It seems self-evident that using open-source software and licenses is beneficial to all parties involved, with the possible exception of some businesses.
For this reason, we’ll only focus on how these licenses are to be used from a developer’s perspective and the consequences for the user.
TL;DR
- Code with no license attached is under exclusive copyright.
- Public GitHub repos with no license attached are under exclusive copyright (users can only see and fork them).
- Use MIT for business-friendly open source projects.
- Use GPL for non business-friendly open source projects.
Permissive or Restrictive
When considering what open-source license to use for your project, there is one main consideration: do we want it permissive or restrictive?
In a nutshell, restrictive licenses work a bit like viruses: They require derived and/or accompanying work to also be licensed under an open-source license. In contrast, permissive licenses have a more “Do what you want” approach.
As a consequence, restrictive licenses are often a burden for businesses: they will likely need to include copyrighted work in their products. Keep in mind that this doesn’t really apply to private use. As long as you don’t distribute or sell the licensed software, you have nothing to worry about (as long as it’s FOSS of course).
You can read more about the various licenses here and here.
Main players
MIT
The most simple (as in the text is explicit and concise) and popular one by far. It is very business friendly as it doesn’t require much of anything.
Your MIT licensed code can be used by whoever to do whatever. They don’t even have to give credit. Only thing they can not do is hold you liable.
If as a business you stumble across some MIT licensed code, feel free to use it as you want. This includes using it within a closed source project.
Similar licenses include the Apache License 2.0 (full text).
GPL & friends
As explained above, being a restrictive copyleft license, this family of licenses broadly require all linked work to use the same license. What this “linked” means varies from one to another.
Your GPL licensed code can be used freely only in projects under the same or similarly restrictive licenses. If as a business you stumble across some GPL licensed code and plan to use it within a closed source project, do so at your own risk.
Similar licenses include the Mozilla Public License 2.0 (full text).
Let’s go over a couple of notable variations of this license.
Lesser GPL and Affero GPL
A more permissive and restrictive version of the GPL respectively.
LGPL is non-restrictive as long as the licensed work is being used “through interfaces provided by the licensed work”. AGPL is more restrictive in that when the licensed work is being used “to provide a service over a network, the complete source code […] must be made available”.
To keep it simple:
- LGPL draws an exception for libraries.
- AGPL also considers it “derived work” if it sits behind a network.
GPLV2 vs GPLV3
Without getting into too much detail, other than the fact that V3 is stricter than V2, the former has a specific consideration regarding hardware:
If the software is part of a consumer device, you must include the installation information necessary to modify and reinstall the software.
So not only does V3 limit what derived work can be used for in terms of other software, but also in terms of hardware.
Others
Unlicense
As stated in the full text, this license dedicates the work to the public domain. No copyright, no restrictions, no strings attached.
WTF & IDGAF
Honorable mentions shall go to Do What The Fuck You Want To and IDGAF licenses. Some people just can’t be bothered.
No License
So what happens if you don’t license your work? By default, you have full exclusive copyright: nobody can do anything with that work without your permission or without the risk of legal litigation.
This is irrelevant if you keep your work private, but might lead to interesting situations when sharing it. Say a user stumbles upon your unlicensed code on the internet. This user has three options:
- Don’t use the software.
- Negotiate a private license/Bring a lawyer.
- Yarr me salty seadog!
This is awkward and can be messy to deal with: just license the work!
GitHub TOS
This leaves us with a final consideration on GitHub TOS:
By setting your repositories to be viewed publicly, you agree to allow others to view and fork your repositories.
So in trusting Microsoft, we agree that our unlicensed, public repos are free to view and fork, but nothing else. This leaves us in the same situation we described before, with the exception that we can now count on GitHub to enforce our copyright.
Just license your work!