SlideShare une entreprise Scribd logo

Understanding open source licenses

Rogue Wave Software
Rogue Wave Software

There are hundreds of open source licenses. Most developers don't take the time to read or understand them, but can you continue to ignore them? We have seen a rise in litigation around open source license over the last 10 years. And, in the last 12 months we have seen the first examples of OSS copyright trolls that are taking developers to court in an attempt to monetize GPL violations. This presentation covers: How OSS licenses are enforced; What are the main types of OSS licenses; How to identify them; and what steps you need to take to ensure you are complying. We cover use case scenarios and do a "deep dive" on the most used licenses today and how to understand them

Logiciels
1  sur  34
Télécharger pour lire hors ligne
© 2016 Rogue Wave Software, Inc. All Rights Reserved. 1 Understanding Open Source Licenses Dave McLoughlin, Rogue Wave
© 2016 Rogue Wave Software, Inc. All Rights Reserved. 2 Understanding Open Source Licenses • There are hundreds of open source licenses. Most developers don't take the time to read or understand them, but can you continue to ignore them? We have seen a rise in litigation around open source license over the last 10 years. And, in the last 12 months we have seen the first examples of OSS copyright trolls that are taking developers to court in an attempt to monetize GPL violations. • This session will covers: • How OSS licenses are enforced • What are the main types of OSS licenses • How to identify them • What steps you need to take to ensure you are complying • We cover use case scenarios and do a "deep dive" on the most used licenses today and how to understand them.
© 2016 Rogue Wave Software, Inc. All Rights Reserved. 3 Legal disclaimer • Rogue Wave Software, Inc. is not engaged in the rendering of legal advice. This material provides legal information, which should not be confused with legal advice. • I am not an attorney
© 2016 Rogue Wave Software, Inc. All Rights Reserved. 4
© 2016 Rogue Wave Software, Inc. All Rights Reserved. 5 Understanding OSS licenses
© 2016 Rogue Wave Software, Inc. All Rights Reserved. 6 OSS license challenges • It can be hard to determine correct license – OSS packages bundle other OSS packages – License information may not be correct – author says BSD on website and provides code with copy of MIT – Multiple licenses - disjunctive or conjunctive – Default license added to content (stack overflow, Code Project) • Many (most) OSS licenses were not written by attorneys – Don’t necessarily track on statutory or typical contract language, may be vague, may use alternative definitions, etc. • Incompatibility or license conflicts – Impossible to comply with requirements of both licenses – Compatibility issues with proprietary licenses (EULA)
© 2016 Rogue Wave Software, Inc. All Rights Reserved. 7 OSS license types • Permissive – Broad grant of rights with no requirements on relicensing under particular terms – License requirements are minimal (retain notice; include copy of license) • Copyleft – License must be applied to original work and any derivative work thereof – Source code must be made available in most cases – “Weak” copyleft: refers to licenses where not all derived works inherit the copyleft license copyleft
© 2016 Rogue Wave Software, Inc. All Rights Reserved. 8 Common descriptive license terms • Copyleft – Restrictive or Protective – Hereditary or Viral – Share-alike • Permissive – Attribution licenses – Non-copyleft • Non-commercial free – Evaluation, educational or research software, e.g. HighchartsJS, • Freeware – No source code or restricted redistribution, e.g. Java
© 2016 Rogue Wave Software, Inc. All Rights Reserved. 9 Why are licenses important? • Copyright is a legal right created by the law of a country that grants the creator of an original work exclusive rights for its use and distribution. (https://en.wikipedia.org/wiki/Copyright) • Copyright is an unregistered right – it comes into existence at the same time that the work is 'fixed' • It protects the 'fixed' form of an idea, not the idea itself (patent) • The OSS license contains the terms of use that tells you how you can use the OSS and gives you permission to use copyrighted material • Without a license you may need to get permission to use code you download from the Internet • If you don’t comply with the license the author has the right under copyright law to revoke your permission to use
© 2016 Rogue Wave Software, Inc. All Rights Reserved. 10 License compatibility • License compatibility is an issue that arises when licenses are applied to copyrighted works, particularly licenses of software packages (including software source code and binary representation[1]). • Licenses can contain contradictory requirements, rendering it impossible to combine source code or content from such works in order to create new ones (https://en.wikipedia.org/wiki/License_compatibility) • Issues stem primarily from Copyleft licenses. See fsf.org “GPL-Incompatible Free Software Licenses” (https://www.gnu.org/licenses/license-list.html#GPLIncompatibleLicenses) • Example: CDDL 1.0 and GPL (any version) - This is a free software license. It has a weak per-file copyleft (like version 1 of the Mozilla Public License) which makes it incompatible with the GNU GPL. This means a module covered by the GPL and a module covered by the CDDL cannot legally be linked together. We urge you not to use the CDDL for this reason.
© 2016 Rogue Wave Software, Inc. All Rights Reserved. 11 Multiple licenses • Disjunctive – Choice of license – Usually for compatibility issues – E.g. Many Java libraries are dual CDDL 1.0 or GPL w/ CPE • Conjunctive – Combination of OSS in same project or file – Fairly common in Javascript/jQuery
© 2016 Rogue Wave Software, Inc. All Rights Reserved. 12 Comparison of OSS and proprietary license • COMMERCIAL LICENSE – We do this . . . – You do this . . . – Requirements/Restrictions • OSS LICENSE – If you do this… . . . – Then you must do this…* . . . – Requirements/Restrictions * If you don’t do this, then you don’t have the right to use
© 2016 Rogue Wave Software, Inc. All Rights Reserved. 13 Understanding OSS licenses • Many OSS License terms are IF – THEN statement – IF I am... distributing, conveying, modifying. • How am I using the OSS? – THEN I must... Provide a copy of the license, retain notices, provide the source code… • WHAT is the requirement? • HOW does that requirement need to be met? • OSS licenses have requirements and restrictions just like other IP licenses – Can do, must do, can’t do
© 2016 Rogue Wave Software, Inc. All Rights Reserved. 14 Example of “If then” in OSS license • BSD License excerpt: Redistribution and use in source and binary forms, with or without modification, are permitted provided that the following conditions are met: 1. Redistributions of source code must retain the above copyright notice, this list of conditions and the following disclaimer. • Paraphrase: – IF (you distribute in source or binary form) THEN (you must retain copyrights and distribute this license)
© 2016 Rogue Wave Software, Inc. All Rights Reserved. 15 Enforcement and litigation
© 2016 Rogue Wave Software, Inc. All Rights Reserved. 16 Enforcement • Free Software Foundation (FSF) is the de facto enforcer of the GPL license – FSF conducts a compliance laboratory that investigates violations – FSF is available for hire to assist companies to comply – Partners with the Software Freedom Law Center (SFLC) • The Software Freedom Conservancy – Software Freedom Conservancy is a not-for-profit charity that helps promote, improve, develop, and defend Free, Libre, and Open Source Software (FLOSS) projects – Currently has 46 members projects (as of October 2017) • Free Software Foundation Europe (FSFE) is a charitable registered association under German law. – It is as an official European sister organization of the U.S.-based Free Software Foundation (FSF).
© 2016 Rogue Wave Software, Inc. All Rights Reserved. 17 Sample OSS litigation • USA – Linksys/Cisco (2003) – Wallace v. FSF (2005) & Wallace v. IBM et al (2006) – FSF v. Monsoon (2007) – FSF vs Cisco (2009) – Busybox vs Best Buy + 13 other companies (2009-2012) – XimpleWare v. Versata & Ameriprise Financial (2013) – Oracle v. Google (2015) • GERMANY – Welte vs Sitecom (2004) – Welte vs Fortinet UK Ltd. (2005) – Welte vs D-Link (2006) – Welte vs Skype (2008) – Welte in AVM vs Cybits case (2011) – Welte vs Fantec (2013) • FRANCE – AFPA v. Edu4 (2001) – Free/Iliad (2007)
© 2016 Rogue Wave Software, Inc. All Rights Reserved. 18 Non-court actions • Developer reached out to large mobile phone manufacturer about OSS use in phone – Reaction was swift – Company now audits all software developed or acquired • FSF and FSFE (gpl-violations.org) – notices of compliance issue – FSF website has link to report license violations – Routinely send notices of violation and warning
© 2016 Rogue Wave Software, Inc. All Rights Reserved. 19 OSS license obligations
© 2016 Rogue Wave Software, Inc. All Rights Reserved. 20 OSS licenses – typical conditions & restrictions • Retain copyright (and other) notices • Provide a copy of the license • Provide notice of modifications • Provide access to source code (whether you modified it or not) • Maintain modified versions (or derivative works) under the same license (copyleft) • Do not restrict others of the rights granted • Do not use the name of the project or copyright holder or trademark to suggest endorsement or to promote • Disclaim any warranty and liability
© 2016 Rogue Wave Software, Inc. All Rights Reserved. 21 GNU Licenses • GPL v2 - Released in 1991 (1st version released in 1989) • GPL v3 – Released in 2007 – Installation instructions – when providing source code, need to also provide information to modify and reinstall – Same as GPLv2, but sharpened in v3 to provide installation info for locked down devices (DRM) • LGPL (v2.0, 2.1, 3.0) – Developed as “lesser” or scalled-back version of GPL permits use of the library in proprietary programs • GNU Affero GPL v3 – Same as GPL v3 with exception of one clause (section 13) which requires providing source code for modified versions of the work that are accessed over a network
© 2016 Rogue Wave Software, Inc. All Rights Reserved. 22 Other common OSS licenses • MIT License – If not already, quickly becoming most popular OSS license • BSD (Berkeley Source Distribution) – 2 clause, 3 clause, and 4 clause versions • Apache 2.0 – Very popular for widely used open source projects (Google/ASF) – Includes patent license to patent claims licensable by contributors that would be “necessarily infringed” by contribution or combination of contribution • Mozilla Public License v2.0 and Eclipse Public License 1.1 – Weak copyleft • Common Development and Distribution License (CDDL) 1.1 – Used extensively in Java
© 2016 Rogue Wave Software, Inc. All Rights Reserved. 23 GPL license exceptions • The GPL license is about freedom in software development. Cases have arisen where you may be forced to create a derivative work to use a GPL-licensed OSS. • Learn and be aware of exceptions – A GPL linking exception – Autoconf Configure Script Exception – GCC Runtime Library Exception – Others: Classpath, Bison, MySQL FLOSS exception
© 2016 Rogue Wave Software, Inc. All Rights Reserved. 24 License deep dive
© 2016 Rogue Wave Software, Inc. All Rights Reserved. 25 Strong copyleft licenses • The GNU General Public License (all versions) and the GNU Lesser General Public License 3.0 are considered “strong” coypleft licenses • License obligations trigger on distribution • You must be able to provide corresponding, “buildable” source code – In GPLv3 you must also provide build/install instructions • You can include in a commercial work, you can charge people a fee for the software and support • You can modify the original code (modification constitutes a derivative work, so you must provide source of modification) • You must document modification copyleft
© 2016 Rogue Wave Software, Inc. All Rights Reserved. 26 Strong copyleft licenses (continued) • If you create a derivative work, you must be prepared to release the source code of your proprietary work – If you do not know what a constitutes a derivative work it is essential to consult with a law firm that specializes in OSS and intellectual property • SaaS users beware: the AGPLv3 has the extra clause that requires distribution of source if modified • Termination is immediate and permanent, must get reinstated by licensor
© 2016 Rogue Wave Software, Inc. All Rights Reserved. 27 Weak copyleft licenses • Most common weak copyleft licenses: – Mozilla Public License, Eclipse Public License, Common Public License, Common Development and Distribution License (CDDL), Creative Commons Attribution ShareAlike • Require you provide source code to original work and modification, but not necessarily to derivative works • Many allow you to simply point customers to where they can get source code (however, if source becomes unavailable you are still responsible) • Overall less enforcement then see with GNU licenses • Can be used for commercial use • Can be modified
© 2016 Rogue Wave Software, Inc. All Rights Reserved. 28 Permissive licenses • Most common permissive licenses: – MIT, BSD, Apache, zlib • Require you include copy of license • Do not remove copyright notices • Do not use trademarks or copyright holder names to endorse or promote • Accept disclaimer of warranty • Additional obligations not in all permissive licenses: – Document modification – Indemnify contributors, authors – Do not claim you wrote the software • Enforcement is more on a case-by-case basis of flagrant violation
© 2016 Rogue Wave Software, Inc. All Rights Reserved. 29 Compliance - steps you can take • Determine the licenses – Track as you download – Fossology, nexB scan toolkit (OSS tools for finding licenses) • Review the terms – Need help? Consult an attornery – Use web resources: tldrlegal.com • Determine active steps – Provide attribution – Provide Source – Document modification • Review and update on a regular basis – yearly, quarterly?
© 2016 Rogue Wave Software, Inc. All Rights Reserved. 30 Fossology
© 2016 Rogue Wave Software, Inc. All Rights Reserved. 31 nexB scan-toolkit
© 2016 Rogue Wave Software, Inc. All Rights Reserved. 32 Tldrlegal.com
© 2016 Rogue Wave Software, Inc. All Rights Reserved. 33 Summary • Be smart about risks associated with OSS – Know your risks and manage them • Learn the basics of OSS license, copyrights and patents – When selecting OSS take the time to understand your rights to use (not use) in your development • Enforcement – GNU license have most proactive enforcement today (FSF), but any copyright holder can enforce their licenses • Audit your applications – You can’t manage OSS if you don’t know what you have • Understand how usage affects compliance – Distribution, hosted apps, how you use the OSS
© 2016 Rogue Wave Software, Inc. All Rights Reserved. 34

