SlideShare a Scribd company logo

Managing Open Source Licenses (Geeks Anonymes)

Geeks Anonymes
Geeks Anonymes

Présentation de Jérémie Fays aux Geeks Anonymes, le 4 décembre 2020

Software
1 of 40
Download to read offline
4 décembre 2020 ULiège - Interface Entreprises Recherche & Innovation Managing Open source licenses
Jérémie Fays Civil engineer in geology @ Interface ULg since 2004 Freelance : ▸ Websites ▸ Photographer : Insta @jeremiefays Geek Geek Anonymes : https://www.recherche.uliege.be/geeksanonymes
What is Open Source ?
History •  1950 : software source freely available •  1974 : Software copyright •  1985 : Free Software foundation •  1989 : GPLv1 license (copyleft ) •  4 freedoms : run, study, modify, distribute •  1998 : Open Source Initiative •  Today : OS won the war !
Licenses No license = no rights !
Licenses Public domain (WTFPL) Open source (FOSS) Academic / permissive MIT, BSD, Apache, X11 Weak copyleft LGPL, MPL Strong copyleft GPL, EUPL Super strong copyleft AGPL Closed source (commercial) Freeware Shareware / freemium Other commercial licenses
MIT, BSD,ISC, Apache v2.0 GPL v2-3 LGPL v2-3 Others (100+) Data from Blackduck, June 2018 Permissive Copyleft Weak copyleft Most used OS licenses…
Apache v2.0, MIT, BSD No copyleft Could be integrated in closed source software You must mention authors Trigger : distribution
GPL v3 Strong copyleft Source code has to be available ‘contaminates’ the whole work You must mention authors Trigger : distribution
GPL v2 Strong copyleft You must mention authors Source code has to be available ‘contaminates’ the whole work Incompatible with a lot of common licenses Trigger : distribution
AGPL v3 “Affero GPL” Super strong copyleft Source code has to be available ‘contaminates’ the whole work You must mention authors Trigger : distribution & interactions through a network
LGPL v3 Weak copyleft Could be integrated in closed source software, provided you make possible to link with another version of the library Intended for libraries You must mention authors Trigger : distribution
Creative Commons licenses Not adapted to software! Adapted to documentation Attribution Attribution No derivatives Attribution No commercial use Share alike Attribution Share alike Attribution No commercial use Attribution No commercial use No derivatives
How contaminating is copyleft (GPL) ?
Copyleft “contamination” •  Compiled in 1 executable à contamination •  Calling another executable and sharing data through command line or file à no contamination •  Run a software on a ‘copyleft’ operating system à no contamination from OS •  Interact with a webservice through standardized protocol (query online database with SQL) à no contamination
Copyleft “contamination” But a lot of grey zone…
Are there compatibility problems ?
“I don’t like to give bad news” © Jérémie fays
PhD Thesis - SimCity Effect of urban development on traffic jam SimCity 2D engine for maps Export to xls Color picker (palette)
PhD Thesis - SimCity SimCity 2D engine for maps Export to xls Color picker (palette) May I sell Licenses ? Effect of urban development on traffic jam
PhD Thesis - SimCity SimCity 2D engine for maps Export to xls Color picker (palette) May I sell Licenses ? Effect of urban development on traffic jam
PhD Thesis - SimCity SimCity 2D engine for maps Export to xls Color picker (palette) May I Open Source ? Effect of urban development on traffic jam
PhD Thesis - SimCity SimCity 2D engine for maps Export to xls Color picker (palette) May I Open Source ? Effect of urban development on traffic jam
Some known compatibilty problems •  BSD-4 à GPL •  Apache v1, v1.1 à GPL •  GPLv2 à GPLv3 •  GPLv3 à GPLv2 •  MPLv1.1 à GPL ! GPL compatible licences https://www.gnu.org/licenses/license-list
Dual licensing Purpose : ▸ Prevent compatibility issues (ex : using GPL v2+) ▸ Run a dual licensing business model Needs agreement of all rights owners ▸ 1 owner, or… ▸ All owners agree, or… ▸ Unify rights via CLA (Contributor License Agreement)
Freedom to operate Source : David A. Wheeler
How do I detect Open Source ?
How to detect Open Source ? 1.  Ask the developers (Uliège : Software disclosure form) 2.  Source code scanning tool ▸  open source licence finder ▸  Fossology (free) ▸  open source code finder ▸  Synopsys (Black Duck) – also binary detection ▸  Antelink ▸  Revenera
How to solve incompatibility ?
How to solve incompatibility ? •  Don’t bother (short code) •  Rewrite •  Replace with another library •  Ask authors for a different license •  Split your software (if at all possible)
What are the risks ?
What are the risks ? 1.  OS license incompatibility in an open source project è  Reputation è  Trouble in OS community è  (Lawsuit) è  Stop distribution
What are the risks ? 2.  Copyleft code in commercial code è  Development costs to clear the situation è  Lawsuit è  reputation è  open your code !! è  pay damages è  Dev companies : your customer could be sued
How to manage Open Source ?
For developpers… •  Choose a distribution strategy from the start (commercial, permissive, copyleft…) •  and choose dependencies with a compatible license •  Ask your employer •  Before contributing to an open source project •  Before integrating OS in the company software !
For developpers… •  Document your code with legal stuff •  Copyright and license header in each source file •  LICENSE and AUTHOR file •  Use a Version Control System (Git, SVN…) •  Test in branches •  Track who did what •  Use Fossology
For companies… Setup an Open Source Policy !
For companies : Open Source Policy •  OS licenses allowed, and not allowed •  Other criteria : maintenance, quality, security… •  Clear and rapid validation procedure •  Contributing to an open source project •  Inventory of dependencies •  Use tracking tools
Jérémie Fays j.fays@uliege.be +32 4 349 85 21 www.linkedin.com/in/jeremiefays Need some advice ?

