Over the weekend, WordPress creator Matt Mullenweg took to his personal blog to call out Wix, which offers Website-creation tools, for theft of code. Specifically, Mullenweg said Wix ‘stole’ code from a WordPress open-source project for use in its own mobile editor. It didn’t, but the ensuing slap-fight raises good points about best practices for using open source software.
This all has to do with a mobile text editor that Wix recently added to its app. Instead of building something from scratch, Wix’s developers took some existing WordPress code and made it work for Wix’s native app.
Here’s the crux of Mullenweg’s blog post, slamming Wix:
If I were being charitable, I’d say, “The app’s editor is based on the WordPress mobile app’s editor.” If I were being honest, I’d say that Wix copied WordPress without attribution, credit, or following the license. The custom icons, the class names, even the bugs. You can see the forked repositories on GitHub complete with original commits from Alex and Maxime, two developers on Automattic’s mobile team. Wix has always borrowed liberally from WordPress — including their company name, which used to be Wixpress Ltd. — but this blatant rip-off and code theft is beyond anything I’ve seen before from a competitor.
In a Medium post, Wix’s mobile engineering lead, Tal Kol, says he was first introduced to the tools used within the Wix mobile app at a React Native conference in Europe, where the Automattic team (Automattic is the company behind WordPress and other bits of software) suggested he take a look at what they had available in open source:
Since we build the app entirely with React Native, at the beginning of June we went to React Europe, a conference in Paris. Automattic had a booth in this conference.
I’ve spoken to some of the engineers in the booth and we had fun together. They even gave me a WordPress T-Shirt. I told them we’re working on the Wix app and are looking for a mobile-optimized Rich Text component. They suggested we check out their open source one.
Since their open source Rich Text component does not support React Native, we suggested to collaborate and help create an open source wrapper and add React Native support to their component. They thought it’s a great idea.
On the surface, this situation looks like a misunderstanding between two very public companies/teams. The underbelly of this dust-up is much more interesting, though: it’s not that Wix stole any code, per se, it’s that the company didn’t use the proper licensing.
WordPress tools were released into open source under the GPL license, which is a ‘copyleft’ license that demands any subsequent work be released under the same license.
In this case, Wix took something released under the GPL license, created a React Native wrapper for it, and released it under the MIT license. At the end of its repository for the React Native wrapped editor, Wix writes: “Code in this git repo is licensed MIT, please consider the licenses of the dependencies separately.” That’s just not adequate when dipping into GPL licensed code.
In a rebuttal to Kol’s post as well as a blog post penned by Wix CEO Avishai Abrahami, Mullenweg hits that point home, writing: “I said the app includes stolen code. It doesn’t matter if it’s 30 lines or 30 million lines: because it includes GPL code and you distributed the app, the entire thing needs to be GPL. If you release the entire app’s code, as I think you said you would, then that resolves the license violation.”
Much consternation goes into open source licensing, and the issue between Wix and WordPress underscores why. These types of mistakes are easy to make if you’re not paying careful attention to licensing – especially if you or your company has a preferred license. Wix seems happier using the MIT license, which is much less restrictive than GPL (WordPress’ choice).
In this case, code distributed under a GPL license can’t be pinched and utilized elsewhere, so to use WordPress’ code, Wix would need to distribute its React Native wrapper under a GPL license.
It’s easy to overlook the license when using open source code, but it’s better to make sure you understand the licensing requirements than end up being branded a thief (even if that tag is in spirit alone). Most larger companies simply default to MIT or Apache licenses as they’re less restrictive; but those aren’t the only licenses available to open source contributors.