Closed. This question needs to be more focused. It is not currently accepting answers.
Want to improve this question? Update the question so it focuses on one problem only by editing this post.
Closed 7 years ago.
Improve this question
The company I'm working for is facing some difficulties and our future is, let's say, uncertain. Over the last years, we have developed a framework to build community apps and social networks. We believe that this initiative should not be totally lost, and that it may be useful for the community, so we decided to open source it.
I have some questions regarding this process:
How to choose the most suitable license knowing that the original authors could still contribute and/or do some consulting ?
What are the necessary modifications we have to do in the codebase ?
Do you have some pointers to some existing docs / books which would cover this wide topic ?
I know that those questions are quite open and that there is no simple answer, but I would like to hear from some people with similar experiences.
Thanks in advance !
For the license, you have to ask what your goals are for the license. Is your goal to build a community of people who contribute code back, and not let anyone else create a proprietary fork of your code? Then the GPL would be a good license to choose. Is your goal to allow you to retain copyright, distribute it as open source, but offer an alternative license for people who want to link it to proprietary software? Again, the GPL might be a good choice, though in this case you'll need to make sure you set up copyright assignments from any other contributors that send changes back to you so that you can re-license their contributions.
It sounds like your code might be server-side software, in which case you may want to look into the AGPL; the AGPL is like the GPL, but also requires people to distribute the source to changes if they run it on their own server (which the GPL doesn't require, as it only ever requires anything when you distribute it).
If you want people to be able to build off of it while writing proprietary software, but still contribue changes back to your software itself, the LGPL is pretty good. If you don't care about proprietary forks, and want something that's simply permissive, then the MIT license is a good choice.
The only modifications that are necessary are those that remove any code you are not legally able to release. If you own the copyright on all of the code, then it should be all good, but be careful of any cryptographic code, and talk to a lawyer if there is any in your program. Export restrictions can be a pain to deal with, though they do have provisions that make the process simpler for open source software.
Beyond the necessary modifications, it is good to make sure your code is easy to build and run on as many systems as possible. For instance, you should check which of your dependencies are required, and which ones can be made optional. Some good documentation on how to build and install your software is also good, as well as all the usual things you want in any software development (not just open source), like an easy to build system, unit and regression tests, etc.
A few other things to think about are:
How will other people get their changes to you? Patches on a mailing list? Patches attached to bug reports? Forks on GitHub?
What revision control system will you use? I generally advocate for a distributed revision control system like Git or Mercurial, but Subversion is also very popular and should do the job.
Make sure you make it obvious how the community is supposed to work; a web page describing how to get the software and how to contribute, pointers to your mailing list or IRC channel or whatever medium you want it to be discussed on. If you are going to have a core group of committers or something, document how the process of choosing committers works.
I could go on listing more and details, but I'd probably be repeating things that have already been said. If you want more information, I'd recommend reading Producing Open Source Software by Karl Fogel.
If you're looking for ways to incorporate the open sourcing of this software into a strategy to make money for your company, Joel Spolsky's take is one of the most clearheaded I've read.
If you only read one book on the subject of open source licenses, then it would be hard to do better than Open Source Licensing by Lawrence Rosen.
We've done the same process last weeks. We choose Mercurial as version control system, which works like a charm. Bitbucket is a hosting company, which provides Open source projects with free hosting. You also need more documentation, because people from outside the world will hopefully join your project - this is something different from explaining things to your collegue next door.
One important thing is also that you have to keep in mind, that you now have an audience which you dont want to annoy. With internal development you often change your API, the database schema or something like that. With open source you have to keep in mind, that there should be compatibility between minor versions and clear migration paths if necessary.
Related
Closed. This question does not meet Stack Overflow guidelines. It is not currently accepting answers.
This question does not appear to be about programming within the scope defined in the help center.
Closed 7 years ago.
Improve this question
I thinking of a good opensource licence to choose for my project. I got a few requirements but I have a hard time choosing a license because a read some different things about some of them.
