Closed. This question is opinion-based. It is not currently accepting answers.
Want to improve this question? Update the question so it can be answered with facts and citations by editing this post.
Closed 7 years ago.
Improve this question
I am planning on starting a small php framework for a niche userbase. I will likely start with something like KISS MVC and HTML5 Boilerplate and change both of them beyond all reckoning to where there will be no simple way of updating either with the newer versions of the projects.
I will also bundle jQuery and parts of jQuery UI and some other 3rd party libraries that would likely benefit from updates down the line.
So, what is the best way to credit people and projects that have been included as a starting point but for which damn near every plank of the hull has been replaced? I was thinking about including a wall of thanks somewhere in the source code and/or on the project website? I don't even know how this is commonly done.
Also, for the updateable 3rd-party libraries (which are likely to mostly be JS), what is the best way to keep track of updates? Sometimes the api/interface changes, so automating the update fully may not be a wise direction to go in. Also, there might be a benefit to minifying all that JS and bundling it up into a single file—which may complicate updating down the line. I am thinking at this point, there is no way of getting around manually having to keep track of stuff.
I am curious to know what techniques people have developed for this kind of thing in their projects. Any other helpful reading about matters of 3rd party open source decorum and organization of assets would be appreciated.
Before you start using 3rd party code, check the licenses. Make sure the licenses are compatible and also check the requirements for the licenses.
I know that jQuery and jQuery UI are dual licensed under the terms of MIT and GPL. So you could then in any project and in combination with any other library.
Most OpenSource licenses require you include the copyright notice in every shipped product copy and with any source distribution. Given the nature of JavaScript means that also the JavaScript files served by the webserver should retain the copyright notice. So when you minimize the file you should make sure it still contains the copyright notice at the top of the file.
(Most authors wouldn't mind if you reduce the copyright notice to something like:
<library name> Copyright <year> <name> (<license name>);
<library name> Copyright <year> <name> (<license name>);
<library name> Copyright <year> <name> (<license name>);
for the minimized files)
If you're going to fork a project you need to retain the original copyright notice and append your name to the list.
It's not required by most licenses, but you can always list the 3rd party software you used on your project page and project documentation. In that case it's sufficient to mention the 3rd party software and link to their project page.
As for keeping stuff updated. There's not really a centralized point to get notifications from in case of updates. But this is also something you do not really want. Generally in software development you pick the current stable release of a 3rd party library and develop against it. You rarely ever update the 3rd party library unless you encounter a bug which is fixed in a new version, or when you're going to work on a new major version of your own project. Because updating a 3rd party library means that you have to retest everything to see if nothing got broken.
Related
Closed. This question does not meet Stack Overflow guidelines. It is not currently accepting answers.
This question does not appear to be about programming within the scope defined in the help center.
Closed 7 years ago.
Improve this question
My application is reaching a pretty nice beta/alpha level and I might at some point publish it. I have not decided what software license to use in my application. The application is under construction. I bet this must be a question that every developer thinks about at some point.
My software is more like a library and here are some key factors in my case:
It must be an open-source license.
It must be free for developers to use as a library for their applications.
Developers are allowed to redistribute the source code as part of their applications modified or unmodified.
The library can be used for closed-source software.
I want attribution/credit. A one-line credit in the software Help dialog or somewhere in about section of their website is fine. As long as it is reasonable easy for a 3rd-party to find out what library was used to produce the resulting software.
Forking a new project out of my existing source code should not be allowed. I want people to be able to use it and even modify it, but not clone a new similar product to compete against my existing product.
The license needs to state that I take no responsibility for any damage whatsoever.
Is there such a license? Would those requirements even fit in an open-source license?
Forking a new project out of my existing source code should not be allowed
Above is in conflict with Open Source idea (which allows/encourages forking). More info here: Which open source license has no forking
If you think that you can drop that requirement the best choice is LGPL and additional requirement that people must give you credit (you will have to define what type of attribution/credit do you want per different uses)
As James stated in previous comment:
Forks very rarely happen
It is very hard to fork a (big) project
You can benefit more if there are forks - you can take the good ideas from the fork and leave the bad. That way the better judgement about features/code will eventually win (which is part of the idea of Open Source)
Forking a new project out of my
existing source code should not be
allowed. I want people to be able to
use it and even modify it, but not
clone a new similar product to compete
against my existing product.