Recommandé

Top Open Source Licenses Explained
Top Open Source Licenses ExplainedTop Open Source Licenses Explained
Top Open Source Licenses ExplainedWhiteSource
 
Introduction To Open Source Licenses
Introduction To Open Source LicensesIntroduction To Open Source Licenses
Introduction To Open Source LicensesHarley Pascua
 
Intro to open source - 101 presentation
Intro to open source - 101 presentationIntro to open source - 101 presentation
Intro to open source - 101 presentationJavier Perez
 
Open Source Business Models
Open Source Business ModelsOpen Source Business Models
Open Source Business ModelsMaikel Mardjan
 
Open source business models
Open source business modelsOpen source business models
Open source business modelsDave Neary
 
Linux
LinuxLinux
Linuxshamxsa
 
An Open Source Workshop
An Open Source WorkshopAn Open Source Workshop
An Open Source Workshophalehmahbod
 
GCS - Aula 07 - Sistemas de Controle de Versões
GCS - Aula 07 - Sistemas de Controle de VersõesGCS - Aula 07 - Sistemas de Controle de Versões
GCS - Aula 07 - Sistemas de Controle de VersõesMisael Santos
 

Recommandé

Top Open Source Licenses Explained
Top Open Source Licenses ExplainedTop Open Source Licenses Explained
Top Open Source Licenses ExplainedWhiteSource
 
Introduction To Open Source Licenses
Introduction To Open Source LicensesIntroduction To Open Source Licenses
Introduction To Open Source LicensesHarley Pascua
 
Intro to open source - 101 presentation
Intro to open source - 101 presentationIntro to open source - 101 presentation
Intro to open source - 101 presentationJavier Perez
 
Open Source Business Models
Open Source Business ModelsOpen Source Business Models
Open Source Business ModelsMaikel Mardjan
 
Open source business models
Open source business modelsOpen source business models
Open source business modelsDave Neary
 
Linux
LinuxLinux
Linuxshamxsa
 
An Open Source Workshop
An Open Source WorkshopAn Open Source Workshop
An Open Source Workshophalehmahbod
 
GCS - Aula 07 - Sistemas de Controle de Versões
GCS - Aula 07 - Sistemas de Controle de VersõesGCS - Aula 07 - Sistemas de Controle de Versões
GCS - Aula 07 - Sistemas de Controle de VersõesMisael Santos
 
Open Source Software
Open Source SoftwareOpen Source Software
Open Source SoftwareJames McCarthy
 
An Introduction to Free and Open Source Software Licensing and Business Models
An Introduction to Free and Open Source Software Licensing and Business ModelsAn Introduction to Free and Open Source Software Licensing and Business Models
An Introduction to Free and Open Source Software Licensing and Business ModelsGreat Wide Open
 
Introduction to GNU/Linux, Free Software, Open Source Software, FSF, FSM, OSI
Introduction to GNU/Linux, Free Software, Open Source Software, FSF, FSM, OSIIntroduction to GNU/Linux, Free Software, Open Source Software, FSF, FSM, OSI
Introduction to GNU/Linux, Free Software, Open Source Software, FSF, FSM, OSIVarun Mahajan
 
Open source software and os
Open source software and osOpen source software and os
Open source software and osMd. Tasdikul Islam Khan
 
Open Source: What is It?
Open Source: What is It?Open Source: What is It?
Open Source: What is It?DuraSpace
 
Android Treble: Blessing or Trouble?
Android Treble: Blessing or Trouble?Android Treble: Blessing or Trouble?
Android Treble: Blessing or Trouble?Opersys inc.
 
