...
Overall information and licence lists
- GÉANT Open Source Licensing and Compliance workshop recording and slides, 5-6 April 2023
- GÉANT Introduction to Open Source Licensing and Compliance workshop recording and slides, 17 February 20222022
- Licence Analysis with WhiteSource webinar, 2 March 2022 (workshop recording)
What is Free Software? https://www.gnu.org/philosophy/free-sw.en.html
- Guide to open source licenses, overall description, https://www.synopsys.com/blogs/software-security/open-source-licenses/
- Top lists
- Top open source licenses and legal risk for developers, top 20 categorised by risk, https://www.synopsys.com/blogs/software-security/top-open-source-licenses/
Mend – Open Source Licenses in 2022: Trends and Predictions, https://www.mend.io/resources/blog/open-source-licenses-trends-and-predictions/
- Standardised SPDX licence codes and licence texts, https://spdx.org/licenses/
- University of Pittsburgh Library System – Copyright and Intellectual Property Toolkit, https://pitt.libguides.com/copyright
- Mend – Open Source Licenses Explained, https://www.mend.io/resources/blog/open-source-licenses-explained/
- Free Software Foundation's free software licences and Non-free Software Licenses, classified individual licences and their compatibility with GPL, https://www.gnu.org/licenses/license-list.html
- Open Source Initiative (OSI) approved licenses
- By category, https://opensource.org/licenses/category
- Alphabetical https://opensource.org/licenses/alphabetical
...
- Permissive – do anything
- MIT – short and simple
- ISC (OpenBSD) – further shortened equivalent
- BSD – some versions require to include including the disclaimer
- Apache 2.0 – requires notice of changes, grants licence to patents unless litigating and mentions preservation of trademark rights
- Weak copyleft – file (library) scope
- MPL 2.0 – simple, allows static linking and licence variants with additional terms
- LGPL 2.1 – cleaned text of LGPL 2.0, allows dynamic linking without enforcing copyleft
- LGPL 3.0 – grants use of patents; the end-user must be able to install a modified version – it prohibits closed devices, DRM or hardware encryption or patents retaliation; compatible with Apache2.0
- Strong copyleft – project scope
- GPL 2.0 – often used
- GPL 3.0 – grants the use of patents, the end-user must be able to install modified software, compatible with Apache 2.0
- AGPL 3.0 (Affero) – network protective: external use of modified(!) code requires its availability – network use is a distribution of the software, modified source code must be available
- Proprietary – typically restrict user rights and protect commercial interests of copyright owners
...
Arrows are transitive and go from licences of the components toward the licenceof licence of your project
(From https://www.gnu.org/licenses/quick-guide-gplv3.html)
...
- Dual and multi-licences help in avoiding licence compatibility issues, which makes the use of components more flexible
- You can choose a licence compatible with the one used for your software. But you cannot dual-license your software to match some components with one and others with another licence. Licences of all used components must be compatible with all of your licences!
- “Or later”(often as “+”) licences variants just imply the applicability of later, possibly still non-existing, versions of these licences. This is sometimes implied unless you explicitly decline it.
- Some licences include automatic relicensing (MPL 2.0, EUPL 1.2, CeCILL) – EUPL comes with the full and exhaustive list…
...
In-licences (licences of components) are in rows , and out-licences are in columns:
(From https://github.com/HansHammel/license-compatibility-checker)
...
In-licences are in columns , and out-licences are in rows:
...