Selecting an Open Source License for Your Project
Selecting an Open Source License for Your Project
Selecting an open source license is not actually as easy as you might think. This article provides links to some valuable resources for anyone faced with choosing from the sea of open source licenses currently available.
Join the DZone community and get the full member experience.
Join For FreeFlexNet Code Aware, a free scan tool for developers. Scan Java, NuGet, and NPM packages for open source security and open source license compliance issues.
So, you’ve just written some kick-ass code that you want to give out to the community as an open source project. You get a GitHub repo and push your code up for everyone to consume, your website and blog are looking slick, and you have managed to obtain the appropriate Twitter handle, so the last thing to do is choose an open source license. Which, as anyone who has looked into the huge range of open source licenses can attest to, is easier said than done.
For those that are overwhelmed, there are a number of sites that attempt to guide you through the process of selecting the correct license for your project.
TLDRLegal provides a database of licenses, all of which are helpfully tagged with attributes that fall under categories like Commercial Use, Modify, Distribute, Sublicense, Private Use, Hold Liable, Include Copyright and Include License.
While TLDRLegal does list its most popular licenses, you’re still left with dozens to choose from. Choose a License is an initiative from GitHub to attempt to distill the license selection process down to a few popular choices between “I want it simple and permissive,” “I’m concerned about patents,” and “I care about sharing improvements.”
The Free Software Foundation also provides some information on open source licenses, and offers some recommendations for your own work.
For those concerned about patent infringement, Red Hat has a promise not to pursue open source projects for patent infringement if they have been released under one of a number of licenses.
If you want to get some more insight into the issues surrounding open source licenses, there is a great podcast featuring Richard Fontana, who works at Red Hat as a lawyer.
Richard actually has a dim view of these license summarization websites (approx 40 minutes into the podcast):
You can’t really distill a licence down to a set of a few simple bullet points. There is always something that you’re losing when you attempt to do that.
He also touches on the issues of political bias when summarizing or listing licenses (approx 41 mins into the podcast):
I do detect this in the GitHub choosealicense.com website. Github is very much pro MIT license, everyone knows this.
Given the complexities of licenses and the potential for summaries to lose meaning, TLDRLegal provides the notion of verified licenses:
Today we are launching Verified Licenses to apply top legal expertise to our most visible license summaries. This means summary with an icon has been reviewed by a top lawyer/expert.
When it comes to selecting a license, Richard has this advice (approx 1 hour and 14 minutes into the podcast):
What I do believe in very much is using licenses that are mainstream and conventional licenses that are widely used in open source communities.
I highly recommend this podcast to anyone interested in learning some of the intricacies of open source licenses.
Scan Java, NuGet, and NPM packages for open source security and license compliance issues.
Like This Article? Read More From DZone
Published at DZone with permission of Matthew Casperson , DZone MVB. See the original article here.
Opinions expressed by DZone contributors are their own.
{{ parent.title || parent.header.title}}
{{ parent.tldr }}
{{ parent.linkDescription }}
{{ parent.urlSource.name }}