Recommended

Leveraging Open Source
Leveraging Open SourceLeveraging Open Source
Leveraging Open SourceJohn Lewis
 
Open Source Software Concepts
Open Source Software ConceptsOpen Source Software Concepts
Open Source Software ConceptsJITENDRA LENKA
 
The Importance of Free Software
The Importance of Free SoftwareThe Importance of Free Software
The Importance of Free SoftwareBrent Toderash
 
Introduction to License Compliance and My research (D. German)
Introduction to License Compliance and My research (D. German)Introduction to License Compliance and My research (D. German)
Introduction to License Compliance and My research (D. German)dmgerman
 
GoOpen 2010: Sandro D'Elia
GoOpen 2010: Sandro D'EliaGoOpen 2010: Sandro D'Elia
GoOpen 2010: Sandro D'EliaFriprogsenteret
 
Leaping the chasm from proprietary to open: A survivor's guide
Leaping the chasm from proprietary to open: A survivor's guideLeaping the chasm from proprietary to open: A survivor's guide
Leaping the chasm from proprietary to open: A survivor's guidebcantrill
 
Open Source & Open Development
Open Source & Open Development Open Source & Open Development
Open Source & Open Development Sander van der Waal
 
Intro to open source - 101 presentation
Intro to open source - 101 presentationIntro to open source - 101 presentation
Intro to open source - 101 presentationJavier Perez
 

Recommended

Leveraging Open Source
Leveraging Open SourceLeveraging Open Source
Leveraging Open SourceJohn Lewis
 
Open Source Software Concepts
Open Source Software ConceptsOpen Source Software Concepts
Open Source Software ConceptsJITENDRA LENKA
 
The Importance of Free Software
The Importance of Free SoftwareThe Importance of Free Software
The Importance of Free SoftwareBrent Toderash
 
Introduction to License Compliance and My research (D. German)
Introduction to License Compliance and My research (D. German)Introduction to License Compliance and My research (D. German)
Introduction to License Compliance and My research (D. German)dmgerman
 
GoOpen 2010: Sandro D'Elia
GoOpen 2010: Sandro D'EliaGoOpen 2010: Sandro D'Elia
GoOpen 2010: Sandro D'EliaFriprogsenteret
 