The project is a Java project that can calculate decompression schemes for scuba diving. I want this project to be opensource because a wrong decompression scheme can be lethal. Therefore feedback on the algorithms and source code is important for me. I don't make my own algorithms but I use various opensource algorithms that I implement in 1 Java library.
My requirements are:
I and other contributers to the project don't want to be responsible for wrong calculated decompression schemes due to bugs in the code, miss use of the code or any other way that resulted in wrong decompression schemes.
The library should be able to use on a website I plan to build without the need to publish the server side code of the website.
It's not allowed to make any profit of the library itself. Even not even the library is changed and republished. However I don't mind if people sell programs the make use of the library.
If people change the code than they should be forced to re publish the library with an opensource licence (Optional requirement).
I hope someone with a bit more knowledge of licenses can help me out.
Well, there are a couple of things I notice right off the bat here.
First off, you talk about needing to be able to do things with your own code. If you are the copyright holder, you can do pretty much anything you damn well please with your own code. The license is for other people, not for you.
Also, disclaiming any responsibility for what the code may do to other folks is pretty much boilerplate with any license.
That being said, I've found in my work I can get by with the use of only 3 different kinds of licenses, depending on my needs.
Full on GPL
Benifits:
Nobody can ever take any of the code propreitary (without coming to me for a relicense). They can still use it and charge people, but since they'd have to license the result GPL, that wouldn't be particularly practical. The reason is that any of their users could give away all the free copies they like.
The sources are avilable for anybody to contribute to, so I might not have to find and fix every damn bug and write every new feature myself.
Drawbacks:
None of the code is usable in a properitary app
I use this typically for stand-alone apps.
GPL with linking exceptions
This is basically what it says; GPL with an exception that meerly linking against (or #including) the code does not render the entire result GPL. Here's an example from the Classpath library.
Benifits:
Nobody can ever take the code itself proprietary.
The code can be used in a proprietary product without making the whole closed-source product open-source. Only the GPL-licensed stuff has to stay GPL.
Drawbacks:
The facility itself can never be expanded into a proprietary facility. Generally a plus in my book, but it does deter some people from using it.
I use this typically for helper facilities and API's .
Public Domain
This means anyone can do anything they like with this code, including making a tiny tweak, slapping their own copyright on it and calling it theirs.
Benifits:
Anybody can feel free to use it however they like.
Drawbacks:
No protection from the code getting "stolen" by a proprietary software seller.
Impossible to do in may jurisdictions (a permissive BSD I understand can be a good alternative there).
I use this when I'm publishing something incomplete that I really want someone else to take over, or when publishing something that is supposed to be a reference implementation for a standard library.
Now in a case like yours what I would do is either:
Use GPL with the linking exceptions for the library. That will allow everyone (including you) to use the library in a proprietary application, but the library itself will always stay Free.
Use GPL, and insist that contributions from others have their copyrights assigned back to you. This allows you full rights to make your own proprietary app using other people's contributions, and doesn't allow anyone else (including those contributors) that same right. Kinda cheesy in my book, and will probably discourage outside contributors. However, only the most successful Free Software projects get any outside contributors anyway. So it may not be that much of a loss.
It came to my attention recently that Bruce Perens (one of the founders of OSI) actually made a blog post a year earlier that made the exact same point. He picked two different licenses than I did for the latter two though. He picked LGPL for the intermediate license, which I think is a mistake on his part. However, he picked the Apache License 2.0 for the latter license, and I think he may have a point on that one. The benefit you get from using Apache over straight Public Domain is that you are better protected from patent lawsuits. That isn't something poor little me really has to worry about, but your company is a different matter entirely.
This impossible. You say you want an open source license that prohibits making money. However, one of the key requirements for being an open source license is not making any restrictions with respect to commercialization.
Ergo, a license like you describe it cannot possibly exist.
And here the standard answer: StackOverflow is a site for programming questions. We are programmers. Your question is a legal question. This means that all answers (including mine) will be, by definition, crap, since we don't know WTF we're talking about.
