<span class="gmail_quote">On 10/23/07, <b class="gmail_sendername">Dan Scott</b> <<a href="mailto:denials@gmail.com">denials@gmail.com</a>> wrote:</span><br><div><blockquote class="gmail_quote" style="border-left: 1px solid rgb(204, 204, 204); margin: 0pt 0pt 0pt 0.8ex; padding-left: 1ex;">
I would strongly suggest posting the code to the sirsiapi repository. I'm not a lawyer, but (to my understanding) <a href="http://sirsiapi.org" target="_blank" onclick="return top.js.OpenExtLink(window,event,this)">
sirsiapi.org</a> is the only SirsiDynix-sanctioned location for hosting code that uses the Unicorn "API" to extract information from Unicorn. Sites that have signed a contract with SirsiDynix for Unicorn typically have agreed to not reverse-engineer the product (meaning that they agree to not try and figure out how the Unicorn "API" works) and if they have taken the "API" training course then they have agreed to not share any of that information (including code examples) outside of the SirsiDynix-sanctioned locations.
</blockquote><div><br>In my opinion, the repository is an unsuitable venue, since it requires considerable cost and Sirsi's blessing to even evaluate the (mostly tentative) code in it. There are less than 40 total contributors to it, all time. So from a practical perspective, it's the wrong choice.
<br><br>As for the legal questions, I'm not a lawyer either, but I do take them seriously. More seriously, I suspect, than the former management at Sirsi. <br><br>I attended SD's week-long "API Training" course while in the employ of a 5-county educational consortium, with whom I had no non-disclosure agreements at the time, nor any other kind of contract now. (I don't work there anymore.) Since I was a public employee at the time, literally all the code I wrote is is a public work-product and like all my correspondence there, is subject to public disclosure laws. Anyone could ask for it today, and my former employer would still be obligated to provide copies of it.
<br><br>The various warnings from SD about sharing materials did not amount to a NDA, in my opinion, just an acknowledgment of their copyright to the actual training materials. (That's funny, since their main docs are a handbook containing mostly the STDERR "usage" messages
from their various executables, but in an even less readable format.) But even if they *did* have a bulletproof NDA, I certainly wouldn't have any authority to suspend state law in order to accept it. <br></div><br>
<blockquote class="gmail_quote" style="border-left: 1px solid rgb(204, 204, 204); margin: 0pt 0pt 0pt 0.8ex; padding-left: 1ex;">I would be concerned on behalf of the library posting Unicorn "API" code to a public site like
SourceForge.net that they could be opening themselves up to lawsuits due to breach of contract, if the vendor was to get to such a bad state that they started suing their (former) customers.</blockquote><div><br>It may be true that SirsiDynix eventually goes the way of SCO, adopting a litigation-heavy business model. In either case, I don't consider it ethical to limit my behavior because of this possibility, in particular if the result is more people stuck paying a litigious vendor they'd prefer to leave. If spurious liability is the real concern, in the modern era it would not be difficult to post the code anonymously, or via foreign proxy.
<br></div><br><blockquote class="gmail_quote" style="border-left: 1px solid rgb(204, 204, 204); margin: 0pt 0pt 0pt 0.8ex; padding-left: 1ex;">Any code dealing with the results of using the Unicorn "API" to extract data should be openly shareable, because at that point you're just dealing with data structures. But I would be worried about openly sharing the actual commands, err, "API instructions" required to get that data out of the system.
</blockquote><div><br>Unicorn uses either Oracle or an ancient version of Informix as the back end database, in conjunction with a bunch of flat files. Nothing particularly special is required for anyone to access the information directly. In that way, the API question could be sidestepped entirely.
<br>-- <br>Joseph Atzberger<br>SysAdmin, LibLime<br><a href="http://liblime.com/koha">http://liblime.com/koha</a> <br>1(888)KohaILS<br><br>ps: Needless to say, my comments are my own.<br></div></div>