This question already has answers here:
How do you choose an open-source license? [closed]
(10 answers)
Closed 8 years ago.
As a newbie, I am quite confused how open source software is can/be licensed. I know of licenses like GNU public, Apache, and others.
What is the procedure to license a open source software by developer? What considerations should be made? What choices do I have?
As the developer you are free to license your software (provided you aren't developing the software for someone else) in whatever way you wish. You have all the choice in the world and you should choose a license that meets your needs. Beyond that, any advice is rhetoric.
Technically most open source software aren't 'licenced'. You don't buy a licence to use it. You just use it. The "GNU General Public Licence" is not really a software licence that you accept or decline, it's a copyright licence
Books are copyrighted, you can't go photocopying a whole book, and sell it yourself. However you don't 'buy' book licences. Open Source software is like that.
There's no big scary procedure. :) All you have to do is drop a file named LICENSE with your license of choice inside of it into your project's root directory and make it obvious that that file is the license for the entire project, either through comments in the source code or a notice in the README.
Choose any license you want. A quick google search can get you on your way.
One of the most commonly used ones in open source is the GPL.
Related
I am trying to develop the Software audit tool.
Is it possible to get detect softwares tools and packages used in the web application by scanning all the files of that application.
Currently I am to find out all the license related information from scanning all the files but I am not detect which all third party components used in the application
Fortify is not the right tool to determine which OSS (Open Source Software) you have in your code. There are other commercial tools such as Blackducksoftware by Synopsis or SourceClear (I am not recommending any particular one here, those are examples). Some of those tools look for the dependencies, and some are scanning for vulnerabilities in all your OSS.
The only way to hack your way through and turn Fortify to scan for OSS could be to create custom rules to scan the comments in the code, and look for Copyright strings. This might be overkill, but I have seen such Fortify custom rules in the past.
There are also commercial tools to scan OSS directly in the binary files that you compile.
I hope this helps.
Closed. This question does not meet Stack Overflow guidelines. It is not currently accepting answers.
This question does not appear to be about programming within the scope defined in the help center.
Closed 6 years ago.
Improve this question
I need to know whether or not I need to buy a license. I am the only person working on the software and I intend to keep it that way. I plan on producing a single Windows Store App and publishing it on the Windows App Store and sell it under my company's name.
You don't need to buy a licence so long as your corporation (and any affiliated entities) makes less than the equivalent of one million US dollars a year in revenue. As you're writing the software as employee of your corporation it's your corporation that needs to licence Visual Studio, not you as an individual. That means you need an "Organizational licence" which is granted under one of the following conditions from the Microsoft Visual Studio Community 2015 Software Licence Terms:
Organization licenses. If you are an organization, your users may use the software as follows:
Any number of your users may use the software to develop and test your applications released under Open Source Initiative (OSI) approved open source software licenses.
Any number of your users may use the software to develop and test extensions to Visual Studio.
Any number of your users may use the software to develop and test your applications as part of online or in person classroom training and education, or for performing academic research.
If none of the above apply, and you are also not an enterprise (defined below), then up to 5 of your individual users can use the software concurrently to develop and test your applications.
If you are an enterprise, your employees and contractors may not use the software to develop or test your applications, except for open source and education purposes as permitted above. An “enterprise” is any organization and its affiliates who collectively have either (a) more than 250 PCs or users or (b) more than one million US dollars (or the equivalent in other currencies) in annual revenues, and “affiliates” means those entities that control (via majority ownership), are controlled by, or are under common control with an organization.
I assume that the first three bullet points don't apply to you, so only the fourth one will, which only applies if the fifth bullet point doesn't.
The license for Visual Studio Community 2015 is located here:
https://www.visualstudio.com/license-terms/mt171547/
It indicates if you are an individual, you will be able to sell applications you create with the Community edition.
You will have to comply with the app submission rules of the Windows Store, which is not the same as the licensing of Visual Studio
Closed. This question does not meet Stack Overflow guidelines. It is not currently accepting answers.
This question does not appear to be about programming within the scope defined in the help center.
Closed 7 years ago.
Improve this question
With the current developments regarding Oracle announcing its intention to charge for a pro (or whatever you call it) version of JVM, and IBM announcing its intention to support OpenJDK, things are getting quite complicated for a large set of Java developers.
We have a large piece of work in Java, and we did not have any issues in choosing our licensing terms up until now. It appears that we'll have to switch to OpenJDK where IBM will be putting their support. But OpenJDK is GPL V2, and as far as I know, any code linking to GPL V2 must be GPL V2.
We also have some JNI code, which is going to get even larger. Given these facts, does it mean that if we use OpenJDK to run our software, we'll have to switch to GPL for our licensing?
Needless to say, this would blow away our whole licensing & business model setup.
