Hey everyone, I've got a bit of a situation and could use some insight.<p>So, I created this open-source project called Outstatic (https://outstatic.com), it's been my pet project for a while. But here's the twist: I just found out someone on HN (https://news.ycombinator.com/user?id=hoofhearted) took my entire project, renamed it, and has been showing it off all over the internet as their own thing.<p>I'm not usually one to call people out, but this is just too much. The only reason I found out was because this person was asking for help with my project on our Discord server, and I got curious.<p>Turns out, they've been pretending to develop this 'new' project since April and have even been warned by the mods here for spamming about it. When I casually mentioned that I stumbled upon their project and that it looked cool, they went on and on about their 'original vision' and even had the nerve to ask me to join them as a co-founder!<p>I understand that open source means people can use and modify the work, but claiming total credit and denying any connection to the original project? That's a bit much. I did bring up the issue of giving credit and licensing, and the response was a vague promise of 'eventually' doing it.<p>Just wanted to get this off my chest and see what you all think. It's a weird spot to be in, for sure.<p>He's fooled a bunch of people into joining and contributing to “his project”. So I feel like I should at least warn them that they are making contributions to a "stolen” project.<p>Here's a list of posts where this person claims they built everything and intentionally mention all the tech stack but leaves “Outstatic” out of it: https://dub.sh/code-theft
For more context, the author of the fork seemed to have stepped in to "answer" some of the concerns in the Reddit thread by OP, and some of it is just plain hilarious.<p><a href="https://www.reddit.com/r/nextjs/comments/17wujjc/my_open_source_nextjs_static_cms_got_stolen/" rel="nofollow noreferrer">https://www.reddit.com/r/nextjs/comments/17wujjc/my_open_sou...</a><p>Claiming that the project is "a copy of a copy" because the author forgot to switch the license from the template MIT which had "Vercel" in it - <a href="https://www.reddit.com/r/nextjs/comments/17wujjc/comment/k9jxxgi" rel="nofollow noreferrer">https://www.reddit.com/r/nextjs/comments/17wujjc/comment/k9j...</a><p>Claiming code (!) contributions to the project, while there is only a single commit by him (fixing typos) and he has an unresolved conversation in a single GH issue - <a href="https://www.reddit.com/r/nextjs/comments/17wujjc/comment/k9jwzt0" rel="nofollow noreferrer">https://www.reddit.com/r/nextjs/comments/17wujjc/comment/k9j...</a> (the commit is <a href="https://github.com/avitorio/outstatic/commit/442a3189697540e2ec460852787d6cb7f2a49e3b">https://github.com/avitorio/outstatic/commit/442a3189697540e...</a>, issue <a href="https://github.com/avitorio/outstatic/issues/73">https://github.com/avitorio/outstatic/issues/73</a>)
I checked the source code in both projects and it seems that a fair amount of rework has happened already. They don’t really look alike beyond bits of structure and the basic layout.<p>This is exactly the intent of a MIT license. The only unfair aspect is that they seem to have removed the original license notice, which is a requirement.<p>Their project is MIT licensed too, so if you like what they’re doing you can play your Uno reverse card!
Relevant portion below, taken from this page (<a href="https://dev.to/sadeedpv/someone-copied-my-code-on-github-and-claimed-to-be-his-own-project-4dho" rel="nofollow noreferrer">https://dev.to/sadeedpv/someone-copied-my-code-on-github-and...</a>):<p>'With the MIT license, you should really also put your copyright and license notices at the top of each source file in a comment in addition to the license file in the repo. This way if someone uses one or more files but not entire repo, your copyright notice and license declaration stays with your code, unless they deliberately remove it. With only a license file you risk someone who only needs one of your source files separating those notices from your code accidentally with no ill-intention toward you or your work.'
Sorry disclaimer, I'm too lazy to immediately check everything myself, but will, and will write confirmed or not-confirmed.<p>So, I read comments and few surface details. What I note:<p>1. Original project is MIT licensed. MIT only forcing, IF you use it, to make special page with mentions of all MIT licensed code used in project and nothing more.<p>2. ANY software project could being divided to separate independent parts, which will be then rewritten based on clean room methodology, and after this you could just remove ANY mentions of MIT licensed code which was used earlier.
As I understand, person who copied your project, rewritten all your code himself and NOW he have not any your code in project.<p>Unfortunately, now you only can do something much exceed properties of your tween, so he will have to race with you or you'll win.
It is definitely unfair at say the least. I do see that their About text in Github has outstatic but that is it. If the code was directly copied pasted (regardless of MIT license), he should at least mention your project as a courtesy. This is why we can't have nice things. I don't know how to help you more but I do feel your pain and I wish there weren't people like this in the world. But they do exist.
