Welcome to the C# open-source community. That'll be $900.

Open source != free

The "devrant" tag doesn't mean "developer rant" because there are no finance and HR folks here. Every rant is a "developer rant". Who would have thought this?

The "devrant" tag is for shit about devrant.com itself.

Eh?

@Fast-Nop Oh, ok. That's not very clear when you post on the website. I see now that the placeholder text on the app says, "Talk about devRant," but on the website it just says, "The rant starts here..." I posted this on the website.

@RememberMe There's a ton of C# libraries that are open-source, but the licensing to actually use them can be expensive. Typically hundreds, or even thousands of dollars. It's extremely frustrating when you're working on a small project. It gets even worse when other people use them as dependencies for their own open source projects. So just one library could end up costing you several thousand dollars to license. I keep running into that problem. You really have to read the fine print before deciding to use one.

@jespersh For example, I was looking at https://github.com/tgjones/gemini, which has the Apache license, and is free to use in commercial projects, however, one of its modules depends on https://github.com/xceedsoftware/..., which is not free for commercial use. So in order to use Gemini, I'd have to pay $419 to Xceed.

@aviophile I don't expect it to be free. But the costs shouldn't be hidden.

Recursive dependency licence management is a surprisingly hard problem. New packages may be added, or existing ones may change their licence.

That's why SPDX was invented, see: https://en.wikipedia.org/wiki/...

At its simplest level, it just means including a well-defined source text comment as first line in every source text file so that you can grep through everything and figure out what licences you even have onboard.

It's particularly useful to avoid a breach of copyright by unknowingly including GPL'ed components.

@ezpz

This is why web development is so much easier.

You just install, or even copy paste everything together regardless of licensing models, then deploy it all to a backend server so no one will ever know the extent of your piracy.

I've seen a private Github repository mirroring the Laravel Nova package (which you can normally only install after paying the $99/project license to access their package server), with over 200 companies having permissions so they can set the mirror as a composer source.

@bittersweet tbh I don't understand why web dev protects you here. If I develop a backend noone knows either. Even without a web frontend.

@KDSBest Yeah definitely. It's just application development where it often becomes more apparent, but in web frontend you have to be careful as well.