Hiding the entire history of this incident[1] behind a force push[2] to make it seem as if credit was given and proper license was chosen from the start really displays a lack of integrity, and tells me it’s definitely malicious (which should be quite clear from zero mention of the original project to begin with, but this act reinforces that) rather an inadvertent screwup.
I don’t think the rebase is malicious. Would they even be allowed to continue distributing the older commits (where they claim an Apache license) or would that be to perpetuate the license violation?