Well, your license gave them permission to pretty much do anything. As nefarious as it may be, it is not illegal.<p><a href="https://github.com/avitorio/outstatic/blob/canary/license.md">https://github.com/avitorio/outstatic/blob/canary/license.md</a>
I think you're right that he stole your work without proper attribution. I'd suggest reporting his Reddit thread(s) if you haven't already. Or start a new thread like this HN one.
Elegant-cli's author's mistake was not including a full-text copy of your MIT license (which has <i>your name</i>) in the repository (his own MIT license does not count as a "proxy"). That is precisely what the MIT license requires, and hence a direct non-compliance by Elegant-cli.<p>However, the MIT license does not dictate how Outstatic should be mentioned in Elegant-cli's marketing materials (like their website or README file).<p>Though poor etiquette, it is permissible for Elegant-cli to not mention you or Outstatic anywhere else, so long as full-text license copy with your name is included in the repository.<p>If you needed that kind of attribution, you should have picked something like the BSD-4-Clause (<a href="https://spdx.org/licenses/BSD-4-Clause" rel="nofollow noreferrer">https://spdx.org/licenses/BSD-4-Clause</a>) or MIT-advertising (<a href="https://spdx.org/licenses/MIT-advertising.html" rel="nofollow noreferrer">https://spdx.org/licenses/MIT-advertising.html</a>) licenses, instead of the MIT license.
The first thing that came to my mind after reading your post was the philmarilion from 4chan. Collecting these posts and submitting them with all these commentaries is.. a bit creepy. I find collecting stuff to be a good idea, but publishing them in this manner is another thing, seems to be a very knee-jerk reaction.<p>When I compare the two projects, I do see that you are right, he obviously just copy-pasted, I do understand your outrage. Why are you trying to shame him here, where your post will be compost in a matter of hours, instead of opening an issue or two (phrased more diplomatically) in his github project, and post the link here?
I wonder what you want to get out of this, and what damage his clone is causing you and your project?<p>I've had my website cloned before and I totally get the feeling and absurdity of the situation, but realistically there is not a lot you can do without it (negatively) impacting you as well.<p>I think it's good to message this person, as they probably should include your license, maybe indeed make people aware, but at some point it might be better to let it rest and focus your energy towards your project.<p>Especially if it's not really a threat to your project (and it doesn't look like it is as your project seems like it's doing quite well, congrats!) you could wonder if the best course of action is to just not give it any attention at all.
If you're really bothered by it, find a lawyer that will push the license issue further. You can get your product's name/license in there where credit is due.<p>Other than that, all you can do is build a better project (product?). It's the nature of the beast in open source... people steal constantly. You built something and were successful enough to have it stolen (at least once).
My previous submission months ago asking for guidance on open source licensing to avoid situations exactly like this: <a href="https://news.ycombinator.com/item?id=36327372">https://news.ycombinator.com/item?id=36327372</a>
In the age of LLM , MIT credit become irrelevant because I could just let AI digest whole repository and let it spit out code that is unrecognizable to yours and everyone can just claim - this code is generated by AI, or they wrote them. AI not gonna give credit at all.
Hey dang, this guy is out here bashing me and spreading false claims; all which have been proved to be false.<p>Can you remove this post or something please?
I think you have an issue with what open source means. He does mention outstatic in his repo and it seems that your project is one of many he's using. It seems like he's better than you at keep developing/selling the project, you should find a way to benefit from it, for example selling outstatic to his audience.<p>Edit: just checked the difference in stats of the project and his project is so smaller. I think you are complaining about nothing - soft and hard forks are the norm.
A risk is that this other person will claim to be the original author and sue or otherwise attack you for copying their work. I am not a lawyer, but in your case I would contact one and make sure that I had enough documentation of my authorship to survive a legal claim.<p>(My experience is in the United States only; things might be different in other countries).
Hey HN,<p>These claims that op has made have been found to be false. His project uses an Open MIT license, and I forked it like a good OSS community member does.<p>The main dealer breaker for me not using his code directly within my project was a serious GDPR and data privacy violation that I found on the surface of OP’s code.<p><a href="https://github.com/avitorio/outstatic/blob/d440f8f53ee559fb316798fe901be7802a2f11e4/packages/outstatic/src/components/Sidebar/index.tsx#L32">https://github.com/avitorio/outstatic/blob/d440f8f53ee559fb3...</a><p>There is no disclaimers or privacy polices within OP’s website, project, or readers that say he is collecting analytics data, including sensitive GitHub project details.<p>Some of my users and customers require ISO2700 and SOC2 compliant solutions, and this was a huge red flag to us.<p>I contacted OP about it, and other security issues, but he blew me off and turned to trashing me online like this.<p>What do you think?
It seems to me that they forked your (MIT-licensed) project and are now more successful than you at marketing it and getting contributors. Yes not giving credit to you is a dick move, but it isn't a requirement of the license. Words like "stolen" are out of place and just make you sound bitter to be honest. This is just how open source works.