DevOps introduction
DevOps introductionDevOps introduction
DevOps introductionMettje Heegstra
 
FOSS
FOSS FOSS
FOSS Dr. Malliga P
 
Devops online training ppt
Devops online training pptDevops online training ppt
Devops online training pptKhalidQureshi31
 
Android's HIDL: Treble in the HAL
Android's HIDL: Treble in the HALAndroid's HIDL: Treble in the HAL
Android's HIDL: Treble in the HALOpersys inc.
 
What is DevOps | DevOps Introduction | DevOps Training | DevOps Tutorial | Ed...
What is DevOps | DevOps Introduction | DevOps Training | DevOps Tutorial | Ed...What is DevOps | DevOps Introduction | DevOps Training | DevOps Tutorial | Ed...
What is DevOps | DevOps Introduction | DevOps Training | DevOps Tutorial | Ed...Edureka!
 
Open source software licenses
Open source software licensesOpen source software licenses
Open source software licensesDrexelELC
 
The open source philosophy
The open source philosophyThe open source philosophy
The open source philosophyGautam Krishnan
 
Open source operating systems
Open source operating systemsOpen source operating systems
Open source operating systemsTushar B Kute
 
Embedded Android Workshop
Embedded Android WorkshopEmbedded Android Workshop
Embedded Android WorkshopOpersys inc.
 
Opensource Powerpoint Review.Ppt
Opensource Powerpoint Review.PptOpensource Powerpoint Review.Ppt
Opensource Powerpoint Review.PptViet NguyenHoang
 
DevOps 101
DevOps 101DevOps 101
DevOps 101satya sudheer
 
Introduction to DevOps
Introduction to DevOpsIntroduction to DevOps
Introduction to DevOpsHawkman Academy
 
Devops
DevopsDevops
DevopsSun Technlogies
 
How to Customize Android Framework&System
How to Customize Android Framework&SystemHow to Customize Android Framework&System
How to Customize Android Framework&SystemIndustrial Technology Research Institute (ITRI)(工業技術研究院, 工研院)
 
Identifying and managing the risks of open source software for PHP developers
Identifying and managing the risks of open source software for PHP developersIdentifying and managing the risks of open source software for PHP developers
Identifying and managing the risks of open source software for PHP developersRogue Wave Software
 
Conversation on Open Source - CU Boulder - Feb 2017
Conversation on Open Source - CU Boulder - Feb 2017Conversation on Open Source - CU Boulder - Feb 2017
Conversation on Open Source - CU Boulder - Feb 2017Jason Carolan
 

Contenu connexe

Tendances

An Introduction to Free and Open Source Software Licensing and Business Models
An Introduction to Free and Open Source Software Licensing and Business ModelsAn Introduction to Free and Open Source Software Licensing and Business Models
An Introduction to Free and Open Source Software Licensing and Business ModelsGreat Wide Open
 
Introduction to GNU/Linux, Free Software, Open Source Software, FSF, FSM, OSI
Introduction to GNU/Linux, Free Software, Open Source Software, FSF, FSM, OSIIntroduction to GNU/Linux, Free Software, Open Source Software, FSF, FSM, OSI
Introduction to GNU/Linux, Free Software, Open Source Software, FSF, FSM, OSIVarun Mahajan
 
Open Source: What is It?
Open Source: What is It?Open Source: What is It?
Open Source: What is It?DuraSpace
 
Android Treble: Blessing or Trouble?
Android Treble: Blessing or Trouble?Android Treble: Blessing or Trouble?
Android Treble: Blessing or Trouble?Opersys inc.
 
Devops online training ppt
Devops online training pptDevops online training ppt
Devops online training pptKhalidQureshi31
 
Android's HIDL: Treble in the HAL
Android's HIDL: Treble in the HALAndroid's HIDL: Treble in the HAL
Android's HIDL: Treble in the HALOpersys inc.
 
What is DevOps | DevOps Introduction | DevOps Training | DevOps Tutorial | Ed...
What is DevOps | DevOps Introduction | DevOps Training | DevOps Tutorial | Ed...What is DevOps | DevOps Introduction | DevOps Training | DevOps Tutorial | Ed...
What is DevOps | DevOps Introduction | DevOps Training | DevOps Tutorial | Ed...Edureka!
 
Open source software licenses
Open source software licensesOpen source software licenses
Open source software licensesDrexelELC
 
The open source philosophy
The open source philosophyThe open source philosophy
The open source philosophyGautam Krishnan
 
Open source operating systems
Open source operating systemsOpen source operating systems
Open source operating systemsTushar B Kute
 
Embedded Android Workshop
Embedded Android WorkshopEmbedded Android Workshop
Embedded Android WorkshopOpersys inc.
 
Opensource Powerpoint Review.Ppt
Opensource Powerpoint Review.PptOpensource Powerpoint Review.Ppt
Opensource Powerpoint Review.PptViet NguyenHoang
 

Tendances (20)

Open Source Software
Open Source SoftwareOpen Source Software
Open Source Software
 
An Introduction to Free and Open Source Software Licensing and Business Models
An Introduction to Free and Open Source Software Licensing and Business ModelsAn Introduction to Free and Open Source Software Licensing and Business Models
An Introduction to Free and Open Source Software Licensing and Business Models
 
Introduction to GNU/Linux, Free Software, Open Source Software, FSF, FSM, OSI
Introduction to GNU/Linux, Free Software, Open Source Software, FSF, FSM, OSIIntroduction to GNU/Linux, Free Software, Open Source Software, FSF, FSM, OSI
Introduction to GNU/Linux, Free Software, Open Source Software, FSF, FSM, OSI
 
Open source software and os
Open source software and osOpen source software and os
Open source software and os
 
Open Source: What is It?
Open Source: What is It?Open Source: What is It?
Open Source: What is It?
 
Android Treble: Blessing or Trouble?
Android Treble: Blessing or Trouble?Android Treble: Blessing or Trouble?
Android Treble: Blessing or Trouble?
 
DevOps introduction
DevOps introductionDevOps introduction
DevOps introduction
 
FOSS
FOSS FOSS
FOSS
 
Devops online training ppt
Devops online training pptDevops online training ppt
Devops online training ppt
 
Android's HIDL: Treble in the HAL
Android's HIDL: Treble in the HALAndroid's HIDL: Treble in the HAL
Android's HIDL: Treble in the HAL
 
What is DevOps | DevOps Introduction | DevOps Training | DevOps Tutorial | Ed...
What is DevOps | DevOps Introduction | DevOps Training | DevOps Tutorial | Ed...What is DevOps | DevOps Introduction | DevOps Training | DevOps Tutorial | Ed...
What is DevOps | DevOps Introduction | DevOps Training | DevOps Tutorial | Ed...
 
Open source software licenses
Open source software licensesOpen source software licenses
Open source software licenses
 
The open source philosophy
The open source philosophyThe open source philosophy
The open source philosophy
 
Open source operating systems
Open source operating systemsOpen source operating systems
Open source operating systems
 
Embedded Android Workshop
Embedded Android WorkshopEmbedded Android Workshop
Embedded Android Workshop
 
Opensource Powerpoint Review.Ppt
Opensource Powerpoint Review.PptOpensource Powerpoint Review.Ppt
Opensource Powerpoint Review.Ppt
 
DevOps 101
DevOps 101DevOps 101
DevOps 101
 
Introduction to DevOps
Introduction to DevOpsIntroduction to DevOps
Introduction to DevOps
 
Devops
DevopsDevops
Devops
 
How to Customize Android Framework&System
How to Customize Android Framework&SystemHow to Customize Android Framework&System
How to Customize Android Framework&System
 

Similaire à Understanding open source licenses

Identifying and managing the risks of open source software for PHP developers
Identifying and managing the risks of open source software for PHP developersIdentifying and managing the risks of open source software for PHP developers
Identifying and managing the risks of open source software for PHP developersRogue Wave Software
 
Conversation on Open Source - CU Boulder - Feb 2017
Conversation on Open Source - CU Boulder - Feb 2017Conversation on Open Source - CU Boulder - Feb 2017
Conversation on Open Source - CU Boulder - Feb 2017Jason Carolan
 
nexB - FOSS Introduction
nexB - FOSS IntroductionnexB - FOSS Introduction
nexB - FOSS IntroductionnexB Inc.
 
