Maintaining a software licensing agreement for your open source software can help communicate expectations and limitations of how your software should be used.

This article explains what open source software is, the benefits and drawbacks of open source software for users and developers, and how developers can create an open source software licensing agreement.


What is Open Source Software?

Open source software (OSS) is software that has publicly accessible source code so that anyone can modify or redistribute the source code.

While open source software is typically free to use (some programs accept donations), not all free software is open source. To be considered open source, the source code must be accessible and enable users to edit and freely share it.

For example, Linux is a free open source operating system that many users install to avoid malware, crashes, and licensing fees. Since it is distributed under an open source license, users can operate the program for any purpose they choose, explore how the program works and make any desired changes to it, and redistribute copies or distribute modified copies to other users.

Open source software is used to support the functionality of all kinds of products, from mobile phones to national security systems.

What are the Benefits of Open Source Software?

Here are some of the primary benefits of developing and using open source software:

  • Low cost - Many users opt for open source software as it is generally free to use. Developers who work on open source software can take pride in providing programs that are truly accessible to all.
  • Large community of users - Open source software typically relies on a large community of individuals who contribute to testing, modifying, and enhancing the software. Developers who work on open source software can gain recognition in their community for their contributions.
  • High customization - With access to open source software's source code, users and developers can analyze how the software works, and make changes to the software so that it better suits their needs.
  • Enhanced security - Due to the number of people involved with open source software, software issues tend to be noticed and resolved fairly quickly. If you come across a problem with your software, it shouldn’t be too hard to find support from the open source community to help fix it.

What are the Drawbacks of Open Source Software?

The main drawback of developing open source software is that it's not necessarily the best business move. Since it is typically free to use, developers don't stand to gain a lot financially from contributing to open source software.

Developers should be mindful of using trade secrets or other protected business information in open source software. Once your ideas become open source, they become accessible to industry competitors.

Developers who want to make money from their software should consider using a commercial license instead of an open source license.

What is an Open Source Software License?

An open source software license allows users to use, modify, and distribute open source softwar. An open source software license differs from a commercial license, which often involves a licensing fee and is typically focused on restrictions and the consequences of violating the license's terms.

The Open Source Initiative (OSI) is a globally recognized open source authority that ensures that approved licenses comply with its open source definition.

In order for software to be considered open source, the OSI requires software licenses to meet the following distribution criteria:

  • Allow free redistribution.
  • Include the source code and allow distribution in source code and compiled form. If a part of a software product isn't distributed with source code, the developer must provide a well-publicized method of obtaining the source code, preferably for free via download, or with a reasonable charge to cover the reproduction cost.
  • The source code must not be intentionally concealed.
  • Allow users to modify the software and must allow derived works. Under copyright law, a derivative work is a work that is based on a preexisting copyrighted work.
  • Allow users to distribute derived works following the same conditions as the license of the original software.
  • Can include modified source code distribution restrictions if it permits patch files to be distributed along with the source code to modify the program at build time.
  • Must allow the distribution of software built from altered source code.
  • Can require any derived works to have a name or version number that differs from the original software.
  • Cannot discriminate against individuals or groups of people.
  • Cannot include any use restrictions for people in certain industries.
  • The rights must apply to anyone who receives a redistributed copy of the software.
  • Individuals who receive a redistributed copy of the software must not be required to obtain any additional licenses.
  • Software rights cannot be product-specific.
  • Cannot put restrictions on any other software that is distributed with the licensed software.
  • Must be technology-neutral.

Types of Open Source Software Licenses

There are two main types of open source software licenses:

  1. Permissive license - Also known as a non-copyleft license, a permissive software license gives users the right to use, alter, or share the open source code. A permissive license also allows proprietary derivative works. An example of a permissive license is the Berkeley Source Distribution (BSD) license.
  2. Copyleft license - Like a permissive license, a copyleft license grants users the right to use, change, or share the open source code. It allows derivative works, but users must abide by the same copyleft terms that apply to the original software. Common types of copyleft licenses include the GNU General Public License (GNU GPL) and the Affero GPL (AGPL).

The type of license you choose depends on how you want your software to be used. If you're fine with allowing anyone to use your code to create proprietary products and release them under different terms, you might choose a permissive license. If you don't want proprietary derivatives, you can use a copyleft license. Both types of licenses typically have explicit liability disclaimers.

