Upload
nexb-inc
View
853
Download
0
Embed Size (px)
DESCRIPTION
Introduction to Free and Open Source Software (FOSS) License by nexB. You can see a list of most popular FOSS license in DejaCode, visit us at https://enterprise.dejacode.com/landing/
Citation preview
Introduction to Free and Open Source Software (FOSS) Licenses
© 2013 nexB Inc.
© 2013 nexB Inc.
Introduction to FOSS Licenses Agenda • Software License Definitions • Software License Issues • About nexB
© 2013 nexB Inc.
Introduction to FOSS Licenses Definitions – FOSS Licenses • FOSS = Free and Open Source Software
– aka FLOSS = Free/Libre Open Source Software • Free means you have the right to study, use,
change and redistribute the software • Open Source means you have access to the
source code – Open Source also refers to a collaborative software
development approach • Examples of common FOSS licenses are: BSD,
GPL, LGPL, MIT and MPL
© 2013 nexB Inc.
Introduction to FOSS Licenses Free Software licenses
source code available
source with limitations
(Proprietary)
Copyleft
FOSS
Attribution
Binary-only (Proprietary)
Free Software
Freeware / Shareware
many Java libraries
Microsoft shared source
Sun SCSL
GNU GPL
GNU LGPL
MPL CDDL
BSD MIT
Apache EPL
Adobe Reader
© 2013 nexB Inc.
Introduction to FOSS Licenses Definitions - Free Proprietary Licenses • Free Proprietary software is very important in
many domains especially Java: – The software is free for your own use AND – You may be able to redistribute the software, BUT – You cannot change it AND there may be other
restrictions • Some examples of free proprietary licenses:
– (Oracle)Sun Binary Code Licenses (esp. for JDK/JRE) – Adobe Reader EULA and similar – Oracle Technology Network Development and
Distribution License Terms
© 2013 nexB Inc.
Introduction to FOSS Licenses FOSS License Obligations Attribution Obligations are typically a combination of: • Keeping license and copyright notices in the source code
in the source file headers or in separate text files. • Acknowledging the use of the software, the license and/or
the copyright in documentation or a product (e.g. Help) Redistribution Obligations are typically a combination of: • Making source code available for the original work, and • For your changes (derivative works) – • Possibly Including some of your proprietary code.
© 2013 nexB Inc.
Introduction to FOSS Licenses FOSS – Permissive / Attribution Licenses
Licenses with Attribution obligations only • Apache 1.1 and 2.0 • BSD – Original, Modified and Simplified • MIT / X11 • Creative Commons Attribution • OpenSSL-SSLeay • W3C • Zlib
and, of course, Beerware
© 2013 nexB Inc.
Introduction to FOSS Licenses FOSS – Copyleft Licenses
Copyleft licenses have Attribution and Redistribution obligations • Copyleft Licenses (“strong”)
– GNU General Public License (GPL) – Affero GPL
• Limited Copyleft Licenses (“weak”) – GNU Lesser (or Library) General Public License (LGPL) – Artistic License – Common Development and Distribution License (CDDL) – Common Public License (CPL) – Eclipse Public License (EPL) – Mozilla Public License (MPL)
© 2013 nexB Inc.
Introduction to FOSS Licenses FOSS License Violation Risks • “Copyleft” licenses require you to redistribute source code
and may force you to release proprietary software as open source or rewrite your software to avoid that obligation
• Some FOSS activists (e.g. Busybox) are raising litigation stakes to “encourage” compliance with GPL
• Even “business-friendly” licenses (Apache, etc.) require you to identify and protect copyright owner rights and may impact your patent portfolio
• Negative reaction from OSS community may impair your brand
© 2013 nexB Inc.
Introduction to FOSS Licenses Proprietary License Violation Risks • Violation of a free proprietary software license may require
you to acquire a commercial license and/or change your code: – Most prominent example is misuse of Sun JDK/JRE in violation of
the field-of-use restrictions (general purpose computer only) – Oracle is aggressively looking for revenue from the Java products it
acquired – Including compensation for violations in the past
• Violation of a commercial software license may expose you to significant financial penalties and/or litigation
© 2013 nexB Inc.
Introduction to FOSS Licenses About nexB • Our mission is to enable a robust software component-
based supply chain • Our current focus is:
– Analysing software provenance (origin and license) and – Providing a complete software inventory/BOM – DejaCode Enterprise, a product suite that helps you better
manage open source, third-party, and original components throughout the software development lifecycle
• Expertise in software IP analysis across all languages and environments
• Software audit services for acquisitions, software products and internal (IT) systems
• Active open source developers - lead committers and contributors to public projects
© 2013 nexB Inc.
Introduction to FOSS Licenses Contact us Contact person:
Pierre Lapointe, Customer Care Manager [email protected] + 1 415 287-7643
More information:
http://www.nexb.com http://www.dejacode.com/