Why assume the commit was made in error? It looks like there has been some discussion and it was done completely on purpose.
You cannot compile the binary from arbitrary commits by yourself and release copies of the compiled work as "Microsoft's VS Code" – that's understandable, unless you work for the VS Code team, why should you be able to do that? There are trademarks. But the source code is MIT licensed and I think you are mistaken about whether that is in dispute or not.
That's a technical response to your technical question. The license is there, in the master branch. I don't see any reverted commit, the code is simply licensed as MIT as far as we can tell.
This is the revert of the mistakenly committed code. In this repository's readme there is a link to a thread where (presumably the author, I didn't check) says that the public should be able to use the proprietary URLs because a commit was made that contained them (the parent of the above), and thus they are open source. While this may be technically true, and legally sound, I still claim it is ethically ill founded. You don't need to share my ethical framework.
I do not want, for instance, see the extension gallery become encrypted as a result of third party applications breaking the EULA. This is a very distinct possibility, and it could prevent people such as myself who normally compile vscode themselves, and download and install the VSIX packages manually, from doing so.
But to me the question is purely a moral one, and a question of what kind of president this sets. I don't believe the community should be trying to find legal "gotchas" in order to get around reasonable limitations set in place by a team, else teams will begin to stop using as permissive licenses as they do.
> able to use the proprietary URLs because a commit was made that contained them (the parent of the above), and thus they are open source
You're right about one thing, I don't need to agree with your ethical framework, especially if it means that somehow a URL that I received with no access restrictions or controls, and publicly available data shared behind it, is somehow afforded copyright protections that would restrict me or anyone who received the link from then re-sharing a link to the URL. The courts in US at least have rejected that argument.
> Fortunately, courts generally agree that linking to another website does not infringe the copyrights of that site, nor does it give rise to a likelihood of confusion necessary for a federal trademark infringement claim. [1]
If I took a copy of what was at the URL and redistributed it without receiving a proper license first, then I could be in legal and ethical jeopardy. But simply putting the URL into the product.json file is akin to linking, and the courts seem to have roundly agreed that a Uniform Resource Locator or a Link is a non-infringing form of protected free speech.
At any rate, I hope you see how I may have mis-interpreted what you actually said, as something other than what you've now explained that you meant. It wasn't clear at all.
The parent of this [1] commit was referenced in a thread linked in this repo's readme. I said this in a different thread, but I'll repeat here: I don't believe the community should be trying to find legal "gotchas" such as this one in order to get around reasonable limitations set in place by a team, else teams will begin to stop using as permissive licenses as they do. This is a matter of ethics for me, as the legal nature of committing to an MIT licensed project is not up for debate. You of course don't need to share the same ethical framework as me.
If you had linked that comment in your first reply, I would have agreed with you and we probably wouldn't have had any of this to talk about :)
A license granted by accident without consideration in return is not a "no takebacks!" situation. If I paid for that license and then you said, it was granted by mistake, I may have a legal leg to stand on in terms of "no takebacks" claims. But if it's just a URL, I'm pretty sure I actually don't need any license or your permission to copy it.
(If you wanted the data that the URL serves up to be protected, then you should have implemented some kind of actual protection scheme, like a token auth system that restricts access to authorized users only, instead of serving that content up to anyone who knows where it is located on the public internet.)
I don't think that's what they've actually tried to do here, so the issue is really moot. Thanks for clearing up what you meant for me, and have an upvote.
My bad. I follow VSCode closely and incorrectly assumed everyone had gone through the same BFS of the the repository as me.
And yes I don’t mind the URL being public as much as the means by which the legal justification was achineved. Reverse engineering is, in some jurisdictions, totally legal, and it wouldn’t be hard at all to simply look at the requests being made by the application. That I’d be fine with. This sort of underhand “got you!” Is what bothers me.
You cannot compile the binary from arbitrary commits by yourself and release copies of the compiled work as "Microsoft's VS Code" – that's understandable, unless you work for the VS Code team, why should you be able to do that? There are trademarks. But the source code is MIT licensed and I think you are mistaken about whether that is in dispute or not.
https://github.com/Microsoft/vscode/issues/60#issuecomment-2...