Leaping the chasm from proprietary to open: A survivor's guide
Leaping the chasm from proprietary to open: A survivor's guideLeaping the chasm from proprietary to open: A survivor's guide
Leaping the chasm from proprietary to open: A survivor's guidebcantrill
 
Open Source & Open Development
Open Source & Open Development Open Source & Open Development
Open Source & Open Development Sander van der Waal
 
Intro to open source - 101 presentation
Intro to open source - 101 presentationIntro to open source - 101 presentation
Intro to open source - 101 presentationJavier Perez
 
Open-Source Software Panel - IP Track
Open-Source Software Panel - IP TrackOpen-Source Software Panel - IP Track
Open-Source Software Panel - IP TrackAaron G. Sauers, CLP
 
Introduction To Open Source
Introduction To Open SourceIntroduction To Open Source
Introduction To Open SourceUchechukwu Obimma
 
What is open source
What is open sourceWhat is open source
What is open sourceAnuchit Chalothorn
 
Lecture 2011.05A - FOSS Fundamentals (Digital Sustainability)
Lecture 2011.05A - FOSS Fundamentals (Digital Sustainability)Lecture 2011.05A - FOSS Fundamentals (Digital Sustainability)
Lecture 2011.05A - FOSS Fundamentals (Digital Sustainability)Marcus Dapp
 
Open source operating systems
Open source operating systemsOpen source operating systems
Open source operating systemsTushar B Kute
 
Using Open Source for Enterprise
Using Open Source for EnterpriseUsing Open Source for Enterprise
Using Open Source for EnterpriseEric Fesler
 
Opensource
OpensourceOpensource
OpensourceDave Everitt
 
The Rise of Open Source
The Rise of Open SourceThe Rise of Open Source
The Rise of Open SourceMartin Westhead
 
Open Source vs Proprietary
Open Source vs ProprietaryOpen Source vs Proprietary
Open Source vs ProprietaryM. Antoinette Jerom
 
Open Source
Open SourceOpen Source
Open SourceJohn Gs
 
Economics of Open Source Software
Economics of Open Source SoftwareEconomics of Open Source Software
Economics of Open Source SoftwareRay Toal
 
A research and innovation perspective on Free and Open Source Software (FOSS)
A research and innovation perspective on Free and Open Source Software (FOSS)A research and innovation perspective on Free and Open Source Software (FOSS)
A research and innovation perspective on Free and Open Source Software (FOSS)Derek Keats
 
Gup2011| open source
Gup2011| open sourceGup2011| open source
Gup2011| open sourceOutserve
 
Open Source
Open SourceOpen Source
Open Sourcenqfaq
 
OPEN SOURCE SEMINAR PRESENTATION
OPEN SOURCE SEMINAR PRESENTATIONOPEN SOURCE SEMINAR PRESENTATION
OPEN SOURCE SEMINAR PRESENTATIONRitwick Halder
 
Free and Open Source Software
Free and Open Source SoftwareFree and Open Source Software
Free and Open Source SoftwareRam Nath
 
Scale14x Patterns and Practices for Open Source Project Success
Scale14x Patterns and Practices for Open Source Project SuccessScale14x Patterns and Practices for Open Source Project Success
Scale14x Patterns and Practices for Open Source Project SuccessStephen Walli
 
Asf icfoss-mentoring
Asf icfoss-mentoringAsf icfoss-mentoring
Asf icfoss-mentoringLuciano Resende
 
Open source software and os
Open source software and osOpen source software and os
Open source software and osMd. Tasdikul Islam Khan
 
Foss For Media Makers
Foss For Media MakersFoss For Media Makers
Foss For Media MakersEngageMedia
 
Programmer sous Unreal Engine
Programmer sous Unreal EngineProgrammer sous Unreal Engine
Programmer sous Unreal EngineGeeks Anonymes
 
Implémentation efficace et durable de processus métiers complexes
Implémentation efficace et durable de processus métiers complexesImplémentation efficace et durable de processus métiers complexes
Implémentation efficace et durable de processus métiers complexesGeeks Anonymes
 

More Related Content

Similar to Managing Open Source Licenses (Geeks Anonymes)