For legal questions, ask a lawyer.
Closed. This question does not meet Stack Overflow guidelines. It is not currently accepting answers.
This question does not appear to be about programming within the scope defined in the help center.
Closed 7 years ago.
Improve this question
My application is reaching a pretty nice beta/alpha level and I might at some point publish it. I have not decided what software license to use in my application. The application is under construction. I bet this must be a question that every developer thinks about at some point.
My software is more like a library and here are some key factors in my case:
It must be an open-source license.
It must be free for developers to use as a library for their applications.
Developers are allowed to redistribute the source code as part of their applications modified or unmodified.
The library can be used for closed-source software.
I want attribution/credit. A one-line credit in the software Help dialog or somewhere in about section of their website is fine. As long as it is reasonable easy for a 3rd-party to find out what library was used to produce the resulting software.
Forking a new project out of my existing source code should not be allowed. I want people to be able to use it and even modify it, but not clone a new similar product to compete against my existing product.
The license needs to state that I take no responsibility for any damage whatsoever.
Is there such a license? Would those requirements even fit in an open-source license?
Forking a new project out of my existing source code should not be allowed
Above is in conflict with Open Source idea (which allows/encourages forking). More info here: Which open source license has no forking
If you think that you can drop that requirement the best choice is LGPL and additional requirement that people must give you credit (you will have to define what type of attribution/credit do you want per different uses)
As James stated in previous comment:
Forks very rarely happen
It is very hard to fork a (big) project
You can benefit more if there are forks - you can take the good ideas from the fork and leave the bad. That way the better judgement about features/code will eventually win (which is part of the idea of Open Source)
Forking a new project out of my
existing source code should not be
allowed. I want people to be able to
use it and even modify it, but not
clone a new similar product to compete
against my existing product.
Ummm ... This is I have never heard of in a Open Source license, and I don't know of any that have this. How would you even word it? Determining the difference between a fork and someone else who has taken your code and just added a patch would be really hard.
Can you think about this one? Forks very rarely happen, and when they do they aren't always competition. Talent, ideas and even code can flow between the forks freely.
You need to speak to a lawyer, we aren't lawyers and don't know your application.
Prevention of forking with open source licenses is complicated, as James says.
For commercial applications, you may want to look at dual licensing.
As far as I know the LGPL allows forks.
You should be able to find one to suit your needs here:
http://en.wikipedia.org/wiki/Comparison_of_free_software_licenses
More specifically I think the GPU Lesser Public License might suit the needs of your library. Keeping in mind that like (all?) open source licenses, LGPL allows forking.
http://en.wikipedia.org/wiki/GNU_Lesser_General_Public_License
Closed. This question is opinion-based. It is not currently accepting answers.
Want to improve this question? Update the question so it can be answered with facts and citations by editing this post.
Closed 8 years ago.
Improve this question
The producing open-source software book is a gold mine of information on starting open-source projects. Yet I am hoping to learn more from the experience of stackoverflow users and was wondering what are the mistakes you made when starting a new open-source project (or difficulties you encountered when attempting to contribute to a new project), and how would you avoid these traps to become a successful project*?
**Successful loosely defined as a project that is used, and attracts active contributors.*
My two biggest mistakes are:
I expect the world to fall in love with my project as soon as I post it anywhere. If I don't get immediate feedback how great I am, I quickly lose interest.
When I get quick feedback, I often don't respond on a timely basis because I have so many projects.
"Eat Your Own Dog Food."
Be your first user. This is good:
to know what you're doing
to motivate yourself
to get early feedback
I think it's nearly impossible to write open source software you're not using yourself.
"Eat Your Own Dog Food" tries to break out of the vicious circle: Nobody uses the software because it is not useable; it is not useable because there is no user feedback. Try to develop something that is useful for you and see if it sticks and gains some traction.
Besides using the software yourself “Release Often, Release Early”. With release I do not mean publishing some source zip somewhere but a real end to end release.
