NMAP Security Scanner License Incompatible with Fedora

The Fedora project has reviewed the NPSL license, which the Nmap network security scanner recently switched to, and concluded that it does not meet the code license requirements valid for use with the distribution. Therefore, new Nmap releases and other packages with NPSL-licensed components will not be able to be included in the official Fedora, EPEL, and COPRs repositories.

The reason is the presence in version 0.92 of the license of an item that discriminates against certain categories of users, i.e. this license does not meet the Open Source Criteria as defined by the Open Source Initiative (OSI).
In particular, the NPSL defines restrictions on the use of code by companies that release proprietary software. If an updated version of the NMAP license is released, Fedora representatives promised to re-analyze and remove the license from the list of prohibited for use in Fedora if the noted deficiencies are corrected in the new version.

Recall that Nmap was originally shipped under a modified GPLv2 license , but starting with the October release, Nmap 7.90 moved to the new NPSL (Nmap Public Source License) license. The NPSL is also based on GPLv2, but is better structured, clearer, and includes additional exceptions and conditions. For example, the license provides the ability to use Nmap code in products under GPL-incompatible licenses after obtaining permission from the author. NPSL also specifies the need for separate licensing when shipping or using Nmap as part of a proprietary product.

Including NPSL explicitly states that the license does not allow Nmap to be redistributed or used on proprietary hardware devices. Manufacturers of proprietary equipment are encouraged to purchase a separate license prepared for OEMs through which project development funding is funded. The difference from traditional dual licensing boils down to the fact that the GPL + commercial license does not prohibit the free use of the GPL code in proprietary products, but requires compliance with the GPL license, i.e. opening the code of modified and related components. This feature is blocked in NPSL.

/Release. View in full here.