Ummm ... This is I have never heard of in a Open Source license, and I don't know of any that have this. How would you even word it? Determining the difference between a fork and someone else who has taken your code and just added a patch would be really hard.
Can you think about this one? Forks very rarely happen, and when they do they aren't always competition. Talent, ideas and even code can flow between the forks freely.
You need to speak to a lawyer, we aren't lawyers and don't know your application.
Prevention of forking with open source licenses is complicated, as James says.
For commercial applications, you may want to look at dual licensing.
As far as I know the LGPL allows forks.
You should be able to find one to suit your needs here:
http://en.wikipedia.org/wiki/Comparison_of_free_software_licenses
More specifically I think the GPU Lesser Public License might suit the needs of your library. Keeping in mind that like (all?) open source licenses, LGPL allows forking.
http://en.wikipedia.org/wiki/GNU_Lesser_General_Public_License
Closed. This question is opinion-based. It is not currently accepting answers.
Want to improve this question? Update the question so it can be answered with facts and citations by editing this post.
Closed 8 years ago.
Improve this question
The producing open-source software book is a gold mine of information on starting open-source projects. Yet I am hoping to learn more from the experience of stackoverflow users and was wondering what are the mistakes you made when starting a new open-source project (or difficulties you encountered when attempting to contribute to a new project), and how would you avoid these traps to become a successful project*?
**Successful loosely defined as a project that is used, and attracts active contributors.*
My two biggest mistakes are:
I expect the world to fall in love with my project as soon as I post it anywhere. If I don't get immediate feedback how great I am, I quickly lose interest.
When I get quick feedback, I often don't respond on a timely basis because I have so many projects.
"Eat Your Own Dog Food."
Be your first user. This is good:
to know what you're doing
to motivate yourself
to get early feedback
I think it's nearly impossible to write open source software you're not using yourself.
"Eat Your Own Dog Food" tries to break out of the vicious circle: Nobody uses the software because it is not useable; it is not useable because there is no user feedback. Try to develop something that is useful for you and see if it sticks and gains some traction.
Besides using the software yourself “Release Often, Release Early”. With release I do not mean publishing some source zip somewhere but a real end to end release.
Choosing the wrong license (for different values of 'wrong') is a common pitfall. Two examples:
1.) If you're using a license that does not allow for relicensing under different terms and you accept contributors code, you need to keep in mind that the code suddenly is not yours anymore. This is fine for some hobby project, but might limit your commercial options later. Of course, it also limits other's commercial options too.
An example for this is the GPL. Include contributed code under this license and you're bound to the GPL yourself and can't decide to dual-license later (unless you nail this down for every contributor). Even a simple change of the license to a similar OpenSource license is impossible: See the linux kernel - it's bound to GPL V2 and can't be updated to GPL V3.
2.) If you're using a permissive license (e. g. Apache, MIT, BSD) you need to keep in mind that not only you can go commercial and close the code later, but anybody else can do so too.
Don't get me wrong: I like the GPL, I'm happily contributing to GPL projects and am glad that these projects exist. I also like BSD, Apache, MIT (the permissive ones) and am contributing to projects that others exploit commercially, e.g. through "Enterprise Editions" of the software that I'm getting OpenSource. It's all fair game - you just have to be sure what options you want to have later. None is better, they're just different.
The first pitfall is to start a new project when there are already plenty of existing projects that are planning to do the same thing.
Currently I am starting a blog based on a talk that I have given on the FrOSCon here in germany.
First article: There shall be light – things to keep in mind when starting a project
Maybe this helps. I don't know how long it will take to write the following 19 blog posts.
I'll answer clinton here:
Not so obvious stuff for new users is:
For User focused software:
getting started guide (Get the software to run quickly)
screenshots! Users love screenshots and too few projects provide them
For developer centric software:
getting started guide ("get to code quickly" for example by explaining dependencies, structure, compile and start process)
code of conduct
I'll think a little bit more about it and add it here.
Positively super great documentation is a must.
Closed. This question is off-topic. It is not currently accepting answers.
Want to improve this question? Update the question so it's on-topic for Stack Overflow.
Closed 10 years ago.
Improve this question
We are developing a closed-source proprietary product that uses quite a few open source projects and we have not been methodically cataloging them, along with their licenses. Now we are trying to build a deployment package and we'd like to get into compliance. What's the easiest way to accomplish this?
Should we make one big text file with all the license information or should it be separate files for each open source project or each license? Do we have to include the actual file that came with the project? Does it have to be in the same directory as the project's files?