Choosing the wrong license (for different values of 'wrong') is a common pitfall. Two examples:
1.) If you're using a license that does not allow for relicensing under different terms and you accept contributors code, you need to keep in mind that the code suddenly is not yours anymore. This is fine for some hobby project, but might limit your commercial options later. Of course, it also limits other's commercial options too.
An example for this is the GPL. Include contributed code under this license and you're bound to the GPL yourself and can't decide to dual-license later (unless you nail this down for every contributor). Even a simple change of the license to a similar OpenSource license is impossible: See the linux kernel - it's bound to GPL V2 and can't be updated to GPL V3.
2.) If you're using a permissive license (e. g. Apache, MIT, BSD) you need to keep in mind that not only you can go commercial and close the code later, but anybody else can do so too.
Don't get me wrong: I like the GPL, I'm happily contributing to GPL projects and am glad that these projects exist. I also like BSD, Apache, MIT (the permissive ones) and am contributing to projects that others exploit commercially, e.g. through "Enterprise Editions" of the software that I'm getting OpenSource. It's all fair game - you just have to be sure what options you want to have later. None is better, they're just different.
The first pitfall is to start a new project when there are already plenty of existing projects that are planning to do the same thing.
Currently I am starting a blog based on a talk that I have given on the FrOSCon here in germany.
First article: There shall be light – things to keep in mind when starting a project
Maybe this helps. I don't know how long it will take to write the following 19 blog posts.
I'll answer clinton here:
Not so obvious stuff for new users is:
For User focused software:
getting started guide (Get the software to run quickly)
screenshots! Users love screenshots and too few projects provide them
For developer centric software:
getting started guide ("get to code quickly" for example by explaining dependencies, structure, compile and start process)
code of conduct
I'll think a little bit more about it and add it here.
Positively super great documentation is a must.
Closed. This question is opinion-based. It is not currently accepting answers.
Want to improve this question? Update the question so it can be answered with facts and citations by editing this post.
Closed 8 years ago.
Improve this question
Contributing to open source can have many forms: working with issue trackers, patches, further development, documenting, funding, etc. Assuming your company uses open source projects, what is the single most important reason why you're not contributing back to the community?
Developers cost us money. Open source does not cost us money. Hence, if we start giving developers time to work on open source software then open source loses its competitive advantage and we may as well give MS a call since at least we can define how much money they cost us upfront.
We do, we're founded on Open Source - but I guess we're special ;)
Anyway, this is not like a true answer to your question, but rather an answer to the "questions" in the other answers I guess. There are many ways to contribute to Open Source. Sure you can contribute code, but the other thing you can contribute is money by donating. Jeff Atwood (one of the founders of SO) did this a couple of months ago to a wiki system system I know.
When I worked for my previous startup we gave WatiN $300. This is a contribution, and probably a both a better (and at least cheaper) contribution then having one of our coders trying to figure out the code model and coding standard etc behind WatiN and then fix some bug and supply a patch.
But the THIRD way to "contribute" to your favorite Open Source project is more subtle, but often the definitive best way you can contribute which is by giving it attention like I just did with WatiN through that link.
I am willing to be $100 on that someone reading this answer will check out the link to WatiN, read about the project and download it and start using it in their own test suites. And they should since WatiN is a great Open Source project and Jeroen the guy behind it is truly helpful!
That is also contributing. Helping your favorite Open Source project get some attention by telling others how great it is!
We do contribute back to open source in the one situation where it would be pure insanity not to. When we fix bugs, we always ensure that they are pushed upstream.
As I say, it would be really insane to not do that, and have the alternative of maintaining a fork.
Our management doesn't understand open source. I'm not sure that our boss understands that we are using OSS for development.
In the last time, our boss wanted to release some stuff as open source, but the package should be bundled with a support-contract, so I don't believe he really knows what Open-Source means.
So in one sentence: we don't give back to open source because our management doesn't understand the concept behind open source.
