The GPL states “No Warranty”.
I believe that a “reasonable care” standard would still apply.
I can make any contract I want to. It does not mean that the Law will enforce it against the public interest.
There are limits to freedom to contract.
Several jurisdictions also have Consumer Protection legislation.
We’re discussing whether a “No Warranty” clause would protect CP in the following case:
CP was informed of (and confirmed) a vulnerability in a plugin in the repository and purposefully failed to remove it from the directory.
At this stage, we should consider both cases where the plugin directory is monetized (e.g. commissions) and where it is not.
A warranty is a contractual device. The duty of reasonable care is part of the law of torts (delicts). They are distinct areas of law. So no warranty does not necessarily mean no duty.
1 Like