Open-Source Software Panel - IP Track
Open-Source Software Panel - IP TrackOpen-Source Software Panel - IP Track
Open-Source Software Panel - IP TrackAaron G. Sauers, CLP
 
Lecture 2011.05A - FOSS Fundamentals (Digital Sustainability)
Lecture 2011.05A - FOSS Fundamentals (Digital Sustainability)Lecture 2011.05A - FOSS Fundamentals (Digital Sustainability)
Lecture 2011.05A - FOSS Fundamentals (Digital Sustainability)Marcus Dapp
 
Open source operating systems
Open source operating systemsOpen source operating systems
Open source operating systemsTushar B Kute
 
Using Open Source for Enterprise
Using Open Source for EnterpriseUsing Open Source for Enterprise
Using Open Source for EnterpriseEric Fesler
 
Open Source
Open SourceOpen Source
Open SourceJohn Gs
 
Economics of Open Source Software
Economics of Open Source SoftwareEconomics of Open Source Software
Economics of Open Source SoftwareRay Toal
 
A research and innovation perspective on Free and Open Source Software (FOSS)
A research and innovation perspective on Free and Open Source Software (FOSS)A research and innovation perspective on Free and Open Source Software (FOSS)
A research and innovation perspective on Free and Open Source Software (FOSS)Derek Keats
 
Gup2011| open source
Gup2011| open sourceGup2011| open source
Gup2011| open sourceOutserve
 
Open Source
Open SourceOpen Source
Open Sourcenqfaq
 
OPEN SOURCE SEMINAR PRESENTATION
OPEN SOURCE SEMINAR PRESENTATIONOPEN SOURCE SEMINAR PRESENTATION
OPEN SOURCE SEMINAR PRESENTATIONRitwick Halder
 
Free and Open Source Software
Free and Open Source SoftwareFree and Open Source Software
Free and Open Source SoftwareRam Nath
 
Scale14x Patterns and Practices for Open Source Project Success
Scale14x Patterns and Practices for Open Source Project SuccessScale14x Patterns and Practices for Open Source Project Success
Scale14x Patterns and Practices for Open Source Project SuccessStephen Walli
 
Foss For Media Makers
Foss For Media MakersFoss For Media Makers
Foss For Media MakersEngageMedia
 

Similar to Managing Open Source Licenses (Geeks Anonymes) (20)

Open-Source Software Panel - IP Track
Open-Source Software Panel - IP TrackOpen-Source Software Panel - IP Track
Open-Source Software Panel - IP Track
 
Introduction To Open Source
Introduction To Open SourceIntroduction To Open Source
Introduction To Open Source
 
What is open source
What is open sourceWhat is open source
What is open source
 
Lecture 2011.05A - FOSS Fundamentals (Digital Sustainability)
Lecture 2011.05A - FOSS Fundamentals (Digital Sustainability)Lecture 2011.05A - FOSS Fundamentals (Digital Sustainability)
Lecture 2011.05A - FOSS Fundamentals (Digital Sustainability)
 
Open source operating systems
Open source operating systemsOpen source operating systems
Open source operating systems
 
Using Open Source for Enterprise
Using Open Source for EnterpriseUsing Open Source for Enterprise
Using Open Source for Enterprise
 
Opensource
OpensourceOpensource
Opensource
 
The Rise of Open Source
The Rise of Open SourceThe Rise of Open Source
The Rise of Open Source
 
Open Source vs Proprietary
Open Source vs ProprietaryOpen Source vs Proprietary
Open Source vs Proprietary
 
Open Source
Open SourceOpen Source
Open Source
 
Economics of Open Source Software
Economics of Open Source SoftwareEconomics of Open Source Software
Economics of Open Source Software
 
A research and innovation perspective on Free and Open Source Software (FOSS)
A research and innovation perspective on Free and Open Source Software (FOSS)A research and innovation perspective on Free and Open Source Software (FOSS)
A research and innovation perspective on Free and Open Source Software (FOSS)
 
Gup2011| open source
Gup2011| open sourceGup2011| open source
Gup2011| open source
 