The license for OpenJDK is not "GPL v2", it's "GPL v2 with the Classpath Exception". Quote:
As a special exception, the copyright holders of this library give you
permission to link this library with independent modules to produce an
executable, regardless of the license terms of these independent modules,
and to copy and distribute the resulting executable under terms of your
choice, provided that you also meet, for each linked independent module,
the terms and conditions of the license of that module. An independent
module is a module which is not derived from or based on this library.
Do I need to open my source code if I use OpenJDK as JVM?
Absolutely not.
There are many commercial, closed-source Java applications out there that use OpenJDK-based JVMs. The "Classpath exception" that #Chris Lercher mentions specifically makes this legal.
Incidentally, the "Classpath exception" was invented by FSF's lawyers specifically to allow the GNU Classpath libraries (a cleanroom reimplementation of the Java SE libraries) to be used to run proprietary / closed source applications. Hence, the name ...
The only cases where you would need to worry are things like:
Closed source JVMs that make use of the OpenJDK code base in their implementation.
Closed source applications that contain modified copies of OpenJDK classes without including source code for the modifications.
Closed source applications that link to certain OpenJDK GPLv2 classes that are not marked as with the Classpath exception.
In OpenJDK 11, the last category seems to consist of a large number of "test" classes that are not included in an OpenJDK distro anyway, and internal classes that you shouldn't (and probably can't) link to in an application. These classes are easy to identify. Search for Java source files in the OpenJDK source tree that contain the word "GNU" and not the word "Classpath"
It is worth noting that a significant proportion of the OpenJDK Java code base is 3rd-party code with permissive open source licenses. Linking to those classes is permitted.
Bundling OpenJDK with closed-source is not a problem. The GPL permits you to distribute binaries for GPL software together with binaries for closed source software.
Please read the lines at the beginning of the classpath exception. The classpath exception doesn't seem to apply to the entire library.
Certain source files distributed by Sun Microsystems, Inc. are subject to the following clarification and special exception to the GPL, but only where Sun has expressly included in the particular source file's header the words "Sun designates this particular file as subject to the "Classpath" exception as provided by Sun in the LICENSE file that accompanied this code."
Closed. This question is off-topic. It is not currently accepting answers.
Closed 9 years ago.
Locked. This question and its answers are locked because the question is off-topic but has historical significance. It is not currently accepting new answers or interactions.
The MIT license is GPL-compatible. Is the GPL license MIT-compatible? i.e. I can include MIT-licensed code in a GPL-licensed product, but can I include GPL-licensed code in a MIT-licensed product?
It seems to me that the chief difference between the MIT license and GPL is that the MIT doesn't require modifications be open sourced whereas the GPL does. Is that correct? Is the GPL is more restrictive than the MIT license?
It seems to me that the chief difference between the MIT license and GPL is that the MIT doesn't require modifications be open sourced whereas the GPL does.
True - in general. You don't have to open-source your changes if you're using GPL. You could modify it and use it for your own purpose as long as you're not distributing it. BUT... if you DO distribute it, then your entire project that is using the GPL code also becomes GPL automatically. Which means, it must be open-sourced, and the recipient gets all the same rights as you - meaning, they can turn around and distribute it, modify it, sell it, etc. And that would include your proprietary code which would then no longer be proprietary - it becomes open source.
The difference with MIT is that even if you actually distribute your proprietary code that is using the MIT licensed code, you do not have to make the code open source. You can distribute it as a closed app where the code is encrypted or is a binary. Including the MIT-licensed code can be encrypted, as long as it carries the MIT license notice.
is the GPL is more restrictive than the MIT license?
Yes, very much so.
Can I include GPL licensed code in a MIT licensed product?
You can. GPL is free software as well as MIT is, both licenses do not restrict you to bring together the code where as "include" is always two-way.
In copyright for a combined work (that is two or more works form together a work), it does not make much of a difference if the one work is "larger" than the other or not.
So if you include GPL licensed code in a MIT licensed product you will at the same time include a MIT licensed product in GPL licensed code as well.
As a second opinion, the OSI listed the following criteria (in more detail) for both licenses (MIT and GPL):
Free Redistribution
Source Code
Derived Works
Integrity of The Author's Source Code
No Discrimination Against Persons or Groups
No Discrimination Against Fields of Endeavor
Distribution of License
License Must Not Be Specific to a Product
License Must Not Restrict Other Software
License Must Be Technology-Neutral
Both allow the creation of combined works, which is what you've been asking for.
If combining the two works is considered being a derivate, then this is not restricted as well by both licenses.
And both licenses do not restrict to distribute the software.
It seems to me that the chief difference between the MIT license and GPL is that the MIT doesn't require modifications be open sourced whereas the GPL does.
The GPL doesn't require you to release your modifications only because you made them. That's not precise.
You might mix this with distribiution of software under GPL which is not what you've asked about directly.
Is that correct - is the GPL is more restrictive than the MIT license?