I was thinking of a simpler approach but I'm not sure if it complies. What if we just identified all the different licenses (not projects) and make up one big text file with all the license verbiage for each one, and at the top say something like "Product XYZ is proprietary software which incorporates open source software that is covered by the following licenses." (The individual open source projects would not be identified by name).
Or alternatively, the same as above, except identifying each project by name, along with their license, but all in 1 file?
Talk to a lawyer.
You can start by gathering license information for each package that you use and reading them. Many licenses (Boost license) are quite clear and permissive while others (GPLv3) are not so clear. Most of the time an attribution in your documentation will suffice. If you are distributing source, then you will likely need to distribute each license file along with either the source of each package or a reference to where it can be downloaded.
In any case, read the licenses and then talk to a lawyer.
You read the license for each component you're using, understand it, and do whatever it says is necessary to comply.
we have not been methodically cataloging them, along with their licenses.
You really should. The last thing you want to to find out right before you ship that one of the components you're using has an incompatible license, or onerous terms.
IANAL but each license typically tells you exactly what you have to do to be in compliance. Something like "this text must be included" or "this copyright line must be included". So read each one and do what it says. If they don't say that a specific file must be included then, yes you can combine them. Some even say you have to add it to your documentation as an attribution.
The advice to talk to a lawyer is probably the best on here (and +1 for that, as well). Something to remember, though - if you are including multiple licenses within your source, you need to comply with all of them. So, if all the licenses are permissive except one, you may have to open source your software.
Just something to be aware of.
Closed. This question needs to be more focused. It is not currently accepting answers.
Want to improve this question? Update the question so it focuses on one problem only by editing this post.
Closed 7 years ago.
Improve this question
The company I'm working for is facing some difficulties and our future is, let's say, uncertain. Over the last years, we have developed a framework to build community apps and social networks. We believe that this initiative should not be totally lost, and that it may be useful for the community, so we decided to open source it.
I have some questions regarding this process:
How to choose the most suitable license knowing that the original authors could still contribute and/or do some consulting ?
What are the necessary modifications we have to do in the codebase ?
Do you have some pointers to some existing docs / books which would cover this wide topic ?
I know that those questions are quite open and that there is no simple answer, but I would like to hear from some people with similar experiences.
Thanks in advance !
For the license, you have to ask what your goals are for the license. Is your goal to build a community of people who contribute code back, and not let anyone else create a proprietary fork of your code? Then the GPL would be a good license to choose. Is your goal to allow you to retain copyright, distribute it as open source, but offer an alternative license for people who want to link it to proprietary software? Again, the GPL might be a good choice, though in this case you'll need to make sure you set up copyright assignments from any other contributors that send changes back to you so that you can re-license their contributions.
It sounds like your code might be server-side software, in which case you may want to look into the AGPL; the AGPL is like the GPL, but also requires people to distribute the source to changes if they run it on their own server (which the GPL doesn't require, as it only ever requires anything when you distribute it).
If you want people to be able to build off of it while writing proprietary software, but still contribue changes back to your software itself, the LGPL is pretty good. If you don't care about proprietary forks, and want something that's simply permissive, then the MIT license is a good choice.
The only modifications that are necessary are those that remove any code you are not legally able to release. If you own the copyright on all of the code, then it should be all good, but be careful of any cryptographic code, and talk to a lawyer if there is any in your program. Export restrictions can be a pain to deal with, though they do have provisions that make the process simpler for open source software.
Beyond the necessary modifications, it is good to make sure your code is easy to build and run on as many systems as possible. For instance, you should check which of your dependencies are required, and which ones can be made optional. Some good documentation on how to build and install your software is also good, as well as all the usual things you want in any software development (not just open source), like an easy to build system, unit and regression tests, etc.
A few other things to think about are:
How will other people get their changes to you? Patches on a mailing list? Patches attached to bug reports? Forks on GitHub?
What revision control system will you use? I generally advocate for a distributed revision control system like Git or Mercurial, but Subversion is also very popular and should do the job.
Make sure you make it obvious how the community is supposed to work; a web page describing how to get the software and how to contribute, pointers to your mailing list or IRC channel or whatever medium you want it to be discussed on. If you are going to have a core group of committers or something, document how the process of choosing committers works.
I could go on listing more and details, but I'd probably be repeating things that have already been said. If you want more information, I'd recommend reading Producing Open Source Software by Karl Fogel.
