Upgrade to Pro
— share decks privately, control downloads, hide ads and more …
Speaker Deck
Features
Speaker Deck
PRO
Sign in
Sign up for free
Search
Search
Software Licensing: A Minefield Guide
Search
Андрей Листочкин (Andrey Listochkin)
May 13, 2017
Programming
180
0
Share
Embed
Copy iframe code
Copy JS code
Copy link
Start on current slide
Software Licensing: A Minefield Guide
Андрей Листочкин (Andrey Listochkin)
May 13, 2017
More Decks by Андрей Листочкин (Andrey Listochkin)
See All by Андрей Листочкин (Andrey Listochkin)
Everybody Stand Back! I Know Regular Expressions
listochkin
0
220
Command-line scripting with Rust. Wait, what?!
listochkin
0
420
Server Memory - BuildStuff Ukraine 2019
listochkin
0
70
Server Memory - Chernivtsi JS 2019
listochkin
1
160
10 Years Later
listochkin
0
390
Managing Managers - DevTalks iHUB
listochkin
0
83
Time, Numbers, Text
listochkin
1
650
We Make Bots. For Real
listochkin
0
460
Devops for A Busy Developer - XP Days 2016
listochkin
0
190
Other Decks in Programming
See All in Programming
エージェンティックRAGにAWSで入門しよう!
har1101
9
1.8k
Strategic Design in the Frontend: Moduliths & Micro Frontends @DDDEurope
manfredsteyer
PRO
0
130
Contextとはなにか
chiroruxx
1
380
Hatena Engineer Seminar #37「言語モデルの活用に関する研究」
slashnephy
0
370
LLMによるContent Moderationの本番運用の裏側と品質担保への挑戦
suikabar
3
800
どこまでゆるくて許されるのか
tk3fftk
0
280
SREは、MCPとSRE Agentをこう使え!
kazumax55
0
130
Language Server 使ってる? 〜VSCode と Zed の場合〜 / Are you using a Language Server? ~For VS Code and Zed~
handlename
0
810
ローカルLLMでどこまでコードが書けるか -拡張版 / How much code can be written on a local LLM Extended
kishida
12
4.5k
Agentic UI
manfredsteyer
PRO
0
200
鹿野さんに聞く!『TypeScriptコードレシピ集』で磨く実践力
tonkotsuboy_com
4
900
AI駆動開発を妨げる技術的負債の解消アプローチ / ai-refactoring-approach
minodriven
15
8k
Featured
See All Featured
RailsConf & Balkan Ruby 2019: The Past, Present, and Future of Rails at GitHub
eileencodes
141
35k
AI in Enterprises - Java and Open Source to the Rescue
ivargrimstad
0
1.3k
VelocityConf: Rendering Performance Case Studies
addyosmani
333
25k
Utilizing Notion as your number one productivity tool
mfonobong
4
330
Gemini Prompt Engineering: Practical Techniques for Tangible AI Outcomes
mfonobong
2
450
Pawsitive SEO: Lessons from My Dog (and Many Mistakes) on Thriving as a Consultant in the Age of AI
davidcarrasco
0
170
XXLCSS - How to scale CSS and keep your sanity
sugarenia
250
1.3M
Discover your Explorer Soul
emna__ayadi
2
1.2k
The Power of CSS Pseudo Elements
geoffreycrofte
82
6.3k
Building Experiences: Design Systems, User Experience, and Full Site Editing
marktimemedia
0
550
JavaScript: Past, Present, and Future - NDC Porto 2020
reverentgeek
52
6k
The Cost Of JavaScript in 2023
addyosmani
55
10k
Transcript
None
@listochkin
This talk is not a legal advice Talk to your
lawyer
Also: In Ukraine I’m not required to make this disclaimer
<3 Ruby
8 days total
No Ruby Today
JavaScript Bash XML Rust
RustFest 2017 Kyiv
Videos are up!
Software Licensing
OpenSource
Which License to Choose?
MIT
End of Story
GPL MPL Apache Eclipse ICS BSD EU-PL CDDL
Facebook PATENTS file Oracle-Google JDK lawsuit Ubuntu ZFS inclusion OpenSSL
licence change etc.
Hard stuff!
