Programmer's hands typing on keyboard
Flat light lavender color
Dots gradient
By Paul Chason
  • 80% of all software contains open-source code
  • How your organization uses open-source software could impact operations or product sales
  • Open-source licensing influences any new lines of business that involve software
  • Understanding ideal licensing for a use case mitigates potential legal issues around software distribution and use

If you’re responsible for or have a stake in technology in your organization, chances are you’ve come across open-source software. Open source has been on an exponential growth trajectory since the early 2000’s. It’s part of most of the software the world uses. This reference guide covers the most popular license types, and what they allow, that exist in the open-source software supply chain.

To frame licensing at a high level, there are two main types of open-source licenses: permissive licenses and copyleft licenses.

  • Permissive licenses: Permissive licenses give you the most freedom to use and distribute open-source software. You can typically modify the software, distribute it to others, and even sell it without any restrictions. Examples of permissive licenses include the MIT License and the Apache License 2.0.

  • Copyleft licenses: Copyleft licenses require that any derivative works of the software be distributed under the same license. This means that you cannot simply take an open-source software application and add a few features to it, then sell it as your own proprietary product. Examples of copyleft licenses include the GNU General Public License (GPL) and the Lesser General Public License (LGPL).

  • Hybrid licenses: These are licenses that combine concepts from Permissive and Copyleft licenses. It’s important to note that the underlying components of any software application can, and often do, contain different types of licenses.

Next, included is a breakdown of the different types of popular licenses and the pertinent aspects of each license.

Apache License 2.0

View License
Type: Permissive

Allowed:

  • Modify
  • Distribute
  • Sublicense
  • Commercial use
  • Private use
  • Patent claim
  • Assign warranty

Not Allowed:

  • Liability claim
  • Trademark use

Must Do:

  • State major changes
  • Keep entire license in modified software
  • Keep original copyright
  • Keep NOTICE file

Berkeley Software Distribution (BSD 3-clause)

View License
Type: Permissive

Allowed:

  • Modify
  • Distribute
  • Sublicense
  • Commercial use
  • Assign warranty

Not Allowed:

  • Liability claim
  • Trademark use

Must Do:

  • Keep entire license in modified software
  • Keep original copyright

Internet Systems Consortium (ISC)

View License
Type: Permissive

Allowed:

  • Modify
  • Distribute
  • Commercial use

Not Allowed:

  • Liability claim

Must Do:

  • Keep entire license in modified software
  • Keep original copyright

MIT License

View License
Type: Permissive

Allowed:

  • Modify
  • Distribute
  • Sublicense
  • Commercial use
  • Private use

Not Allowed:

  • Liability claim

Must Do:

  • Keep entire license in modified software
  • Keep original copyright

Common Development and Distribution License (CDDL 1.0)

View License
Type: Weak Copyleft

Allowed:

  • Modify
  • Distribute
  • Sublicense
  • Commercial use
  • Private use
  • Patent claim
  • Assign warranty

Not Allowed:

  • Liability claim
  • Trademark use

Must Do:

  • Release source code
  • Keep entire license in modified software
  • Keep original copyright

Eclipse Public License (EPL 2.0)

View License
Type: Weak Copyleft

Allowed:

  • Modify
  • Distribute
  • Sublicense
  • Issue secondary license
  • Commercial use
  • Private use
  • Patent claim
  • Assign warranty

Not Allowed:

  • Liability claim
  • Trademark use

Must Do:

  • Release source code
  • Keep entire license in modified software
  • Keep original copyright
  • Indemnify claims against contributors

Lesser General Public License (LGPL 3.0)

View License
Type: Weak Copyleft

Allowed:

  • Modify
  • Distribute
  • Commercial use
  • Patent claim
  • Assign warranty

Not Allowed:

  • Sublicense
  • Liability claim

Must Do:

  • Release source code
  • State modifications
  • Keep original copyright
  • Provide install instructions
  • Keep entire license in modified software

GNU General Public License (GPL-3)

View License
Type: Copyleft

Allowed:

  • Modify
  • Distribute
  • Commercial use
  • Patent claim
  • Assign warranty

Not Allowed:

  • Sublicense
  • Liability claim

Must Do:

  • Release source code
  • State modifications
  • Keep original copyright
  • Provide install instructions
  • Keep entire license in modified software

Need to understand more how these open-source licenses impact your company's products and services? Contact us to review your open-source supply chain