Related OSS Projects - Peter Rowe, Flexera Software
Related OSS Projects - Peter Rowe, Flexera SoftwareRelated OSS Projects - Peter Rowe, Flexera Software
Related OSS Projects - Peter Rowe, Flexera SoftwareOpenStack
 
Fundamentals of Free and Open Source Software
Fundamentals of Free and Open Source SoftwareFundamentals of Free and Open Source Software
Fundamentals of Free and Open Source SoftwareRoss Gardler
 
Open Source Licensing
Open Source LicensingOpen Source Licensing
Open Source LicensingJohn Lewis
 
Business and Sustainability Models Around FOSS (1 of 2)
Business and Sustainability Models Around FOSS (1 of 2)Business and Sustainability Models Around FOSS (1 of 2)
Business and Sustainability Models Around FOSS (1 of 2)Rowan Wilson
 
Open Source Your Project (With Jasig)
Open Source Your Project (With Jasig)Open Source Your Project (With Jasig)
Open Source Your Project (With Jasig)John Lewis
 
Open Source Licensing Fundamentals for Financial Services
Open Source Licensing Fundamentals for Financial ServicesOpen Source Licensing Fundamentals for Financial Services
Open Source Licensing Fundamentals for Financial ServicesFINOS
 
Open source software for IoT – The devil’s in the details
Open source software for IoT – The devil’s in the detailsOpen source software for IoT – The devil’s in the details
Open source software for IoT – The devil’s in the detailsRogue Wave Software
 
Copyright in Software and Open Source licensing
Copyright in Software and Open Source licensingCopyright in Software and Open Source licensing
Copyright in Software and Open Source licensingRowan Wilson
 
"Crash Course" on Open Source Silicon Flatirons Center (2012)
"Crash Course" on Open Source Silicon Flatirons Center (2012) "Crash Course" on Open Source Silicon Flatirons Center (2012)
"Crash Course" on Open Source Silicon Flatirons Center (2012) Jason Haislmaier
 
Intro to FOSS
Intro to FOSSIntro to FOSS
Intro to FOSSmgamal87
 
Introduction to FOSS
Introduction to FOSSIntroduction to FOSS
Introduction to FOSSmgamal87
 
Open source software 101: Compliance and risk management
Open source software 101: Compliance and risk managementOpen source software 101: Compliance and risk management
Open source software 101: Compliance and risk managementOsler, Hoskin & Harcourt LLP
 
JISC Webinar - An introduction to free and open source software
JISC Webinar - An introduction to free and open source softwareJISC Webinar - An introduction to free and open source software
JISC Webinar - An introduction to free and open source softwareJisc
 
Legal-Considerations-for-Open-Source-Software-Creative-Commons-Licenses_Sprin...
Legal-Considerations-for-Open-Source-Software-Creative-Commons-Licenses_Sprin...Legal-Considerations-for-Open-Source-Software-Creative-Commons-Licenses_Sprin...
Legal-Considerations-for-Open-Source-Software-Creative-Commons-Licenses_Sprin...EmmaShort14
 
Open source . . . Open Road
Open source . . . Open RoadOpen source . . . Open Road
Open source . . . Open RoadMazen Elsayed
 

Similaire à Understanding open source licenses (20)

Identifying and managing the risks of open source software for PHP developers
Identifying and managing the risks of open source software for PHP developersIdentifying and managing the risks of open source software for PHP developers
Identifying and managing the risks of open source software for PHP developers
 
Conversation on Open Source - CU Boulder - Feb 2017
Conversation on Open Source - CU Boulder - Feb 2017Conversation on Open Source - CU Boulder - Feb 2017
Conversation on Open Source - CU Boulder - Feb 2017
 
nexB - FOSS Introduction
nexB - FOSS IntroductionnexB - FOSS Introduction
nexB - FOSS Introduction
 
Open Source Licenses
Open Source LicensesOpen Source Licenses
Open Source Licenses
 
Related OSS Projects - Peter Rowe, Flexera Software
Related OSS Projects - Peter Rowe, Flexera SoftwareRelated OSS Projects - Peter Rowe, Flexera Software
Related OSS Projects - Peter Rowe, Flexera Software
 
QL-1FCJtCuf
QL-1FCJtCufQL-1FCJtCuf
QL-1FCJtCuf
 
Fundamentals of Free and Open Source Software
Fundamentals of Free and Open Source SoftwareFundamentals of Free and Open Source Software
Fundamentals of Free and Open Source Software
 
Open Source Licensing
Open Source LicensingOpen Source Licensing
Open Source Licensing
 
Business and Sustainability Models Around FOSS (1 of 2)
Business and Sustainability Models Around FOSS (1 of 2)Business and Sustainability Models Around FOSS (1 of 2)
Business and Sustainability Models Around FOSS (1 of 2)
 
Open Source Your Project (With Jasig)
Open Source Your Project (With Jasig)Open Source Your Project (With Jasig)
Open Source Your Project (With Jasig)
 
Open Source Licensing Fundamentals for Financial Services
Open Source Licensing Fundamentals for Financial ServicesOpen Source Licensing Fundamentals for Financial Services
Open Source Licensing Fundamentals for Financial Services
 
Open source software for IoT – The devil’s in the details
Open source software for IoT – The devil’s in the detailsOpen source software for IoT – The devil’s in the details
Open source software for IoT – The devil’s in the details
 
Copyright in Software and Open Source licensing
Copyright in Software and Open Source licensingCopyright in Software and Open Source licensing
Copyright in Software and Open Source licensing
 
"Crash Course" on Open Source Silicon Flatirons Center (2012)
"Crash Course" on Open Source Silicon Flatirons Center (2012) "Crash Course" on Open Source Silicon Flatirons Center (2012)
"Crash Course" on Open Source Silicon Flatirons Center (2012)
 
Intro to FOSS
Intro to FOSSIntro to FOSS
Intro to FOSS
 
Introduction to FOSS
Introduction to FOSSIntroduction to FOSS
Introduction to FOSS
 
Open source software 101: Compliance and risk management
Open source software 101: Compliance and risk managementOpen source software 101: Compliance and risk management
Open source software 101: Compliance and risk management
 
JISC Webinar - An introduction to free and open source software
JISC Webinar - An introduction to free and open source softwareJISC Webinar - An introduction to free and open source software
JISC Webinar - An introduction to free and open source software
 
Legal-Considerations-for-Open-Source-Software-Creative-Commons-Licenses_Sprin...
Legal-Considerations-for-Open-Source-Software-Creative-Commons-Licenses_Sprin...Legal-Considerations-for-Open-Source-Software-Creative-Commons-Licenses_Sprin...
Legal-Considerations-for-Open-Source-Software-Creative-Commons-Licenses_Sprin...
 
Open source . . . Open Road
Open source . . . Open RoadOpen source . . . Open Road
Open source . . . Open Road
 

Plus de Rogue Wave Software

The Global Influence of Open Banking, API Security, and an Open Data Perspective
The Global Influence of Open Banking, API Security, and an Open Data PerspectiveThe Global Influence of Open Banking, API Security, and an Open Data Perspective
The Global Influence of Open Banking, API Security, and an Open Data PerspectiveRogue Wave Software
 
No liftoff, touchdown, or heartbeat shall miss because of a software failure
No liftoff, touchdown, or heartbeat shall miss because of a software failureNo liftoff, touchdown, or heartbeat shall miss because of a software failure
No liftoff, touchdown, or heartbeat shall miss because of a software failureRogue Wave Software
 
Disrupt or be disrupted – Using secure APIs to drive digital transformation
Disrupt or be disrupted – Using secure APIs to drive digital transformationDisrupt or be disrupted – Using secure APIs to drive digital transformation
Disrupt or be disrupted – Using secure APIs to drive digital transformationRogue Wave Software
 
Leveraging open banking specifications for rigorous API security – What’s in...
Leveraging open banking specifications for rigorous API security – What’s in...Leveraging open banking specifications for rigorous API security – What’s in...
Leveraging open banking specifications for rigorous API security – What’s in...Rogue Wave Software
 
Adding layers of security to an API in real-time
Adding layers of security to an API in real-timeAdding layers of security to an API in real-time
Adding layers of security to an API in real-timeRogue Wave Software
 
Getting the most from your API management platform: A case study
Getting the most from your API management platform: A case studyGetting the most from your API management platform: A case study
Getting the most from your API management platform: A case studyRogue Wave Software
 
