I think the magnitude of this change warrants enough notification. This change has the potential to affect downstream projects that have licensed themselves as GPLv2. Currently, all these packages are safe to do what they want with Stan, but after Stan starts depending on an Apache 2-licensed dependency, these packages won’t be able to distribute a pre-compiled Stan program as part of their package and leave their licensing as GPLv2. (Yes, that’s a lot of conditions that need to be met, but it is a change and we would be forcing action on developers.)
As an example, if someone were to do something like rstanarm but with cmdstanpy AND it was licensed GPLv2, that package would be licensed improperly; this is fine to do without Math depending on Apache 2.
These are the RStan packages that are listed in the “reverse depends” section that are licensed GPLv2:
I’m just bringing this up because there exist multiple open-source packages that are licensed as GPLv2 and we’re making a change that could affect these packages.
We’re not responsible for the legality of anything outside of Stan, but we should still be courteous to members of the community when there’s a big change like this. My only request is that we make a new thread so the information is easy to digest and there’s a clearer call to action for those that actually want to make a statement. I’m guessing we’ll have 0 responses, but I’d rather give an opportunity than have the start of the decision-making process happen ~50 posts into a thread that doesn’t indicate that changing dependencies may have a lasting effect.
@breckbaldwin, if you still feel the way you do, that’s fine. I’ll find emails of all the GPLv2 packages that depend on Stan and ask that you contact them directly.