Open Source
Open SourceOpen Source
Open Source
 
OPEN SOURCE SEMINAR PRESENTATION
OPEN SOURCE SEMINAR PRESENTATIONOPEN SOURCE SEMINAR PRESENTATION
OPEN SOURCE SEMINAR PRESENTATION
 
Free and Open Source Software
Free and Open Source SoftwareFree and Open Source Software
Free and Open Source Software
 
Scale14x Patterns and Practices for Open Source Project Success
Scale14x Patterns and Practices for Open Source Project SuccessScale14x Patterns and Practices for Open Source Project Success
Scale14x Patterns and Practices for Open Source Project Success
 
Asf icfoss-mentoring
Asf icfoss-mentoringAsf icfoss-mentoring
Asf icfoss-mentoring
 
Open source software and os
Open source software and osOpen source software and os
Open source software and os
 
Foss For Media Makers
Foss For Media MakersFoss For Media Makers
Foss For Media Makers
 

More from Geeks Anonymes

Programmer sous Unreal Engine
Programmer sous Unreal EngineProgrammer sous Unreal Engine
Programmer sous Unreal EngineGeeks Anonymes
 
Implémentation efficace et durable de processus métiers complexes
Implémentation efficace et durable de processus métiers complexesImplémentation efficace et durable de processus métiers complexes
Implémentation efficace et durable de processus métiers complexesGeeks Anonymes
 
Reprendre le contrôle de ses données
Reprendre le contrôle de ses donnéesReprendre le contrôle de ses données
Reprendre le contrôle de ses donnéesGeeks Anonymes
 
Geeks Anonymes - Le langage Go
Geeks Anonymes - Le langage GoGeeks Anonymes - Le langage Go
Geeks Anonymes - Le langage GoGeeks Anonymes
 
Le rôle du testeur et le Blackbox testing
Le rôle du testeur et le Blackbox testingLe rôle du testeur et le Blackbox testing
Le rôle du testeur et le Blackbox testingGeeks Anonymes
 
Vulnérabilités au cœur des applications Web, menaces et contre-mesures
Vulnérabilités au cœur des applications Web, menaces et contre-mesures Vulnérabilités au cœur des applications Web, menaces et contre-mesures
Vulnérabilités au cœur des applications Web, menaces et contre-mesuresGeeks Anonymes
 
191121 philippe teuwen cryptographie et attaques materielles
191121 philippe teuwen cryptographie et attaques materielles191121 philippe teuwen cryptographie et attaques materielles
191121 philippe teuwen cryptographie et attaques materiellesGeeks Anonymes
 
"Surfez couverts !" - Conseils de Cyber securité
"Surfez couverts !" - Conseils de Cyber securité "Surfez couverts !" - Conseils de Cyber securité
"Surfez couverts !" - Conseils de Cyber securité Geeks Anonymes
 
Introduction au développement mobile - développer une application iOS et Andr...
Introduction au développement mobile - développer une application iOS et Andr...Introduction au développement mobile - développer une application iOS et Andr...
Introduction au développement mobile - développer une application iOS et Andr...Geeks Anonymes
 
Intelligence artificielle et propriété intellectuelle
Intelligence artificielle et propriété intellectuelleIntelligence artificielle et propriété intellectuelle
Intelligence artificielle et propriété intellectuelleGeeks Anonymes
 
Pour une histoire plophonique du jeu video
Pour une histoire plophonique du jeu videoPour une histoire plophonique du jeu video
Pour une histoire plophonique du jeu videoGeeks Anonymes
 
Become Rick and famous, thanks to Open Source
Become Rick and famous, thanks to Open SourceBecome Rick and famous, thanks to Open Source
Become Rick and famous, thanks to Open SourceGeeks Anonymes
 
Reconnaissance vocale et création artistique
Reconnaissance vocale et création artistiqueReconnaissance vocale et création artistique
Reconnaissance vocale et création artistiqueGeeks Anonymes
 
Natural Language Processing
Natural Language ProcessingNatural Language Processing
Natural Language ProcessingGeeks Anonymes
 