If you're looking for ways to incorporate the open sourcing of this software into a strategy to make money for your company, Joel Spolsky's take is one of the most clearheaded I've read.
If you only read one book on the subject of open source licenses, then it would be hard to do better than Open Source Licensing by Lawrence Rosen.
We've done the same process last weeks. We choose Mercurial as version control system, which works like a charm. Bitbucket is a hosting company, which provides Open source projects with free hosting. You also need more documentation, because people from outside the world will hopefully join your project - this is something different from explaining things to your collegue next door.
One important thing is also that you have to keep in mind, that you now have an audience which you dont want to annoy. With internal development you often change your API, the database schema or something like that. With open source you have to keep in mind, that there should be compatibility between minor versions and clear migration paths if necessary.
Closed. This question is off-topic. It is not currently accepting answers.
Want to improve this question? Update the question so it's on-topic for Stack Overflow.
Closed 9 years ago.
Improve this question
I'm a software engineer, not a lawyer, and my university doesn't offer any courses geared toward licensing software. In fact, their law-related courses are lacking (but slowly growing in number). Where can I go to learn about open-source licenses and how to choose them?
There are lots described here:
http://www.gnu.org/licenses/license-list.html#SoftwareLicenses
The decision of which one to use can be political, but should ultimately be determined by your plans/desires for the software. If you want to ensure it is always free then choose GPL or another "Copyleft" license. If you don't mind some commercial use, choose another one that's compatible with that.
I almost always end up usign MIT or BSD (they're equivalent), since it
Is the most liberal license out there. It just says you're not responsible for any kind of trouble, and optionally forces people to include a copyright notice of your original work in derivatives.
It allows closed source derivatives, which is something I see as a good thing: companies sometimes don't have the possibility to do their work under the GPL (they may themselves use products or components from a third party with restricted licenses).
That, and the GNU/GPL bunch are generally extremists when you encounter them in the wild.
This can create endless discussion, but there is one tenet I would hold to whenever deciding what license to use: DON'T CREATE A NEW ONE!!
No matter how persuasive your legal guy's arguments that, because no current license exactly meets your project's unique needs, you should write your own, or even just "slightly modify" an existing one, treat him like a programmer coming to you arguing that he just HAS to use a GOTO statement because nothing else in the language will work.
Other advice:
Choose one which has major usage (see http://freshmeat.net/stats/#license)
See David A. Wheeler's discussion of why to choose a license compatible with the GPL - http://www.dwheeler.com/essays/gpl-compatible.html.
If you are looking for information regarding free and open source licenses a useful comparison chart: http://en.wikipedia.org/wiki/Comparison_of_free_software_licences
You could always just use the best one of all, the WTFPL. I use this on most of my school projects since they aren't that great anyways.
Wikipedia, of course, has basically all the information you would ever need to know. But the hard part is to know where to start. I'd recommend starting off by reading about the Apache License and the GNU GPL, which are two popular sides to the same story, each offering different freedoms to the people associated with the code.
But here it is in a nutshell: Apache License lets anyone do anything with your code, including taking it and using it in a closed source product. It gives whoever is taking the code the freedom to do what they want with it.
The GNU GPL, on the other hand, allows your code only to be used in a project that is also distributed under the GPL. In this case you might write some code and prevent a proprietary company from using your work. Here, you're giving freedom to the code itself that it will always be used for "free" purposes.
I'm slightly surprised to see no mention of the Open Source Initiative as a source of information about which open source licences exist. It probably doesn't do the comparisons, so the other sites are also worth checking.
More pragmatic reasons can also influence your choice of license - if you want to use a GPL library, you must use GPL yourself, or if you intend your software to be part of a larger project then you need to look at their requirements.
I've recently begun investigating the type of licensing to apply to a rather substantial piece of work. The number of choices and the content, restrictions (or not) and limitations of all the open-source licenses is bewildering. I've found a couple good links in the answers posted, but I didn't see anything pointing to the Open Source Initiative's alphabetical list of licenses, so I've included it here.
We had a similar dilemma. At our company we decided invest lots of time on a framework, with the eventual hope of releasing it to the open source community. The business is built using open source tools (apache, php, etc.), it was time to give back. We decided on an LGPL/MPL dual license. That way, we could incorporate fixes/improvements from the community, while still protecting applications (particularly ours) running on top of it from being forced to go open source as well.