Advanced technologies and techniques for debugging HPC applications
Advanced technologies and techniques for debugging HPC applicationsAdvanced technologies and techniques for debugging HPC applications
Advanced technologies and techniques for debugging HPC applicationsRogue Wave Software
 
The forgotten route: Making Apache Camel work for you
The forgotten route: Making Apache Camel work for youThe forgotten route: Making Apache Camel work for you
The forgotten route: Making Apache Camel work for youRogue Wave Software
 
Are open source and embedded software development on a collision course?
Are open source and embedded software development on a collision course?Are open source and embedded software development on a collision course?
Are open source and embedded software development on a collision course?Rogue Wave Software
 
Three big mistakes with APIs and microservices
Three big mistakes with APIs and microservices Three big mistakes with APIs and microservices
Three big mistakes with APIs and microservices Rogue Wave Software
 
5 strategies for enterprise cloud infrastructure success
5 strategies for enterprise cloud infrastructure success5 strategies for enterprise cloud infrastructure success
5 strategies for enterprise cloud infrastructure successRogue Wave Software
 
PSD2 & Open Banking: How to go from standards to implementation and compliance
PSD2 & Open Banking: How to go from standards to implementation and compliancePSD2 & Open Banking: How to go from standards to implementation and compliance
PSD2 & Open Banking: How to go from standards to implementation and complianceRogue Wave Software
 
Java 10 and beyond: Keeping up with the language and planning for the future
Java 10 and beyond: Keeping up with the language and planning for the futureJava 10 and beyond: Keeping up with the language and planning for the future
Java 10 and beyond: Keeping up with the language and planning for the futureRogue Wave Software
 
How to keep developers happy and lawyers calm (Presented at ESC Boston)
How to keep developers happy and lawyers calm (Presented at ESC Boston)How to keep developers happy and lawyers calm (Presented at ESC Boston)
How to keep developers happy and lawyers calm (Presented at ESC Boston)Rogue Wave Software
 
Open source applied - Real world use cases (Presented at Open Source 101)
Open source applied - Real world use cases (Presented at Open Source 101)Open source applied - Real world use cases (Presented at Open Source 101)
Open source applied - Real world use cases (Presented at Open Source 101)Rogue Wave Software
 
How to migrate SourcePro apps from Solaris to Linux
How to migrate SourcePro apps from Solaris to LinuxHow to migrate SourcePro apps from Solaris to Linux
How to migrate SourcePro apps from Solaris to LinuxRogue Wave Software
 
Approaches to debugging mixed-language HPC apps
Approaches to debugging mixed-language HPC appsApproaches to debugging mixed-language HPC apps
Approaches to debugging mixed-language HPC appsRogue Wave Software
 
Enterprise Linux: Justify your migration from Red Hat to CentOS
Enterprise Linux: Justify your migration from Red Hat to CentOSEnterprise Linux: Justify your migration from Red Hat to CentOS
Enterprise Linux: Justify your migration from Red Hat to CentOSRogue Wave Software
 
Walk through an enterprise Linux migration
Walk through an enterprise Linux migrationWalk through an enterprise Linux migration
Walk through an enterprise Linux migrationRogue Wave Software
 
How to keep developers happy and lawyers calm
How to keep developers happy and lawyers calmHow to keep developers happy and lawyers calm
How to keep developers happy and lawyers calmRogue Wave Software
 

Plus de Rogue Wave Software (20)

The Global Influence of Open Banking, API Security, and an Open Data Perspective
The Global Influence of Open Banking, API Security, and an Open Data PerspectiveThe Global Influence of Open Banking, API Security, and an Open Data Perspective
The Global Influence of Open Banking, API Security, and an Open Data Perspective
 
No liftoff, touchdown, or heartbeat shall miss because of a software failure
No liftoff, touchdown, or heartbeat shall miss because of a software failureNo liftoff, touchdown, or heartbeat shall miss because of a software failure
No liftoff, touchdown, or heartbeat shall miss because of a software failure
 
Disrupt or be disrupted – Using secure APIs to drive digital transformation
Disrupt or be disrupted – Using secure APIs to drive digital transformationDisrupt or be disrupted – Using secure APIs to drive digital transformation
Disrupt or be disrupted – Using secure APIs to drive digital transformation
 
Leveraging open banking specifications for rigorous API security – What’s in...
Leveraging open banking specifications for rigorous API security – What’s in...Leveraging open banking specifications for rigorous API security – What’s in...
Leveraging open banking specifications for rigorous API security – What’s in...
 
Adding layers of security to an API in real-time
Adding layers of security to an API in real-timeAdding layers of security to an API in real-time
Adding layers of security to an API in real-time
 
Getting the most from your API management platform: A case study
Getting the most from your API management platform: A case studyGetting the most from your API management platform: A case study
Getting the most from your API management platform: A case study
 
Advanced technologies and techniques for debugging HPC applications
Advanced technologies and techniques for debugging HPC applicationsAdvanced technologies and techniques for debugging HPC applications
Advanced technologies and techniques for debugging HPC applications
 
The forgotten route: Making Apache Camel work for you
The forgotten route: Making Apache Camel work for youThe forgotten route: Making Apache Camel work for you
The forgotten route: Making Apache Camel work for you
 
Are open source and embedded software development on a collision course?
Are open source and embedded software development on a collision course?Are open source and embedded software development on a collision course?
Are open source and embedded software development on a collision course?
 
Three big mistakes with APIs and microservices
Three big mistakes with APIs and microservices Three big mistakes with APIs and microservices
Three big mistakes with APIs and microservices
 
5 strategies for enterprise cloud infrastructure success
5 strategies for enterprise cloud infrastructure success5 strategies for enterprise cloud infrastructure success
5 strategies for enterprise cloud infrastructure success
 
PSD2 & Open Banking: How to go from standards to implementation and compliance
PSD2 & Open Banking: How to go from standards to implementation and compliancePSD2 & Open Banking: How to go from standards to implementation and compliance
PSD2 & Open Banking: How to go from standards to implementation and compliance
 
Java 10 and beyond: Keeping up with the language and planning for the future
Java 10 and beyond: Keeping up with the language and planning for the futureJava 10 and beyond: Keeping up with the language and planning for the future
Java 10 and beyond: Keeping up with the language and planning for the future
 
How to keep developers happy and lawyers calm (Presented at ESC Boston)
How to keep developers happy and lawyers calm (Presented at ESC Boston)How to keep developers happy and lawyers calm (Presented at ESC Boston)
How to keep developers happy and lawyers calm (Presented at ESC Boston)
 
Open source applied - Real world use cases (Presented at Open Source 101)
Open source applied - Real world use cases (Presented at Open Source 101)Open source applied - Real world use cases (Presented at Open Source 101)
Open source applied - Real world use cases (Presented at Open Source 101)
 
How to migrate SourcePro apps from Solaris to Linux
How to migrate SourcePro apps from Solaris to LinuxHow to migrate SourcePro apps from Solaris to Linux
How to migrate SourcePro apps from Solaris to Linux
 
Approaches to debugging mixed-language HPC apps
Approaches to debugging mixed-language HPC appsApproaches to debugging mixed-language HPC apps
Approaches to debugging mixed-language HPC apps
 
Enterprise Linux: Justify your migration from Red Hat to CentOS
Enterprise Linux: Justify your migration from Red Hat to CentOSEnterprise Linux: Justify your migration from Red Hat to CentOS
Enterprise Linux: Justify your migration from Red Hat to CentOS
 
Walk through an enterprise Linux migration
Walk through an enterprise Linux migrationWalk through an enterprise Linux migration
Walk through an enterprise Linux migration
 
How to keep developers happy and lawyers calm
How to keep developers happy and lawyers calmHow to keep developers happy and lawyers calm
How to keep developers happy and lawyers calm
 

Dernier

OpenChain - The Ramifications of ISO/IEC 5230 and ISO/IEC 18974 for Legal Pro...
OpenChain - The Ramifications of ISO/IEC 5230 and ISO/IEC 18974 for Legal Pro...OpenChain - The Ramifications of ISO/IEC 5230 and ISO/IEC 18974 for Legal Pro...
OpenChain - The Ramifications of ISO/IEC 5230 and ISO/IEC 18974 for Legal Pro...Shane Coughlan
 
call girls in Vaishali (Ghaziabad) 🔝 >༒8448380779 🔝 genuine Escort Service 🔝✔️✔️
call girls in Vaishali (Ghaziabad) 🔝 >༒8448380779 🔝 genuine Escort Service 🔝✔️✔️call girls in Vaishali (Ghaziabad) 🔝 >༒8448380779 🔝 genuine Escort Service 🔝✔️✔️
call girls in Vaishali (Ghaziabad) 🔝 >༒8448380779 🔝 genuine Escort Service 🔝✔️✔️Delhi Call girls
 
