Introduction to open source software licensing
Developing software is something that involves more than just writing code. It’s a series of actions, processes, conventions and rules that dictate how the code is structured and how it’s read/interpreted by machines and other people. In other words, coding has a structure similar to language in which there is a message (code) made and/or broadcast by an issuer (developer or company) and destined to a receiver (machines or third parties).
The receiver role is performed by many entities throughout software’s life: it can be the machine that receives it’s instructions, the people that use the demanded product or even some other software that uses it.
The issuer, on the other hand, will always be the person that designs or broadcasts the message with the necessary characteristics to be recognized and interpreted by the receiver.
To understand the message it’s necessary to differentiate the content from the envelope, which means, to differentiate the code itself from the series of technical and legal requirements that must be followed in order for the message to be broadcast in an efficient way.
About the legal requirements, which is the focus of this article, licensing is the most important one to make a message available to others. Licensing happens when the issuer makes the message available to the receiver and declares a series of rights and duties to both parts.
The licensing can be proprietary or open, with the major difference between those being the possibility of the receiver to retransmit the message and then effectively become a new issuer.
If the issuer doesn’t declare a type of licensing then the law states that the proprietary licensing will be applied, which implies in a series of restrictions to the receivers, like the prohibition to replicate. In contrast, the open licensing was proposed as a solution to the limitations that the proprietary model enforces to any community that has free exchange of ideas and allows software to be received and replicated with less restrictions.
The open licenses are different among themselves and the receivers’ rights and duties vary depending on the license applied. The major restrictions applied to the receivers through open licensing are:
i) attribution (obligation to attribute the software ownership to the issuer)
ii) modification (the receiver right to alter the software)
iii) copyleft (receiver obligation to broadcast the software, even if modified or derivative, with the same garanties and rights originally granted).
To make it easy to understand each open license restrictions, bellow we summarize the characteristics of the five major licenses in the market:
MIT: MITis a permissive license, in other words, there are few restrictions to broadcasting the licensed software through it. The only limitation for the receiver is the obligation to “assign authorship” to the issuer whenever replicating the code.
Apache: Apache is a permissive license just like MIT. The major difference between them is that this one, beyond compelling the receiver to assign authorship to the issuer, also obliges the receiver to make public any changes executed on the original software before broadcasting it.
Mozilla (MPL 2.0): Mozilla license has copyleft restrictions i.e. the receiver, when replicating the software, is required to keep the characteristics and rights attributed by the issuer in the original broadcast. Contrary to others copyleft licenses, Mozilla’s allows the code attributed under it to be incorporated to derivative softwares broadcasted via proprietary licenses, if the part originally broadcasted under Mozilla’s license is segregated in separate files that allow editing by the new receiver and the source-code is made available.
GPLv3: GPLv3 is characterized by its strong copyleft aspect because the receiver can only replicate the software if it guarantees the same rights and obligations to the new receiver, which is obtained through the use of the same license or compatible licenses. With the GPLv3 license each retransmission of the software raises the amount of messages submitted to a copyleft license which is why it’s known as a “viral license”.
The LGPLv3 is a copyleft license. The transmitted software under it can only be replicated by the receiver under the same license or compatible licenses. However unlike the GPL license if the transmitted code under LGPL is used as a library through dynamic linking the receiver software is not obligated to be licensed under the LGPLv3 but the issuer must provide the means for the content to be accessed and altered by the receiver.
Choosing an open license depends on the goals that the issuer has. When using permissive licenses like MIT and Apache the issuer guarantees more freedom to the receivers that can replicate the software using any license, be it open or proprietary, through a process called relicensing.
When choosing copyleft licenses, on the other hand, the issuer restricts the receivers’ options which can only replicate the code using the same or compatible licenses. In this case the issuer has the guarantee that the software and its derivations will remain open in every retransmission.
There’s no ideal license to be used; there are different situations where each advantages and disadvantages are more prominent. The choice on which license to use is up exclusively to the issuer that judges the goals of its message sovereignly.
At Hash we like to discuss this kind of subject that permeates many teams. We wrote this post after our Legal Team researched about the subject when talking about it with the Tech Team. If you are interested to join this type of conversation with us we have many open opportunities: https://jobs.lever.co/hash.