Walkthrough
US EU Ukraine …
Trade Secret Trademark Patent Copyright
Trade Secret
Between you and your employer/partner
Trademark
Unregistered™ Registered®
Linux
Come up with the name Check if it is in
use If not you’re good ® and ™ aren’t required
Patents
Software Patents
de jure illegal in Ukraine de facto legal in the
US thus de facto legal in Ukraine, too!
WTO Agreement on Trade-Related Aspects of Intellectual Property Rights (TRIPS)
162 WTO countries Notable exception: Belarus
Software Patents are here
Copyright
Berne Convention © is not required
Author’s rights vs Copyright
You work at X and write code Ukraine: you are
the (co-)author US: X is an author
© 2010-2016 What’s the deal?
Publication date defines Expiry date
Changed file? New edition
Date is not always current! E.g. content hasn’t changed
You have no right to change website copyright year on
January 1st if site content didn’t change
Licensing & Public Domain
Old works transfer to public domain automatically Government code can
be public domain automatically
Dedicate to public domain Can be illegal in many countries
Germany
Unlicense CC0
Who owns copyright?
WFH Work-for-hire
US if no terms are defined in the contract you
give copyright to the company
Licensing
OpenSource
Free Software Foundation OpenSource Initiative Debian, OpenBSD, Apache
Goal?
1. Just share the code 2. Fame and Recognition 3.
Guarantee contributions 4. Allow double-licensing 5. Force OpenSource
1. Just Share the Code
WTFPL Unlicense CC0
WTFPL
No warranty clause
If your WTFPL code doesn’t work I can sue you
and WIN
Unlicense
Public Domain dedication Illegal in some countries
CC0
Falls back from PD to super-permissive license NOT OSI-approved
OMG WTF?!
Dual Licensing
CC0 + ISC + Apache2
CC0 ICS: permissive Apache2: … + patents
What’s up with patents?
Apache All contributors share patents Only the ones that they
have Ones that are required Common defence pool
Don’t own patents? No risk for you
2. Fame and Recognition
ISC + Apache
ICS ≈ MIT ≈ 2-clause BSD
1. State my name 2. No warranty
Why not BSD? Too many variants
Why not MIT? 1. Also many variants! 2. “Use” may
imply patent grant
ISC is the new MIT default on npm
3. Guarantee contributions
LGPL
C/C++ semantics No equivalence in many languages Best to avoid
File Copyleft
MPL2 EPL CDDL
Big issue: GPL compatibility
GPLv2 GPLv2 or later GPLv3 AGPL AGPL or later AGPLv3
with Classpath Exception with Linking Exception …
MPL2 has it built-in!
CDDL and EPL are incompatible
MPL2 EPL + LGPL2^ + AGPL3^
4. Dual-Licensing
OpenSource + Commercial
OpenCore Crippleware
ExtJS MongoDB SugarCRM …
Where is it Deployed?
Client: GPL Server: AGPL Client-Server: AGPL + Apache/ISC
Why not GPL for servers?
GPL provisions trigger on Distribution
20000 engineers write server code Billions of people use this
code 1 company No distribution
Contractor? Distribution
Employee at a service company? Distribution
Contribution License Agreement
You assign copyright to a project Project decides on licensing
terms
5. Force OpenSource
AGPLv3 GPLv3 GPLv2^
CLA
Do you need a CLA on your project?
YES and NO
Project license doesn’t define the license of contributions!
Inbound != Outbound
GitHub ToS has a “CLA” D.6.
Employees
US An employee assignes copyright to the employer by default
You may want a CLA-like
Linux: Developer Certificate of Origin Berneout Pledge AUTHORS Certificate etc.
Other Concerns
License notice in each file Licences in minified JS Licenses
for all deps AUTHORS file CLA/DSO/Pledge
BG // before GitHub AG // after GitHub
We can do better to ease the life of others
and reduce legal risks
CC0 + ISC + Apache2
“Yes, patents exist, we’re all in this together”
“Yes, use it in your closed-source project”
“Yes, I know you’ll forget to put my name and
license into a final build, and that’s OK”
Take Actions!
1. StackOverflow MIT Add CC0/ISC to your profile
2. Read Your Contracts!
3. Don’t be afraid to dual-licence
1. CC0 + ISC + Apache2 2. ISC + Apache2
3. MPL2 4. … 5. …
Or just use MIT because nobody cares anymore
Stories: Facebook PATENTS file Oracle vs Google OpenSSL license change
Ubuntu ZFS