Announcing Codolex 2.0 from GDK Software
Announcing Codolex 2.0 from GDK SoftwareAnnouncing Codolex 2.0 from GDK Software
Announcing Codolex 2.0 from GDK SoftwareJim McKeeth
 
Payment Gateway Testing Simplified_ A Step-by-Step Guide for Beginners.pdf
Payment Gateway Testing Simplified_ A Step-by-Step Guide for Beginners.pdfPayment Gateway Testing Simplified_ A Step-by-Step Guide for Beginners.pdf
Payment Gateway Testing Simplified_ A Step-by-Step Guide for Beginners.pdfkalichargn70th171
 
Large-scale Logging Made Easy: Meetup at Deutsche Bank 2024
Large-scale Logging Made Easy: Meetup at Deutsche Bank 2024Large-scale Logging Made Easy: Meetup at Deutsche Bank 2024
Large-scale Logging Made Easy: Meetup at Deutsche Bank 2024VictoriaMetrics
 
tonesoftg
tonesoftgtonesoftg
tonesoftglanshi9
 
W01_panagenda_Navigating-the-Future-with-The-Hitchhikers-Guide-to-Notes-and-D...
W01_panagenda_Navigating-the-Future-with-The-Hitchhikers-Guide-to-Notes-and-D...W01_panagenda_Navigating-the-Future-with-The-Hitchhikers-Guide-to-Notes-and-D...
W01_panagenda_Navigating-the-Future-with-The-Hitchhikers-Guide-to-Notes-and-D...panagenda
 
The title is not connected to what is inside
The title is not connected to what is insideThe title is not connected to what is inside
The title is not connected to what is insideshinachiaurasa2
 
call girls in Vaishali (Ghaziabad) 🔝 >༒8448380779 🔝 genuine Escort Service 🔝✔️✔️
call girls in Vaishali (Ghaziabad) 🔝 >༒8448380779 🔝 genuine Escort Service 🔝✔️✔️call girls in Vaishali (Ghaziabad) 🔝 >༒8448380779 🔝 genuine Escort Service 🔝✔️✔️
call girls in Vaishali (Ghaziabad) 🔝 >༒8448380779 🔝 genuine Escort Service 🔝✔️✔️Delhi Call girls
 
Software Quality Assurance Interview Questions
Software Quality Assurance Interview QuestionsSoftware Quality Assurance Interview Questions
Software Quality Assurance Interview QuestionsArshad QA
 
Architecture decision records - How not to get lost in the past
Architecture decision records - How not to get lost in the pastArchitecture decision records - How not to get lost in the past
Architecture decision records - How not to get lost in the pastPapp Krisztián
 
%in Bahrain+277-882-255-28 abortion pills for sale in Bahrain
%in Bahrain+277-882-255-28 abortion pills for sale in Bahrain%in Bahrain+277-882-255-28 abortion pills for sale in Bahrain
%in Bahrain+277-882-255-28 abortion pills for sale in Bahrainmasabamasaba
 
AI Mastery 201: Elevating Your Workflow with Advanced LLM Techniques
AI Mastery 201: Elevating Your Workflow with Advanced LLM TechniquesAI Mastery 201: Elevating Your Workflow with Advanced LLM Techniques
AI Mastery 201: Elevating Your Workflow with Advanced LLM TechniquesVictorSzoltysek
 
WSO2CON 2024 - Cloud Native Middleware: Domain-Driven Design, Cell-Based Arch...
WSO2CON 2024 - Cloud Native Middleware: Domain-Driven Design, Cell-Based Arch...WSO2CON 2024 - Cloud Native Middleware: Domain-Driven Design, Cell-Based Arch...
WSO2CON 2024 - Cloud Native Middleware: Domain-Driven Design, Cell-Based Arch...WSO2
 
WSO2Con2024 - WSO2's IAM Vision: Identity-Led Digital Transformation
WSO2Con2024 - WSO2's IAM Vision: Identity-Led Digital TransformationWSO2Con2024 - WSO2's IAM Vision: Identity-Led Digital Transformation
WSO2Con2024 - WSO2's IAM Vision: Identity-Led Digital TransformationWSO2
 
%+27788225528 love spells in Huntington Beach Psychic Readings, Attraction sp...
%+27788225528 love spells in Huntington Beach Psychic Readings, Attraction sp...%+27788225528 love spells in Huntington Beach Psychic Readings, Attraction sp...
%+27788225528 love spells in Huntington Beach Psychic Readings, Attraction sp...masabamasaba
 
%+27788225528 love spells in Knoxville Psychic Readings, Attraction spells,Br...
%+27788225528 love spells in Knoxville Psychic Readings, Attraction spells,Br...%+27788225528 love spells in Knoxville Psychic Readings, Attraction spells,Br...
%+27788225528 love spells in Knoxville Psychic Readings, Attraction spells,Br...masabamasaba
 

Dernier (20)

OpenChain - The Ramifications of ISO/IEC 5230 and ISO/IEC 18974 for Legal Pro...
OpenChain - The Ramifications of ISO/IEC 5230 and ISO/IEC 18974 for Legal Pro...OpenChain - The Ramifications of ISO/IEC 5230 and ISO/IEC 18974 for Legal Pro...
OpenChain - The Ramifications of ISO/IEC 5230 and ISO/IEC 18974 for Legal Pro...
 
CHEAP Call Girls in Pushp Vihar (-DELHI )🔝 9953056974🔝(=)/CALL GIRLS SERVICE
CHEAP Call Girls in Pushp Vihar (-DELHI )🔝 9953056974🔝(=)/CALL GIRLS SERVICECHEAP Call Girls in Pushp Vihar (-DELHI )🔝 9953056974🔝(=)/CALL GIRLS SERVICE
CHEAP Call Girls in Pushp Vihar (-DELHI )🔝 9953056974🔝(=)/CALL GIRLS SERVICE
 
call girls in Vaishali (Ghaziabad) 🔝 >༒8448380779 🔝 genuine Escort Service 🔝✔️✔️
call girls in Vaishali (Ghaziabad) 🔝 >༒8448380779 🔝 genuine Escort Service 🔝✔️✔️call girls in Vaishali (Ghaziabad) 🔝 >༒8448380779 🔝 genuine Escort Service 🔝✔️✔️
call girls in Vaishali (Ghaziabad) 🔝 >༒8448380779 🔝 genuine Escort Service 🔝✔️✔️
 
Announcing Codolex 2.0 from GDK Software
Announcing Codolex 2.0 from GDK SoftwareAnnouncing Codolex 2.0 from GDK Software
Announcing Codolex 2.0 from GDK Software
 
Abortion Pill Prices Tembisa [(+27832195400*)] 🏥 Women's Abortion Clinic in T...
Abortion Pill Prices Tembisa [(+27832195400*)] 🏥 Women's Abortion Clinic in T...Abortion Pill Prices Tembisa [(+27832195400*)] 🏥 Women's Abortion Clinic in T...
Abortion Pill Prices Tembisa [(+27832195400*)] 🏥 Women's Abortion Clinic in T...
 
Payment Gateway Testing Simplified_ A Step-by-Step Guide for Beginners.pdf
Payment Gateway Testing Simplified_ A Step-by-Step Guide for Beginners.pdfPayment Gateway Testing Simplified_ A Step-by-Step Guide for Beginners.pdf
Payment Gateway Testing Simplified_ A Step-by-Step Guide for Beginners.pdf
 
Large-scale Logging Made Easy: Meetup at Deutsche Bank 2024
Large-scale Logging Made Easy: Meetup at Deutsche Bank 2024Large-scale Logging Made Easy: Meetup at Deutsche Bank 2024
Large-scale Logging Made Easy: Meetup at Deutsche Bank 2024
 
tonesoftg
tonesoftgtonesoftg
tonesoftg
 
W01_panagenda_Navigating-the-Future-with-The-Hitchhikers-Guide-to-Notes-and-D...
W01_panagenda_Navigating-the-Future-with-The-Hitchhikers-Guide-to-Notes-and-D...W01_panagenda_Navigating-the-Future-with-The-Hitchhikers-Guide-to-Notes-and-D...
W01_panagenda_Navigating-the-Future-with-The-Hitchhikers-Guide-to-Notes-and-D...
 
