building application for yourself, or you are a contractor building application to your customer. Take any GPL library (server-side), build your app around it, and you don’t have to distribute the sources under GPL if you never distribute the app. If people just interact with the app over network, you are still good because you are not distributing the app in any form to them.

Things get a little more tricky with JavaScript, since it runs on client-side, and since you distribute it. So you have to be more careful with these, and possibly not a good idea to use GPL JavaScript libraries.

Being able to use GPL-licensed libraries in closed-source products, as long as they happily run on your servers and not on clients, is an obvious loophole. FSF patched the loophole with release of AGPL license. This license is precisely like GPL, but says you have to distribute the source code of your app to also people interacting with the application over network. So, you can’t just grab AGPL-licensed library and use it within your backend system freely, something you can do with GPL.

As far as your original question go, I don’t think it’s any different using BEAM or linking library to program with C / ld on system level. There probably is no loophole there that you can exploit. But you may be just OK to use GPL library anyway because you are not distributing the software at all.

True, in my case I’m making IoT devices which means the GPL does apply when sending to our customers which means we’ll need to post licensing info and links to any GPL’ed code we utilize. Your points all seem useful (and even regarding the AGPL, which I think can be a good idea in specific cases).

Though I’m not worried; I use a fair amount of GPL at the system level and have talked to lawyers about the open source licensing and GPL status of a previous companies code and IP during acquisition talks. Surprisingly, many IP lawyers are surprisingly (still?) shaky in their knowledge of GPL and copyleft, and how it applies.

As far as your original question go, I don’t think it’s any different using BEAM or linking library to program with C / ld on system level. There probably is no loophole there that you can exploit. But you may be just OK to use GPL library anyway because you are not distributing the software at all.

In this case, I’m curious regarding the general “theoretical implications” and don’t actually intend or want to use any GPL’ed Elixir libraries. However, instead of looking for a loophole, I am wondering if it would enable more people to use GPL’ed libraries in their Elixir code provided they meet specific conditions such as not using any API’s or code directly.

From a rough technical perspective, I’m not sure running an Elixir project purely as an Application is the same as using C / ld. What code would I be linking to? The BEAM runtime and Mix provide hooks for a library to be started as an application which a project uses, which seems similar to, say, what ELF does. Say I run an embedded DB as a BEAM application and only connect to it via HTTP calls, would that in good faith be considered “linking” or similar?