Sécurité, GDPR : vos données ont de la valeur
Sécurité, GDPR : vos données ont de la valeur Sécurité, GDPR : vos données ont de la valeur
Sécurité, GDPR : vos données ont de la valeur Geeks Anonymes
 

More from Geeks Anonymes (20)

Programmer sous Unreal Engine
Programmer sous Unreal EngineProgrammer sous Unreal Engine
Programmer sous Unreal Engine
 
Implémentation efficace et durable de processus métiers complexes
Implémentation efficace et durable de processus métiers complexesImplémentation efficace et durable de processus métiers complexes
Implémentation efficace et durable de processus métiers complexes
 
Reprendre le contrôle de ses données
Reprendre le contrôle de ses donnéesReprendre le contrôle de ses données
Reprendre le contrôle de ses données
 
Geeks Anonymes - Le langage Go
Geeks Anonymes - Le langage GoGeeks Anonymes - Le langage Go
Geeks Anonymes - Le langage Go
 
Le rôle du testeur et le Blackbox testing
Le rôle du testeur et le Blackbox testingLe rôle du testeur et le Blackbox testing
Le rôle du testeur et le Blackbox testing
 
Kubernetes
KubernetesKubernetes
Kubernetes
 
Vulnérabilités au cœur des applications Web, menaces et contre-mesures
Vulnérabilités au cœur des applications Web, menaces et contre-mesures Vulnérabilités au cœur des applications Web, menaces et contre-mesures
Vulnérabilités au cœur des applications Web, menaces et contre-mesures
 
191121 philippe teuwen cryptographie et attaques materielles
191121 philippe teuwen cryptographie et attaques materielles191121 philippe teuwen cryptographie et attaques materielles
191121 philippe teuwen cryptographie et attaques materielles
 
"Surfez couverts !" - Conseils de Cyber securité
"Surfez couverts !" - Conseils de Cyber securité "Surfez couverts !" - Conseils de Cyber securité
"Surfez couverts !" - Conseils de Cyber securité
 
Introduction au développement mobile - développer une application iOS et Andr...
Introduction au développement mobile - développer une application iOS et Andr...Introduction au développement mobile - développer une application iOS et Andr...
Introduction au développement mobile - développer une application iOS et Andr...
 
Le langage rust
Le langage rustLe langage rust
Le langage rust
 
Test your code
Test your codeTest your code
Test your code
 
Intelligence artificielle et propriété intellectuelle
Intelligence artificielle et propriété intellectuelleIntelligence artificielle et propriété intellectuelle
Intelligence artificielle et propriété intellectuelle
 
Pour une histoire plophonique du jeu video
Pour une histoire plophonique du jeu videoPour une histoire plophonique du jeu video
Pour une histoire plophonique du jeu video
 
Become Rick and famous, thanks to Open Source
Become Rick and famous, thanks to Open SourceBecome Rick and famous, thanks to Open Source
Become Rick and famous, thanks to Open Source
 
Reconnaissance vocale et création artistique
Reconnaissance vocale et création artistiqueReconnaissance vocale et création artistique
Reconnaissance vocale et création artistique
 
Natural Language Processing
Natural Language ProcessingNatural Language Processing
Natural Language Processing
 
Sécurité, GDPR : vos données ont de la valeur
Sécurité, GDPR : vos données ont de la valeur Sécurité, GDPR : vos données ont de la valeur
Sécurité, GDPR : vos données ont de la valeur
 
Modern sql
Modern sqlModern sql
Modern sql
 
Qt
QtQt
Qt
 

Recently uploaded

How to install and activate eGrabber JobGrabber
How to install and activate eGrabber JobGrabberHow to install and activate eGrabber JobGrabber
How to install and activate eGrabber JobGrabbereGrabber
 
How to pick right visual testing tool.pdf
How to pick right visual testing tool.pdfHow to pick right visual testing tool.pdf
How to pick right visual testing tool.pdfTestgrid.io
 
Mastering Windows 7 A Comprehensive Guide for Power Users .pdf
Mastering Windows 7 A Comprehensive Guide for Power Users .pdfMastering Windows 7 A Comprehensive Guide for Power Users .pdf
Mastering Windows 7 A Comprehensive Guide for Power Users .pdfmbmh111980
 