The title is not connected to what is inside
The title is not connected to what is insideThe title is not connected to what is inside
The title is not connected to what is inside
 
call girls in Vaishali (Ghaziabad) 🔝 >༒8448380779 🔝 genuine Escort Service 🔝✔️✔️
call girls in Vaishali (Ghaziabad) 🔝 >༒8448380779 🔝 genuine Escort Service 🔝✔️✔️call girls in Vaishali (Ghaziabad) 🔝 >༒8448380779 🔝 genuine Escort Service 🔝✔️✔️
call girls in Vaishali (Ghaziabad) 🔝 >༒8448380779 🔝 genuine Escort Service 🔝✔️✔️
 
Software Quality Assurance Interview Questions
Software Quality Assurance Interview QuestionsSoftware Quality Assurance Interview Questions
Software Quality Assurance Interview Questions
 
Architecture decision records - How not to get lost in the past
Architecture decision records - How not to get lost in the pastArchitecture decision records - How not to get lost in the past
Architecture decision records - How not to get lost in the past
 
%in Bahrain+277-882-255-28 abortion pills for sale in Bahrain
%in Bahrain+277-882-255-28 abortion pills for sale in Bahrain%in Bahrain+277-882-255-28 abortion pills for sale in Bahrain
%in Bahrain+277-882-255-28 abortion pills for sale in Bahrain
 
Microsoft AI Transformation Partner Playbook.pdf
Microsoft AI Transformation Partner Playbook.pdfMicrosoft AI Transformation Partner Playbook.pdf
Microsoft AI Transformation Partner Playbook.pdf
 
AI Mastery 201: Elevating Your Workflow with Advanced LLM Techniques
AI Mastery 201: Elevating Your Workflow with Advanced LLM TechniquesAI Mastery 201: Elevating Your Workflow with Advanced LLM Techniques
AI Mastery 201: Elevating Your Workflow with Advanced LLM Techniques
 
WSO2CON 2024 - Cloud Native Middleware: Domain-Driven Design, Cell-Based Arch...
WSO2CON 2024 - Cloud Native Middleware: Domain-Driven Design, Cell-Based Arch...WSO2CON 2024 - Cloud Native Middleware: Domain-Driven Design, Cell-Based Arch...
WSO2CON 2024 - Cloud Native Middleware: Domain-Driven Design, Cell-Based Arch...
 
WSO2Con2024 - WSO2's IAM Vision: Identity-Led Digital Transformation
WSO2Con2024 - WSO2's IAM Vision: Identity-Led Digital TransformationWSO2Con2024 - WSO2's IAM Vision: Identity-Led Digital Transformation
WSO2Con2024 - WSO2's IAM Vision: Identity-Led Digital Transformation
 
%+27788225528 love spells in Huntington Beach Psychic Readings, Attraction sp...
%+27788225528 love spells in Huntington Beach Psychic Readings, Attraction sp...%+27788225528 love spells in Huntington Beach Psychic Readings, Attraction sp...
%+27788225528 love spells in Huntington Beach Psychic Readings, Attraction sp...
 
%+27788225528 love spells in Knoxville Psychic Readings, Attraction spells,Br...
%+27788225528 love spells in Knoxville Psychic Readings, Attraction spells,Br...%+27788225528 love spells in Knoxville Psychic Readings, Attraction spells,Br...
%+27788225528 love spells in Knoxville Psychic Readings, Attraction spells,Br...
 