This is how I understand it:
As far as distribution counts, you need to put the whole package under GPL. MIT code inside of the package will still be available under MIT whereas the GPL applies to the package as a whole if not limited by higher rights.
"Restrictive" or "more restrictive" / "less restrictive" depends a lot on the point of view. For a software-user the MIT might result in software that is more restricted than the one available under GPL even some call the GPL more restrictive nowadays. That user in specific will call the MIT more restrictive. It's just subjective to say so and different people will give you different answers to that.
As it's just subjective to talk about restrictions of different licenses, you should think about what you would like to achieve instead:
If you want to restrict the use of your modifications, then MIT is able to be more restrictive than the GPL for distribution and that might be what you're looking for.
In case you want to ensure that the freedom of your software does not get restricted that much by the users you distribute it to, then you might want to release under GPL instead of MIT.
As long as you're the author it's you who can decide.
So the most restrictive person ever is the author, regardless of which license anybody is opting for ;)
You are correct that the GPL is more restrictive than the MIT license.
You cannot include GPL code in a MIT licensed product. If you distribute a combined work that combines GPL and MIT code (except in some particular situations, e.g. 'mere aggregation'), that distribution must be compliant with the GPL.
You can include MIT licensed code in a GPL product. The whole combined work must be distributed in a way compliant with the GPL. If you have made changes to the MIT parts of the code, you would be required to publish the source for those changes if you distribute an application that contains GPL and MIT code.
If you are the copyright owner of the GPL code, you can of course choose to release that code under the MIT license instead - in that case it's your code and you can publish it under as many licenses as you want.
IANAL but as I see it....
While you can combine GPL and MIT code, the GPL is tainting. Which means the package as a whole gets the limitations of the GPL. As that is more restrictive you can no longer use it in commercial (or rather closed source) software. Which also means if you have a MIT/BSD/ASL project you will not want to add dependencies to GPL code.
Adding a GPL dependency does not change the license of your code but it will limit what people can do with the artifact of your project. This is also why the ASF does not allow dependencies to GPL code for their projects.
http://www.apache.org/licenses/GPL-compatibility.html
Closed. This question does not meet Stack Overflow guidelines. It is not currently accepting answers.
We don’t allow questions seeking recommendations for books, tools, software libraries, and more. You can edit the question so it can be answered with facts and citations.
Closed 7 years ago.
Improve this question
I am really interested in Complex Event Processing and have been looking at Esper. However my company has an anti-GPL stance and I was wondering if there are non-GPL alternatives out there under a more business friendly license like Apache or BSD?
Quite late, but here you can find an overview, too. CEP vendor overview
FWIW, Esper has a non-GPL license if that's what you're after. Go to their website at www.espertech.com - otherwise the community license is just GPL.
SiddhiCEP is an Apache License v2 software. You can use that as a library or even as a CEP Server. If you are going for production you can also get production support for SiddhiCEP from the open source product company called WSO2
Drools Fusion has an ASL-style license (http://legacy.drools.codehaus.org/Licensing). Pion is another open-source system with an AGPL license. If you prefer a normal commercial license there's Aleri, Streambase and ruleCore. Aleri and streambase are "normal" software and ruleCore is a CEP cloud.
There is book coming up on CEP; chapter 1 available here for free (no login required) lists a number of systems, but no license information: http://www.manning.com/etzion/Etzion_MEAPch01_free.pdf
You might want to take a look at OpenESB's Intelligent Event Processor. I have not looked at it in any detail, but I did find it difficult to determine exactly what the underlying API was. Rather, it talks a lot about a NetBeans IDE that allows you define an event processing work-flow, which is ok, but what I would like to understand better is what the real API is underlying the IDE. In contrast, Esper is all about the API and much lighter on the assistive tools.
I am also not sure what the license is, but I assume that as part of the Sun GlassFish initiative, it would be CDDL (correct acronym ?)
You can look at ERMA (Extremely Reusable Monitoring API). It was developed by Orbitz for internal use, and they have open sourced it a while ago. It uses the Apache License.
FYI Esper Enterprise Edition does not use the GPL. I.e. no copy left problem...
Can I freely use Esper in my application?
Esper is licensed under the
open source GPL GNU Public License v2.0 license. You may check this
license depending on your application and how you redistribute it.
Restrictions may apply. You should consider Esper Enterprise Edition
for any production use. Esper Enterprise Edition is not made available
under a viral copyleft license and combines Esper, EsperJMX, EsperJDBC
and Esper Studio in one single certified and supported package for
maximal productivity, interoperability and manageability.
The rulecore cep server has a non-gpl (closed) source code license. If you purchase a license from ruleCore, you are allowed to modify the source and distribute your own version without showing your modifies source code to anyone. Might be a good idea for a commercial project with all kinds of IP issues.
You can also check with Siddhi
https://github.com/wso2/siddhi