The Impact of PLM Software on Fashion Production
The Impact of PLM Software on Fashion ProductionThe Impact of PLM Software on Fashion Production
The Impact of PLM Software on Fashion ProductionWave PLM
 
A Comprehensive Appium Guide for Hybrid App Automation Testing.pdf
A Comprehensive Appium Guide for Hybrid App Automation Testing.pdfA Comprehensive Appium Guide for Hybrid App Automation Testing.pdf
A Comprehensive Appium Guide for Hybrid App Automation Testing.pdfkalichargn70th171
 
Agnieszka Andrzejewska - BIM School Course in Kraków
Agnieszka Andrzejewska - BIM School Course in KrakówAgnieszka Andrzejewska - BIM School Course in Kraków
Agnieszka Andrzejewska - BIM School Course in Krakówbim.edu.pl
 
What need to be mastered as AI-Powered Java Developers
What need to be mastered as AI-Powered Java DevelopersWhat need to be mastered as AI-Powered Java Developers
What need to be mastered as AI-Powered Java DevelopersEmilyJiang23
 
KLARNA - Language Models and Knowledge Graphs: A Systems Approach
KLARNA - Language Models and Knowledge Graphs: A Systems ApproachKLARNA - Language Models and Knowledge Graphs: A Systems Approach
KLARNA - Language Models and Knowledge Graphs: A Systems ApproachNeo4j
 
A Guideline to Zendesk to Re:amaze Data Migration
A Guideline to Zendesk to Re:amaze Data MigrationA Guideline to Zendesk to Re:amaze Data Migration
A Guideline to Zendesk to Re:amaze Data MigrationHelp Desk Migration
 
10 Essential Software Testing Tools You Need to Know About.pdf
10 Essential Software Testing Tools You Need to Know About.pdf10 Essential Software Testing Tools You Need to Know About.pdf
10 Essential Software Testing Tools You Need to Know About.pdfkalichargn70th171
 
AI/ML Infra Meetup | Perspective on Deep Learning Framework
AI/ML Infra Meetup | Perspective on Deep Learning FrameworkAI/ML Infra Meetup | Perspective on Deep Learning Framework
AI/ML Infra Meetup | Perspective on Deep Learning FrameworkAlluxio, Inc.
 
Microsoft 365 Copilot; An AI tool changing the world of work _PDF.pdf
Microsoft 365 Copilot; An AI tool changing the world of work _PDF.pdfMicrosoft 365 Copilot; An AI tool changing the world of work _PDF.pdf
Microsoft 365 Copilot; An AI tool changing the world of work _PDF.pdfQ-Advise
 
AI/ML Infra Meetup | ML explainability in Michelangelo
AI/ML Infra Meetup | ML explainability in MichelangeloAI/ML Infra Meetup | ML explainability in Michelangelo
AI/ML Infra Meetup | ML explainability in MichelangeloAlluxio, Inc.
 
GraphSummit Stockholm - Neo4j - Knowledge Graphs and Product Updates
GraphSummit Stockholm - Neo4j - Knowledge Graphs and Product UpdatesGraphSummit Stockholm - Neo4j - Knowledge Graphs and Product Updates
GraphSummit Stockholm - Neo4j - Knowledge Graphs and Product UpdatesNeo4j
 
CompTIA Security+ (Study Notes) for cs.pdf
CompTIA Security+ (Study Notes) for cs.pdfCompTIA Security+ (Study Notes) for cs.pdf
CompTIA Security+ (Study Notes) for cs.pdfFurqanuddin10
 
Tree in the Forest - Managing Details in BDD Scenarios (live2test 2024)
Tree in the Forest - Managing Details in BDD Scenarios (live2test 2024)Tree in the Forest - Managing Details in BDD Scenarios (live2test 2024)
Tree in the Forest - Managing Details in BDD Scenarios (live2test 2024)Gáspár Nagy
 
