Replies: 1 comment
-
|
Hi horowity, for me the licenses of python packages installed with pip are independent. They are different packages installed in different folders. oletools calls pcodedmp, but they are not bundled together. It's the case for any package or application that is installed with pip, which can install many dependencies, dependencies of dependencies, etc. In theory one needs to check the license of every package. And for the --no-pcode problem, please check if it is still the case with the latest version. I think we fixed something related to this recently. If the bug is still there, please open a separate issue. |
Beta Was this translation helpful? Give feedback.
-
I see that oletools is published under BSD license, but as it use by default the pcodedmp project which is published under GPLv3, I think there is a licensing issue here.
One could simply do 'pip install oletools' and think he just need to follow the BSD license, but GPLv3 license is "transitive".
I think a good solution to this issue could be to make the default option not to use pcodedmp, so one will need to actively specify usage of this software.
And BTW, I think there is a problem with --no-pcode option, as it misses 'dest="no_pcode" ', so there is no actual way to disable pcodedmp usage in oletools.
Beta Was this translation helpful? Give feedback.
All reactions