Slashdot Mirror

← Back to Stories (view on slashdot.org)

FOSS License Proliferation Adding Complexity

Posted by kdawson on from the do-what-i-say-no-me dept.

E5Rebel writes "Business is embracing open source like never before, but the effective demise of SCO's claims against Linux doesn't mean an end to licensing problems, an analyst warns. The debate on Slashdot seems to focus on the GPL and its virtues, but there are 1,000-plus open source licenses (according to analyst Saugatuck), and businesses face having to manage multiple licenses within a single open source product. What can be done to minimize multiple-license pain for corporate open source adopters?"

8 of 201 comments (clear)

  1. Open source has a long ways to go by Anonymous Coward · · Score: 4, Insightful

    Open source has a long ways to go to match the number of different closed source licenses and eulas. Amateurs....

  2. 1000+ ??? by someone1234 · · Score: 4, Insightful

    I'm pretty sure there are no 1000+ OSI approved licenses.
    10 OSI approved licenses probably cover 90% of all open source.

    --
    Patents Drive Free Software as Hurricanes Drive Construction Industry
  3. Strawman by fishthegeek · · Score: 4, Interesting

    Check out Microsofts License-o-rama! If Microsoft as a corporation can't stick to even a few licenses what on earth makes anyone think that thousands of FLOSS programmers will share enough commonality among them that they would be willing to use fewer licenses.

    Microsofts licensing site doesn't even address the individual EULA's for products. Each MS product has a license that is nearly always unique to that product. So I say let those that do the work decide on how they would like or not like to share it.

    --
    load "$",8,1
  4. The un-problem by MisterBad · · Score: 4, Interesting

    The vast majority of businesses will never trigger _any_ of the provisions of the licenses for their Open Source software because they will not publicly re-distribute the software in verbatim or modified form.

    For those businesses that do, it is highly unlikely that they'll deal with more than the GPL or BSD licenses. Other licenses are important only for a single package or cluster of packages (e.g. the MPL, the Artistic License, or the Apache license), and companies that deal with these packages tend to be specialists in that area.

    This just really isn't a practical problem for most businesses. It's an issue that software aggregators like distros or SourceForge need to deal with, but not your normal everyday business.

    --
    Evan Prodromou | evan@prodromou.name | http://evan.prodromou.name/
  5. Do not distribute.But use is free! by leuk_he · · Score: 4, Insightful

    If you use open source software, and not redistribute it you can mostly ignore the open source license. You can use it on as many computers as you like with many strange license combinations. For closed commercial software you have to track all the licenses, for open source you do not have to track the number of uses.

    The real question begins if you want to distribute a packet of open source software and want to know if they are license compatible. ANd the real trouble starts if you want to use a loophole of some license to sell it bundled it together with your own commercial software.

  6. Well, yes and no. by jd · · Score: 4, Interesting
    Yes, you're absolutely right that there are only a few "core" licenses that others are derived from. NASA's Open Source license is based on the GPL, for example. However, there ARE a lot of licenses out there. It would be far, far better if there was some sort of inheritance mechanism for licenses. That way, it would be clear what had borrowed what from what, lawyers would be dealing with change sets (which they're familiar with) rather than re-written texts, and instead of a long linear list, we would have a much more compact tree.

    Would this reduce the number of licenses? Initially, no. You'd simply reorganize them into a structure. Would it improve understanding of the licenses? Yes. Understanding would increase exponentially, rather than linearly, as a person worked their way through. Would it eventually lead to a reduction in the number of licenses? Yes. A lot of them have trivial or insignificant change sets and making this obvious to all would create pressure to consolidate where appropriate.

    Ok, but doesn't the sheer number also create pressure? Yes, but it may NOT always be appropriate, and there may be unexpected and undesirable results. Make thing clear FIRST, and THEN make changes, not the other way round.

    --
    It's a small world and it smells funny; I'd buy another if it wasn't for the money; Take back what I paid (SoM)
  7. Re:copying is copying by Ohreally_factor · · Score: 4, Insightful
    Wrong: Internal distribution is fine and doesn't really count as distribution regarding the GPL.

    This article is semi-FUD, anyway. FTFA:

    Business users of open source software should review their Open Source licensing agreements, audit their use of Open Source and create formal policies for managing source code, especially mixed-source code. Which a business that is distributing code is doing anyway, via their legal department, outside counsel, and/or consultants.

    This issue has been highlighted in some open source discussion forums, but it is largely being ignored by IT and business leaders. Because the licenses are generally human readable by IT leaders, and business leaders have lawyers to handle that.

    The general attitude in the OSS world that I'm picking up is that license proliferation is not a major problem. Choice is supposed to be good, no? Find the license that best satisfies your needs, or write your own. The two camps that seem to have the most concern about too many licenses are the FUD-spinners trying to damage OSS or the Free-bies that are trying to steer everyone towards GPL 3 and FSF hegemony. (Yes, I'm a bit biased.)
    --
    It's not offtopic, dumbass. It's orthogonal.
  8. Re:Can you say FUD? by LiquidFire_HK · · Score: 5, Interesting
    I wrote a quick script to find the most-used licenses (this is from Gentoo's packages, which is a fairly representative sample, with nearly 12 000 packages).

    $ eix -v | grep License | awk '{print $2}' | perl -e 'while(<>){ chomp; $licenses{$_}=0 unless $licenses{$_}; $licenses{$_}++ } for (sort {$licenses{$b} <=> $licenses{$a}} keys %licenses) { print "$_ $licenses{$_}\n" }' | head
    GPL-2 6710
    BSD 711
    as-is 579
    LGPL-2.1 511
    || 428
    Artistic 344
    MIT 259
    LGPL-2 229
    public-domain 138
    PHP 124
    You can see the full list here. As you can see, a huge amount of the packages (85%+) use GPL or one of the other very popular licenses. "||" means multi-licensed, and most of those are Artistic/GPL. You'll notice that after the top 30 licenses, none are used in more than 10 packages. Of the 863 licenses, 729 are used in 5 or less packages, and 629 of them are used in only one package. Many of the one-ofs are fonts or closed-source licenses.

    So while I agree there are many licenses, the vast majority of projects use one of the popular licenses.