Update: Now we have an OS-product, but our management do not understand it until today. Actually we did it, because some of our customers talked about open-source (and really meant for free).
We contribute back patches and bugfixes.
We don't generally start new projects, though. We don't really have the overhead to support such a project. Unfortunately, you can't just post a tarball on a website and expect strangers to add features to your code. It takes work to build a community.
Developer time/team resources, and the "appropriateness" of contributing code back.
Meaning that, if we make modifications to an OSS project, sometimes the changes aren't necessarily appropriate to contribute back to the project. This may be because of IP rights, but actually, the most common reason is that we simply don't anticipate that other people would require such specific modifications to the software in the way that we've made it. So generally speaking, such patches don't make sense to send back to the team developing the OSS project.
In other cases, these changes could be sent as a patch to the OSS project developers, but this would require cleaning up/reformatting the code, separating out private company data from the patch, etc. Usually, if we're using OSS software in the beginning, we don't care about such things, because most OSS software is somewhat dirty in terms of code quality anyways (ie, no test cases, coding standards, documentation, etc.). Therefore, the time required to clean up our dirty fixes to already dirty code is usually more time than we want to spend for the altruism factor here.
That said, I have worked at companies that did contribute back to OSS projects when necessary, and those that did not made monetary contributions to some OSS projects or distributions.
In my opinion the biggest problem is that most companies are doing development for projects. If a project develops something that is worthwhile to be published as open source the commitment for maintenance can only be given till the project is finished. After that no more resources are available for further developments, support of the community, bug fixes etc. This usually means a slow death for the open source "product".
Also, some companies are very eager to look at the PR for things they publish, and this usually means to go through all the processes for publications. This is something which in general overwhelms engineers and programmers.
Getting it through legal. Seriously, even as a huge contributer to open source software, as a large company the bureaucracy is a killer. (Hope Legal don't read this:)
The company I work for produces software that is proprietary and our software is highly specialized and is our major competitive advantage over all the other companies in our industry. Can't imagine why Open Source isn't something we encourage.
What about a company that doesn't have developers? Maybe they're not a software group, and are using OSS to save money, a la a web-based group that uses LAMP, but never modifies any of the components?
In our case, we produce extremely customized software for the specific circumstances of a state office. Because of that, our software has no utility for anyone else. Being a state office, we aren't at liberty to "donate" time or money, either.
In theory, we could open-source some of our documentation, but again a lack of demand would make it nothing more than an empty gesture.
Business logic.
If I start building a project where I use the source code for a FLOSS project rather than just a library then I need to develop with an awareness of two factors: the changes to the code to make it do what I want and those aspects that I would be allowed to release to the world.
Generally it's not that difficult to do this, but if deadlines are tight then I'm not going to 'waste' time stripping out our proprietary extensions.
Programmers cost us money, but contributing to open source doesn't generate a cent of revenue.
We do contribute and are very proud of it !
http://hg.nuxeo.org/opensocial is all about our contribution to Nuxeo from Leroy Merlin.
Ok, i doesn't generate a cent of revenue, but it doesn't really costs more. And when people will contribute to our code (patches, bug fixes, extension), this will be code that will cost us nothing.
Moreover, our contribution is now included in the core feature of Nuxeo, so now we will benefit of a vendor certified integration of our code.
I am not sure contributing with money is the best way to help OpenSource software. When Jeff Atwood gave some $5000 to an OpenSource project the lead of the project was grateful... but if I recall correctly he was not too sure about what to do with it.
Developers who contribute to OpenSource projects are not paid to do so. They do it because they like it, want to prove something to themselves, etc... but money is never the cause since they know that they won't probably earn a dime. At best, they might attract attention which may then generate revenues (think new employer, more traffic to their blog, etc...)