Comparison Table of Most Common Open Source Licenses

Open source licenses that have been approved by the OSI often come with their own licensing agreements.

Let's take a look at the similarities and differences between the licensing agreements for a few common open source licenses.

Copyleft

Permissive

GPL

AGPL

LGPL

EPL

MPL

Apache

MIT

BSD

Unlicensed

Permissions in addition to:

Commercial use, distribution, and modification:

Yes

Yes

Yes

Yes

Yes

Yes

Yes

Yes

Yes

Patent Use

Yes

Yes

Yes

Yes

Yes

Yes

No

No

No

Private Use

Yes

Yes

Yes

Yes

Yes

Yes

Yes

Yes

Yes

Conditions

Disclose source

Yes

Yes

Yes

Yes

No

No

No

No

No

License and Copyright Notice

Yes

Yes

Yes

Yes

Yes

Yes

Yes

Source

No

Network use is distribution

No

Yes

No

No

No

No

No

No

No

Same license

Yes

Yes

Library

Yes

File

No

No

No

No

State changes

Yes

Yes

Yes

Some

No

Yes

No

No

No

Limitations/Disclaimers

Liability

Yes

Yes

Yes

Yes

Yes

Yes

Yes

Yes

Yes

Warranty

Yes

Yes

Yes

Yes

Yes

Yes

Yes

Yes

Yes

Trademark Use

No explicit limitations

Yes

Yes

No

No

No

GNU License

The GNU license is a copyleft license that is a good choice for developers who want to share their software freely with others and ensure that the recipients of any derivative works can enjoy the same freedoms.

The GNU General Public License agreement explains that any modified versions of GNU-licensed open source software must meet certain conditions, including carrying prominent notices that the work has been modified and released under the license. The terms of the GNU license apply to all modified versions of the software:

GNU General Public License Agreement: Conveying modified source versions section

Apache 2.0

The Apache License 2.0 is a permissive license that is well-suited for small projects (typically those with under 300 lines of source code).

The Apache License 2.0 agreement includes terms that bar contributors or distributors from suing for patent infringement. This helps keep patent holders from distributing open source software under free terms but later requiring recipients to consent to restrictive terms in a patent license.

The Apache License 2.0 terms grant users a patent license, with the stipulation that anyone who tries to file a patent infringement lawsuit against an entity for use of the software will lose the patent license on the date the lawsuit is filed:

Apache License 2 Terms: Grant of Patent License section

MIT License

The MIT license is a permissive license that enables users to pretty much do as they please with the open source software. The main restriction of an MIT license is that users must include the license if they want to redistribute the software.

The MIT License agreement is short and sweet: it grants users full copyright permissions as long as they include the license when redistributing copies or portions of MIT-licensed software:

MIT License Agreement excerpt

What is an Open Source Software Licensing Agreement?

An open source software licensing agreement explains how a specific software product can be used.

The contents of your open source software licensing agreement depend on the level of restrictions you want to place on your software. While open source software tends to be characterized by minimal restrictions, some developers may want to maintain a degree of control over how the software is used.

An open source software licensing agreement can help developers assert their rights, outline user permissions, and ensure that developers and users are on the same page as to how the software should be used.

How to Create a Software Licensing Agreement for Open Source Software

Once you have decided what type of open source license you want to provide, you can create an open source software Licensing Agreement. Whether you want to restrict the use of your software or license your open source software with little to no restrictions, there are a few essential clauses your Licensing Agreement should contain.

Common clauses that open source software Licensing Agreements often contain include:

  • Scope of the license
  • Redistribution terms
  • Limitation of liability
  • Disclaimer of warranty

Let's take a closer look at what these clauses can look like within an open source Licensing Agreement.

Scope of the License

This clause lists the details of the open source software and what the license allows users to do with the software.

Foerster's Open Source Licensing Agreement lists its open source software programs and the types of licenses that apply to them:

Foersters Open Source Licensing Agreement: List of programs

Huawei's Open Source Software Notice explains that it grants users a copyright license, patent license, and redistribution rights. It lets users know that if they do redistribute its open source software, they must give the recipients of the software or derivative works a copy of the notice and that any altered files must contain prominent notices informing recipients that the user has modified the files.