Understanding open source licenses

  • 1. © 2016 Rogue Wave Software, Inc. All Rights Reserved. 1 Understanding Open Source Licenses Dave McLoughlin, Rogue Wave
  • 2. © 2016 Rogue Wave Software, Inc. All Rights Reserved. 2 Understanding Open Source Licenses • There are hundreds of open source licenses. Most developers don't take the time to read or understand them, but can you continue to ignore them? We have seen a rise in litigation around open source license over the last 10 years. And, in the last 12 months we have seen the first examples of OSS copyright trolls that are taking developers to court in an attempt to monetize GPL violations. • This session will covers: • How OSS licenses are enforced • What are the main types of OSS licenses • How to identify them • What steps you need to take to ensure you are complying • We cover use case scenarios and do a "deep dive" on the most used licenses today and how to understand them.
  • 3. © 2016 Rogue Wave Software, Inc. All Rights Reserved. 3 Legal disclaimer • Rogue Wave Software, Inc. is not engaged in the rendering of legal advice. This material provides legal information, which should not be confused with legal advice. • I am not an attorney
  • 4. © 2016 Rogue Wave Software, Inc. All Rights Reserved. 4
  • 5. © 2016 Rogue Wave Software, Inc. All Rights Reserved. 5 Understanding OSS licenses
  • 6. © 2016 Rogue Wave Software, Inc. All Rights Reserved. 6 OSS license challenges • It can be hard to determine correct license – OSS packages bundle other OSS packages – License information may not be correct – author says BSD on website and provides code with copy of MIT – Multiple licenses - disjunctive or conjunctive – Default license added to content (stack overflow, Code Project) • Many (most) OSS licenses were not written by attorneys – Don’t necessarily track on statutory or typical contract language, may be vague, may use alternative definitions, etc. • Incompatibility or license conflicts – Impossible to comply with requirements of both licenses – Compatibility issues with proprietary licenses (EULA)
  • 7. © 2016 Rogue Wave Software, Inc. All Rights Reserved. 7 OSS license types • Permissive – Broad grant of rights with no requirements on relicensing under particular terms – License requirements are minimal (retain notice; include copy of license) • Copyleft – License must be applied to original work and any derivative work thereof – Source code must be made available in most cases – “Weak” copyleft: refers to licenses where not all derived works inherit the copyleft license copyleft
  • 8. © 2016 Rogue Wave Software, Inc. All Rights Reserved. 8 Common descriptive license terms • Copyleft – Restrictive or Protective – Hereditary or Viral – Share-alike • Permissive – Attribution licenses – Non-copyleft • Non-commercial free – Evaluation, educational or research software, e.g. HighchartsJS, • Freeware – No source code or restricted redistribution, e.g. Java
  • 9. © 2016 Rogue Wave Software, Inc. All Rights Reserved. 9 Why are licenses important? • Copyright is a legal right created by the law of a country that grants the creator of an original work exclusive rights for its use and distribution. (https://en.wikipedia.org/wiki/Copyright) • Copyright is an unregistered right – it comes into existence at the same time that the work is 'fixed' • It protects the 'fixed' form of an idea, not the idea itself (patent) • The OSS license contains the terms of use that tells you how you can use the OSS and gives you permission to use copyrighted material • Without a license you may need to get permission to use code you download from the Internet • If you don’t comply with the license the author has the right under copyright law to revoke your permission to use
  • 10. © 2016 Rogue Wave Software, Inc. All Rights Reserved. 10 License compatibility • License compatibility is an issue that arises when licenses are applied to copyrighted works, particularly licenses of software packages (including software source code and binary representation[1]). • Licenses can contain contradictory requirements, rendering it impossible to combine source code or content from such works in order to create new ones (https://en.wikipedia.org/wiki/License_compatibility) • Issues stem primarily from Copyleft licenses. See fsf.org “GPL-Incompatible Free Software Licenses” (https://www.gnu.org/licenses/license-list.html#GPLIncompatibleLicenses) • Example: CDDL 1.0 and GPL (any version) - This is a free software license. It has a weak per-file copyleft (like version 1 of the Mozilla Public License) which makes it incompatible with the GNU GPL. This means a module covered by the GPL and a module covered by the CDDL cannot legally be linked together. We urge you not to use the CDDL for this reason.
  • 11. © 2016 Rogue Wave Software, Inc. All Rights Reserved. 11 Multiple licenses • Disjunctive – Choice of license – Usually for compatibility issues – E.g. Many Java libraries are dual CDDL 1.0 or GPL w/ CPE • Conjunctive – Combination of OSS in same project or file – Fairly common in Javascript/jQuery
  • 12. © 2016 Rogue Wave Software, Inc. All Rights Reserved. 12 Comparison of OSS and proprietary license • COMMERCIAL LICENSE – We do this . . . – You do this . . . – Requirements/Restrictions • OSS LICENSE – If you do this… . . . – Then you must do this…* . . . – Requirements/Restrictions * If you don’t do this, then you don’t have the right to use
  • 13. © 2016 Rogue Wave Software, Inc. All Rights Reserved. 13 Understanding OSS licenses • Many OSS License terms are IF – THEN statement – IF I am... distributing, conveying, modifying. • How am I using the OSS? – THEN I must... Provide a copy of the license, retain notices, provide the source code… • WHAT is the requirement? • HOW does that requirement need to be met? • OSS licenses have requirements and restrictions just like other IP licenses – Can do, must do, can’t do
  • 14. © 2016 Rogue Wave Software, Inc. All Rights Reserved. 14 Example of “If then” in OSS license • BSD License excerpt: Redistribution and use in source and binary forms, with or without modification, are permitted provided that the following conditions are met: 1. Redistributions of source code must retain the above copyright notice, this list of conditions and the following disclaimer. • Paraphrase: – IF (you distribute in source or binary form) THEN (you must retain copyrights and distribute this license)
  • 15. © 2016 Rogue Wave Software, Inc. All Rights Reserved. 15 Enforcement and litigation
  • 16. © 2016 Rogue Wave Software, Inc. All Rights Reserved. 16 Enforcement • Free Software Foundation (FSF) is the de facto enforcer of the GPL license – FSF conducts a compliance laboratory that investigates violations – FSF is available for hire to assist companies to comply – Partners with the Software Freedom Law Center (SFLC) • The Software Freedom Conservancy – Software Freedom Conservancy is a not-for-profit charity that helps promote, improve, develop, and defend Free, Libre, and Open Source Software (FLOSS) projects – Currently has 46 members projects (as of October 2017) • Free Software Foundation Europe (FSFE) is a charitable registered association under German law. – It is as an official European sister organization of the U.S.-based Free Software Foundation (FSF).
  • 17. © 2016 Rogue Wave Software, Inc. All Rights Reserved. 17 Sample OSS litigation • USA – Linksys/Cisco (2003) – Wallace v. FSF (2005) & Wallace v. IBM et al (2006) – FSF v. Monsoon (2007) – FSF vs Cisco (2009) – Busybox vs Best Buy + 13 other companies (2009-2012) – XimpleWare v. Versata & Ameriprise Financial (2013) – Oracle v. Google (2015) • GERMANY – Welte vs Sitecom (2004) – Welte vs Fortinet UK Ltd. (2005) – Welte vs D-Link (2006) – Welte vs Skype (2008) – Welte in AVM vs Cybits case (2011) – Welte vs Fantec (2013) • FRANCE – AFPA v. Edu4 (2001) – Free/Iliad (2007)
  • 18. © 2016 Rogue Wave Software, Inc. All Rights Reserved. 18 Non-court actions • Developer reached out to large mobile phone manufacturer about OSS use in phone – Reaction was swift – Company now audits all software developed or acquired • FSF and FSFE (gpl-violations.org) – notices of compliance issue – FSF website has link to report license violations – Routinely send notices of violation and warning
  • 19. © 2016 Rogue Wave Software, Inc. All Rights Reserved. 19 OSS license obligations
  • 20. © 2016 Rogue Wave Software, Inc. All Rights Reserved. 20 OSS licenses – typical conditions & restrictions • Retain copyright (and other) notices • Provide a copy of the license • Provide notice of modifications • Provide access to source code (whether you modified it or not) • Maintain modified versions (or derivative works) under the same license (copyleft) • Do not restrict others of the rights granted • Do not use the name of the project or copyright holder or trademark to suggest endorsement or to promote • Disclaim any warranty and liability
  • 21. © 2016 Rogue Wave Software, Inc. All Rights Reserved. 21 GNU Licenses • GPL v2 - Released in 1991 (1st version released in 1989) • GPL v3 – Released in 2007 – Installation instructions – when providing source code, need to also provide information to modify and reinstall – Same as GPLv2, but sharpened in v3 to provide installation info for locked down devices (DRM) • LGPL (v2.0, 2.1, 3.0) – Developed as “lesser” or scalled-back version of GPL permits use of the library in proprietary programs • GNU Affero GPL v3 – Same as GPL v3 with exception of one clause (section 13) which requires providing source code for modified versions of the work that are accessed over a network
  • 22. © 2016 Rogue Wave Software, Inc. All Rights Reserved. 22 Other common OSS licenses • MIT License – If not already, quickly becoming most popular OSS license • BSD (Berkeley Source Distribution) – 2 clause, 3 clause, and 4 clause versions • Apache 2.0 – Very popular for widely used open source projects (Google/ASF) – Includes patent license to patent claims licensable by contributors that would be “necessarily infringed” by contribution or combination of contribution • Mozilla Public License v2.0 and Eclipse Public License 1.1 – Weak copyleft • Common Development and Distribution License (CDDL) 1.1 – Used extensively in Java
  • 23. © 2016 Rogue Wave Software, Inc. All Rights Reserved. 23 GPL license exceptions • The GPL license is about freedom in software development. Cases have arisen where you may be forced to create a derivative work to use a GPL-licensed OSS. • Learn and be aware of exceptions – A GPL linking exception – Autoconf Configure Script Exception – GCC Runtime Library Exception – Others: Classpath, Bison, MySQL FLOSS exception
  • 24. © 2016 Rogue Wave Software, Inc. All Rights Reserved. 24 License deep dive
  • 25. © 2016 Rogue Wave Software, Inc. All Rights Reserved. 25 Strong copyleft licenses • The GNU General Public License (all versions) and the GNU Lesser General Public License 3.0 are considered “strong” coypleft licenses • License obligations trigger on distribution • You must be able to provide corresponding, “buildable” source code – In GPLv3 you must also provide build/install instructions • You can include in a commercial work, you can charge people a fee for the software and support • You can modify the original code (modification constitutes a derivative work, so you must provide source of modification) • You must document modification copyleft
  • 26. © 2016 Rogue Wave Software, Inc. All Rights Reserved. 26 Strong copyleft licenses (continued) • If you create a derivative work, you must be prepared to release the source code of your proprietary work – If you do not know what a constitutes a derivative work it is essential to consult with a law firm that specializes in OSS and intellectual property • SaaS users beware: the AGPLv3 has the extra clause that requires distribution of source if modified • Termination is immediate and permanent, must get reinstated by licensor
  • 27. © 2016 Rogue Wave Software, Inc. All Rights Reserved. 27 Weak copyleft licenses • Most common weak copyleft licenses: – Mozilla Public License, Eclipse Public License, Common Public License, Common Development and Distribution License (CDDL), Creative Commons Attribution ShareAlike • Require you provide source code to original work and modification, but not necessarily to derivative works • Many allow you to simply point customers to where they can get source code (however, if source becomes unavailable you are still responsible) • Overall less enforcement then see with GNU licenses • Can be used for commercial use • Can be modified
  • 28. © 2016 Rogue Wave Software, Inc. All Rights Reserved. 28 Permissive licenses • Most common permissive licenses: – MIT, BSD, Apache, zlib • Require you include copy of license • Do not remove copyright notices • Do not use trademarks or copyright holder names to endorse or promote • Accept disclaimer of warranty • Additional obligations not in all permissive licenses: – Document modification – Indemnify contributors, authors – Do not claim you wrote the software • Enforcement is more on a case-by-case basis of flagrant violation
  • 29. © 2016 Rogue Wave Software, Inc. All Rights Reserved. 29 Compliance - steps you can take • Determine the licenses – Track as you download – Fossology, nexB scan toolkit (OSS tools for finding licenses) • Review the terms – Need help? Consult an attornery – Use web resources: tldrlegal.com • Determine active steps – Provide attribution – Provide Source – Document modification • Review and update on a regular basis – yearly, quarterly?
  • 30. © 2016 Rogue Wave Software, Inc. All Rights Reserved. 30 Fossology
  • 31. © 2016 Rogue Wave Software, Inc. All Rights Reserved. 31 nexB scan-toolkit
  • 32. © 2016 Rogue Wave Software, Inc. All Rights Reserved. 32 Tldrlegal.com
  • 33. © 2016 Rogue Wave Software, Inc. All Rights Reserved. 33 Summary • Be smart about risks associated with OSS – Know your risks and manage them • Learn the basics of OSS license, copyrights and patents – When selecting OSS take the time to understand your rights to use (not use) in your development • Enforcement – GNU license have most proactive enforcement today (FSF), but any copyright holder can enforce their licenses • Audit your applications – You can’t manage OSS if you don’t know what you have • Understand how usage affects compliance – Distribution, hosted apps, how you use the OSS
  • 34. © 2016 Rogue Wave Software, Inc. All Rights Reserved. 34