Now, I don't say that one should not contribute, but I think that monetary contributions are not as efficient as one might think, companies have a tendency to think that their model (capitalist) naturally extend to everything around them :/
In my opinion, an OpenSource project benefit more from patches/bug reports than from direct monetary contribution, exceptions being hosting the website / repository of the project or financing meetings for the top contributors so that they can discuss face to face when the need arise, but though this cost money, this is not directly giving money.
Even though we do give back to open source as code patches, and releasing open source software I can understand why other companies don't. Because "it doesn't make any profit" :)
Closed. This question is off-topic. It is not currently accepting answers.
Want to improve this question? Update the question so it's on-topic for Stack Overflow.
Closed 9 years ago.
Improve this question
I'm a software engineer, not a lawyer, and my university doesn't offer any courses geared toward licensing software. In fact, their law-related courses are lacking (but slowly growing in number). Where can I go to learn about open-source licenses and how to choose them?
There are lots described here:
http://www.gnu.org/licenses/license-list.html#SoftwareLicenses
The decision of which one to use can be political, but should ultimately be determined by your plans/desires for the software. If you want to ensure it is always free then choose GPL or another "Copyleft" license. If you don't mind some commercial use, choose another one that's compatible with that.
I almost always end up usign MIT or BSD (they're equivalent), since it
Is the most liberal license out there. It just says you're not responsible for any kind of trouble, and optionally forces people to include a copyright notice of your original work in derivatives.
It allows closed source derivatives, which is something I see as a good thing: companies sometimes don't have the possibility to do their work under the GPL (they may themselves use products or components from a third party with restricted licenses).
That, and the GNU/GPL bunch are generally extremists when you encounter them in the wild.
This can create endless discussion, but there is one tenet I would hold to whenever deciding what license to use: DON'T CREATE A NEW ONE!!
No matter how persuasive your legal guy's arguments that, because no current license exactly meets your project's unique needs, you should write your own, or even just "slightly modify" an existing one, treat him like a programmer coming to you arguing that he just HAS to use a GOTO statement because nothing else in the language will work.
Other advice:
Choose one which has major usage (see http://freshmeat.net/stats/#license)
See David A. Wheeler's discussion of why to choose a license compatible with the GPL - http://www.dwheeler.com/essays/gpl-compatible.html.
If you are looking for information regarding free and open source licenses a useful comparison chart: http://en.wikipedia.org/wiki/Comparison_of_free_software_licences
You could always just use the best one of all, the WTFPL. I use this on most of my school projects since they aren't that great anyways.
Wikipedia, of course, has basically all the information you would ever need to know. But the hard part is to know where to start. I'd recommend starting off by reading about the Apache License and the GNU GPL, which are two popular sides to the same story, each offering different freedoms to the people associated with the code.
But here it is in a nutshell: Apache License lets anyone do anything with your code, including taking it and using it in a closed source product. It gives whoever is taking the code the freedom to do what they want with it.
The GNU GPL, on the other hand, allows your code only to be used in a project that is also distributed under the GPL. In this case you might write some code and prevent a proprietary company from using your work. Here, you're giving freedom to the code itself that it will always be used for "free" purposes.
I'm slightly surprised to see no mention of the Open Source Initiative as a source of information about which open source licences exist. It probably doesn't do the comparisons, so the other sites are also worth checking.
More pragmatic reasons can also influence your choice of license - if you want to use a GPL library, you must use GPL yourself, or if you intend your software to be part of a larger project then you need to look at their requirements.
I've recently begun investigating the type of licensing to apply to a rather substantial piece of work. The number of choices and the content, restrictions (or not) and limitations of all the open-source licenses is bewildering. I've found a couple good links in the answers posted, but I didn't see anything pointing to the Open Source Initiative's alphabetical list of licenses, so I've included it here.
We had a similar dilemma. At our company we decided invest lots of time on a framework, with the eventual hope of releasing it to the open source community. The business is built using open source tools (apache, php, etc.), it was time to give back. We decided on an LGPL/MPL dual license. That way, we could incorporate fixes/improvements from the community, while still protecting applications (particularly ours) running on top of it from being forced to go open source as well.