Additionally, the user must keep, in source form, any distributed derivative works and all copyright, trademark, and attribution notices:

Huawei Open Source Software Notice: Copyright license clause

Redistribution Terms

It's important to list your open source software redistribution terms within your licensing agreement.

The Commonwealth Scientific and Industrial Research Organisation's (CSIRO) Open Source Licensing Agreement explains that it allows redistribution of its software as long as redistributions of the the source code or in binary form include the agreement's copyright notice, conditions, and disclaimer, and there is no unauthorized use of the company's and its contributors' names to endorse or promote products that are created from the software:

CSIRO Open Source Licensing Agreement excerpt

Foerster's Open Source Licensing Agreement lists the license terms for each of the license types that may apply to its open source software, including redistribution conditions:

Foersters Open Source Licensing Agreement excerpt

Limitation of Liability

A limitation of liability clause lets users know that you are not to be held accountable for any harm that the user may incur when using your open source software.

Huawei's Open Source Software Notice explains that the licensor is not responsible for any damages that may arise from the use of the software:

Huawei Open Source Software Notice: Limitation of liability clause

Disclaimer of Warranty

A disclaimer of warranty informs users that the open source software is available as is and does not come with any warranties.

Here's how Foerster's disclaims warranties:

Foersters Open Source Licensing Agreement warranty disclaimer

Other Factors to Consider

When choosing the right license for your open source software, you should take into account attribution and legal requirements, license compatibility, and sublicensing terms.

Software developers have certain obligations they must meet when using open-source licenses. Developers must ensure that any modified code that is redistributed meets the license's requirements, such as providing a copy of the license along with the software and attributing (giving credit to) the authors.

Depending on the license, when redistributing software developers may need to:

  • Provide a copy of the license
  • Attribute the authors
  • Include a copyright notice
  • Make the source code available
  • Inform users of any changes they made to the original software
  • Include warranty or liability disclaimers
  • Provide patent rights to users
  • Follow any applicable rules for commercial use

The MIT license requires developers to provide the license's copyright and permission notice in any redistributed copies of the software and includes a warranty and liability disclaimer:

MIT license excerpt

License Compatibility

Developers should be aware that certain open-source licenses are not compatible with others.

Permissive licenses are typically compatible with one another, but permissive and copyleft licenses can be incompatible, and some copyleft licenses can be incompatible with other copyleft licenses.

Some open-source projects have licenses that allow developers to sell proprietary versions of the software, while others may restrict commercial use. Developers who want to distribute modified code may find that copyleft licenses (such as the GPL) are incompatible with many permissive licenses, as the combined work must be released under the copyleft license, which can restrict their ability to distribute proprietary versions of the software.

For example, many WordPress plugins are licensed under the GPL, which requires derivative works or modified versions that interact with the GPL to carry the GPL license.

Different versions of the same license can also be incompatible. For example, GPLv2 and GPLv3 are incompatible, as GPLv3's termination conditions are more permissive than GPLv2's.

Section 4 of the GPLv2 explains that if a user copies, modifies, sublicenses, or distributes the program in violation of the license's terms, their rights will automatically be terminated:

GNU General Public License Agreement v2: Restrictions section

In comparison, section 8 of the GPLv3 states that if a user violates the propagation and modification terms of the license, their rights will be automatically terminated, but if they stop violating the terms, their rights will be provisionally reinstated. If it is the first time a user has been notified of a violation and they cure the violation within 30 days of receiving the notification, their rights can be permanently restored:

GNU General Public License Agreement v3: Termination section

Sublicensing

Most open-source licenses should encourage rather than limit sublicensing, although some types of licenses do have sublicensing restrictions.

Many permissive licenses allow users the freedom to modify, redistribute, and create proprietary versions of the open source software.

For example, the Apache 2.0 license grants users a copyright license that enables them to sublicense the software as they see fit:

Apache License 2 Terms: Grant of Copyright License section

On the other hand, copyleft licenses may have restrictions on sublicensing.

Section 2 of the GPLv3 explains that it does not allow sublicensing:

GNU General Public License Agreement v3: Basic Permissions section

Where to Display an Open Source License for My Software?

