Understanding Open-Source Licenses

Understanding Open-Source Licenses

The rise of open-source software (OSS) is significant in today's world. This is because it’s free and open to everyone, leading to its wide adoption. From small projects to billion-dollar businesses, OSS has been adopted for use.

It also serves as an underlying resource to create other software and products. However, ignorance or misunderstanding of the license attached to OSS can lead to consequences.

An open-source license defines the terms and conditions of using OSS. Understanding these licenses is crucial to developers and users to avoid unexpected situations. For example,

  • Choosing an inappropriate license can restrict adoption.

  • Misuse of an OSS license can lead to legal consequences and infringement of rights.

  • Incorrect use of OSS can lead to vulnerability and lack of security.

At the end of this article, we will dive into what an open-source license is and how to identify it in an OSS, its categories, types, and implications.

What is an open-source license?

An Open-source license is a legally defined rule on how to use OSS, which is generally known as the terms. The terms specify the usage, modification, distribution, and commercialization of the software. According to the Open Source Initiative (OSI), open-source licenses follow the open-source definition. These licenses allow the software to be freely used, modified, and distributed.

Developers attach a license to OSS during or after its development. This license clarifies the terms of use. If the terms are followed, it ensures the rights of the software owner and removes legal consequences for the software user.

There are various ways to attach a license. Tools like GitHub and GitLab allow developers to attach licenses for OSS.

How to identify open-source license in a software

On GitHub, users can view the software license by following these steps:

  1. Navigate to the OSS repository on GitHub. Licenses are found in the root folder directory with a file name LICENSE or LICENSE.txt

    CHAOSS open-source software repository

    1. Often, you can see a project's license near the top of the repository page, under the repository name. It comes after the list of files in the repository.

      CHAOSS open-source software repository

Categories of open-source licenses

There are two broad categories of open-source licenses.

  • The Permissive License

  • The Copyleft Licenses

The Permissive License

The permissive license is sometimes labeled as “Anything goes”. This is because of the fewer restrictions in its term compared to other licenses. Permissive licenses permit the use, modification, or redistribution of the software and users don't need to publicize or make available such modifications unless they choose to.

A permissive license also allows commercial use. This means, whether the software is modified or not, you can include it in your products for sale. The main requirement for permissive licenses is to add a copyright notice whether for personal or commercial use. This ensures that the right of the owner is acknowledged.

Examples of OSS that use a permissive license include the MIT License and the Apache License.

The Copyleft License

The copyleft license is also labeled as a “restrictive license”. It is more restrictive than a permissive license. Like permissive licenses, copyleft licenses allow the use, modification, and distribution of OSS. However, every modification must be publicized or available to other users without restriction.

In cases where modification or derivative work from a copyleft software needs a license, it must use the same copyleft license. Some examples of OSS that use a copyleft license include the GNU public license and Mozilla public license.

Types of open-source licenses

There are several types of open-source licenses. Each of them falls into one of the broader categories above. However, we will discuss a few popular ones.

MIT License

The MIT license is a type of permissive license. It is created at the Massachusetts Institute of Technology. It gives users the right to use, modify, or distribute the software. Users may choose not to make their modifications public.

However, users must provide attribution to the owner of the software by including the license and copyright notice. Examples of projects that use the MIT license include Angular, Node Js, and React.

General Public License

The General Public License (GPL) is a type of copyleft license. It is created by Richard M. Stallman; the founder of the Free Software Foundation. In the case of distribution, OSS with a GPL license cannot make their modification proprietary. This means modifications cannot be privately owned or closed. Modifications must be public or made available to other users without limitations.

Any modifications made to GPL-licensed software must be distributed under the same license terms. Examples of projects licensed under GPL include Linux kernel, Notepad++, and WordPress

Apache License

The Apache License is a permissive type of license. It is created by the Apache software foundation. The Apache License allows users the freedom to use software by including copyright and patent information, trademark, and attribution notices.

Unlike GPL licenses, modifications to Apache License software may not use the same license after a modification. However, if the Apache License software is used without any modification, it must be published under the Apache License.

Modifications made to the software must be labeled clearly with a notice. The notice states that changes have been made to that part of the software. Examples of projects using the Apache License include the Apache HTTP Server and Swift.

BSD License

The BSD License is a permissive type of license created at UC Berkeley. It has multiple variants and is similar to the Apache License. The BSD License allows you to use, modify, and distribute software if the copyright and license are included.

It does not force modification to be distributed under the terms of the BSD license. However, you cannot promote your software using the name of the license. It is also compatible with other licenses. Examples of projects that use the BSD license include Go and Django Python framework.

Users can find more licenses on the Open Source Initiative (OSI) website.

Implications of open-source licenses

There are different general implications of open-source licenses whether permissive or copyleft.

  • Consequence: Developers and users need to understand the license they choose. Ignorance of license type can lead to legal issues. For example, if a user modifies GPL-licensed software and adds it to proprietary software, it may result in legal consequences. OSS developers and users must choose the right license.

  • Adoption: Some open-source Licenses are more adopted than others. This is due to the flexibility and usability offered. For example, permissive licenses are more popular. This is because users can build on permissive-licensed software without making it public. This flexibility makes it easier to use and commercialize.

  • Commercial use: Some businesses rely on OSS to create products. However, the license attached to the OSS can impact the commercialization of these products. For example, if a business uses GPL-licensed software to create its product, it may face commercialization restrictions. This is because GPL licenses require modifications to be open and available to the public. Product users may be unwilling to pay for publicly accessible software or products. This is exactly why businesses need to take note of license type if they rely on OSS.

  • Security: Licenses often provide no guarantees about the quality or security of the software. Users must assume the risks associated with potential vulnerabilities, bugs, or defects. This means that issues arising from its use are at the user's risk. This lack of guarantee makes it important to vet any open-source resource before use.

Conclusion

Understanding open-source licenses is important whether you are a developer or a user. By now, you should be familiar with the different categories of licenses. Selecting the right one can help you maximize the benefits of OSS the right way.

Before using, modifying, or distributing an OSS, take time to check the license attached to it. It will help you avoid legal or security issues while ensuring compliance with the terms of use.

Further reading

  1. https://www.nber.org/system/files/working_papers/w9363/w9363.pdf

  2. https://citeseerx.ist.psu.edu/document?repid=rep1&type=pdf&doi=0625aada49caa66436ee6e3fac88542678100d0e

  3. https://opensource.org/licenses

  4. https://www.leanix.net/en/wiki/trm/open-source-licenses