Over a million developers have joined DZone.
{{announcement.body}}
{{announcement.title}}

Open Source, Like Ice Cream, Can Get Messy

DZone's Guide to

Open Source, Like Ice Cream, Can Get Messy

Learn about software licenses, the meaning of open source, and how to choose if open source is the right choice for your software.

· DevOps Zone ·
Free Resource

Easily enforce open source policies in real time and reduce MTTRs from six weeks to six seconds with the Sonatype Nexus Platform. See for yourself - Free Vulnerability Scanner. 

You have worked hard creating your software; now it's done, so what is the next step? Deciding what kind of software license to implement. To figure that out, you need to determine how you want to license your product and whether you want your product to be open source.

A software license is a legal document that describes what the user of a particular software product can and cannot do with that product. Essentially, it is a contract that allows others to use your software. Deciding what kind of license to use is potentially the biggest decision you now have to make. If you choose to offer a proprietary license, you need to review any open source code you put in your product. If you choose to offer an open source license, you need to know what you can and cannot do.

What Is Open Source?

Open source is a word people use a lot, but sometimes it is assigned different meanings. According to the Open Source Initiative: open source is anything licensed by an open source license "that can be freely accessed, used, changed, and shared (in modified or unmodified form) by anyone." Examples of these licenses include Apache, MIT, GNU General Public License (GPL), Berkeley Software Distribution (BSD), and GNU Lesser General Public License (LGPL). Generally, open source comes in two flavors: viral and non-viral. Both have restrictions; however, choosing the right flavor is like choosing ice cream-there is no wrong answer unless you pick a flavor you cannot stomach. In order to determine what you can stomach, you must understand the consequences of each choice.

Viral (Like a Cold) or Non-Viral Open Source

Let's look at the two flavors, viral and non-viral open source. If you choose a viral open source license, your product, and any derivative work, cannot be sold. The GPL is the most restrictive license regarding sales. It is called "copyleft" because it rejects the traditional notion of copyright law.

Once you license your software under GPL, there is no going back. Those who believe software should be open and shared appreciate the freedom that GPL offers end users. To them, the key idea is that it is open for the world to see. However, if you want to sell software, adding a GPL component can cause big problems. GPL inherently makes it so that you have to give away your derivative work for free, without restrictions. Selling under GPL is intrinsically a breach of the license.

Non-viral open source licensing is also called permissive licensing. It allows developers to use the software for free, usually without warranties, as long they provide notice. This license can be used for commercial products or GPL products. Examples of this are MIT, BSD, and Apache.

Free as in Free, or Free as in Freedom

Some people think if you use open source software, then you must make your product free. However, that is not necessarily true. There are many companies that have profited from making either software that contains open source or software platforms for open source. This is good news if you want to sell your product because some licenses will let you. It is bad news if you do not want your product to be sold because some licenses literally permit you to use them in open source products or commercial products. Either way, licenses provide the framework for sharing your software and deciding what should go in your application. So, just like when you were a kid and could only have one scoop of ice cream, choose wisely.

Nothing in this blog should be construed as legal advice. You should consult an attorney prior to making any legal decisions.

Automate open source governance at scale across the entire software supply chain with the Nexus Platform. Learn more.

Topics:
open source ,devops ,software development

Published at DZone with permission of

Opinions expressed by DZone contributors are their own.

{{ parent.title || parent.header.title}}

{{ parent.tldr }}

{{ parent.urlSource.name }}