GitHub has a licensing repository where you can maintain the open source license for your software. You can copy your license into a LICENSE.txt file in your project root in the GitHUb licensing repository. GitHub can typically detect this action and will show a license summary on your repository.

You can make a note of the license in your README file and put a license header in your project's source files so that users with copies of your code can easily access the license.

Here's our instruction guide on how to add an open source license to a GitHub repository.

Users can find open source software licensing information in GitHub's licensing repository:

GitHub license repository screenshot

Do I Need an Open Source License for My Software?

If you have developed open source software and you want other people to be able to use or modify it, then you need an open source license for your software. A license gives other people legal permission to use your software and outlines the terms they must agree to in order to use it.

Enforcement of Your Open Source License

Open source software license enforcement actions depend on whether the license is copyleft or permissive and the type of violation.

Copyleft License Enforcement

Copyleft licenses are based on copyright law and enforced using the same vocabulary and legal processes as traditional copyright licenses.

However, where copyright violations occur when someone shares a copyrighted work without permission, a copyleft license is violated when someone tries to put restrictions on the licensed product to keep other people from redistributing it.

Let's take a look at how enforcement works for a popular copyleft license, the GPL.

The Free Software Foundation (FSF) and the Software Freedom Conservancy created a statement of principles concerning GPL enforcement. These are community-oriented principles designed with a focus on protecting' users' ability to modify and redistribute open source software and working with users to resolve license violations.

Here are the principles for GPL enforcement:

  • The primary goal is GPL compliance.
  • Legal action should only be pursued after all other options have been exhausted.
  • Confidentiality should be considered before publicizing a company's misuse of a license.
  • Community-oriented enforcers cannot prioritize financial penalties.
  • Community-oriented enforcement cannot accept payment in exchange for turning a blind eye to a problem.
  • Enforcers must verify violations and conduct a comprehensive evaluation of relevant software to ensure no additional violations exist.
  • Compliance processes must provide GPLv3 copyright permission termination benefits to GPLv2 works.

The Software Freedom Conservancy publishes the Principles of Community-Oriented GPL Enforcement, including exploring other enforcement options before taking legal action or imposing financial penalties:

Software Freedom Conservancy Principles of Community-Oriented GPL Enforcement excerpt

If community enforcement measures aren't effective, other enforcement actions can include writing a cease-and-desist letter to request the violating party remedy the problem or filing a lawsuit.

The OSI maintains a list of resources for developers who need enforcement help, including links to the websites for the Free Software Licensing and Compliance Lab, which handles licensing-related issues for the FSF, and the Software Freedom Law Center, which provides legal representation and help to open source projects.

Permissive License Enforcement

Although permissive licenses are less restrictive than copyleft licenses, they can still be enforced if a user violates their conditions.

If a user fails to provide proper attribution, doesn't include a copy of the original license when distributing the software, or alters any copyright notices the license requires for redistribution, they may be in violation of the permissive license's terms.

Permissive licenses typically rely on community enforcement, although legal action may be taken if all else fails.

Summary

Software is considered open source if its source code is publicly accessible and users can change the source code or distribute copies or modified copies of the source code.

The benefits of open source software include cost, community, control, and security. The primary drawback of open source software is that it's not necessarily profitable for developers.

An open source software license gives users the right to access, use, alter, and redistribute the source code. Types of open source software licenses include permissive and copyleft licenses.

An Open Source Software Licensing Agreement explains the rights the open source software license grants and any restrictions that may apply to the software.

An Open Source Software Licensing Agreement typically contains the following clauses:

  • Scope of the software
  • Redistribution terms
  • Limitation of liability
  • Disclaimer of warranty

A few common types of open source licenses include the GNU, Apache License 2.0, and MIT license.

Consider the following factors when selecting your open source license:

  • Attribution and legal obligations
  • License compatibility
  • Sublicensing

Once you have chosen your open source license, GitHub has a licensing repository where you can display your license.

Enforcement of open source licenses typically falls on the community, but cease-and-desist letters and legal action are other options that may be taken if community-oriented enforcement fails.

Privacy Policy Generator
Comprehensive compliance starts with a Privacy Policy.

Comply with the law with our agreements, policies, and consent banners. Everything is included.

Generate Privacy Policy