OpenChain @ LF Japan Executive Briefing - May 2024
OpenChain @ LF Japan Executive Briefing - May 2024OpenChain @ LF Japan Executive Briefing - May 2024
OpenChain @ LF Japan Executive Briefing - May 2024Shane Coughlan
 
IT Software Development Resume, Vaibhav jha 2024
IT Software Development Resume, Vaibhav jha 2024IT Software Development Resume, Vaibhav jha 2024
IT Software Development Resume, Vaibhav jha 2024vaibhav130304
 

Recently uploaded (20)

How to install and activate eGrabber JobGrabber
How to install and activate eGrabber JobGrabberHow to install and activate eGrabber JobGrabber
How to install and activate eGrabber JobGrabber
 
How to pick right visual testing tool.pdf
How to pick right visual testing tool.pdfHow to pick right visual testing tool.pdf
How to pick right visual testing tool.pdf
 
Mastering Windows 7 A Comprehensive Guide for Power Users .pdf
Mastering Windows 7 A Comprehensive Guide for Power Users .pdfMastering Windows 7 A Comprehensive Guide for Power Users .pdf
Mastering Windows 7 A Comprehensive Guide for Power Users .pdf
 
The Impact of PLM Software on Fashion Production
The Impact of PLM Software on Fashion ProductionThe Impact of PLM Software on Fashion Production
The Impact of PLM Software on Fashion Production
 
A Comprehensive Appium Guide for Hybrid App Automation Testing.pdf
A Comprehensive Appium Guide for Hybrid App Automation Testing.pdfA Comprehensive Appium Guide for Hybrid App Automation Testing.pdf
A Comprehensive Appium Guide for Hybrid App Automation Testing.pdf
 
Agnieszka Andrzejewska - BIM School Course in Kraków
Agnieszka Andrzejewska - BIM School Course in KrakówAgnieszka Andrzejewska - BIM School Course in Kraków
Agnieszka Andrzejewska - BIM School Course in Kraków
 
What need to be mastered as AI-Powered Java Developers
What need to be mastered as AI-Powered Java DevelopersWhat need to be mastered as AI-Powered Java Developers
What need to be mastered as AI-Powered Java Developers
 
KLARNA - Language Models and Knowledge Graphs: A Systems Approach
KLARNA - Language Models and Knowledge Graphs: A Systems ApproachKLARNA - Language Models and Knowledge Graphs: A Systems Approach
KLARNA - Language Models and Knowledge Graphs: A Systems Approach
 
A Guideline to Zendesk to Re:amaze Data Migration
A Guideline to Zendesk to Re:amaze Data MigrationA Guideline to Zendesk to Re:amaze Data Migration
A Guideline to Zendesk to Re:amaze Data Migration
 
10 Essential Software Testing Tools You Need to Know About.pdf
10 Essential Software Testing Tools You Need to Know About.pdf10 Essential Software Testing Tools You Need to Know About.pdf
10 Essential Software Testing Tools You Need to Know About.pdf
 
AI/ML Infra Meetup | Perspective on Deep Learning Framework
AI/ML Infra Meetup | Perspective on Deep Learning FrameworkAI/ML Infra Meetup | Perspective on Deep Learning Framework
AI/ML Infra Meetup | Perspective on Deep Learning Framework
 
Top Mobile App Development Companies 2024
Top Mobile App Development Companies 2024Top Mobile App Development Companies 2024
Top Mobile App Development Companies 2024
 
Microsoft 365 Copilot; An AI tool changing the world of work _PDF.pdf
Microsoft 365 Copilot; An AI tool changing the world of work _PDF.pdfMicrosoft 365 Copilot; An AI tool changing the world of work _PDF.pdf
Microsoft 365 Copilot; An AI tool changing the world of work _PDF.pdf
 
AI/ML Infra Meetup | ML explainability in Michelangelo
AI/ML Infra Meetup | ML explainability in MichelangeloAI/ML Infra Meetup | ML explainability in Michelangelo
AI/ML Infra Meetup | ML explainability in Michelangelo
 
GraphSummit Stockholm - Neo4j - Knowledge Graphs and Product Updates
GraphSummit Stockholm - Neo4j - Knowledge Graphs and Product UpdatesGraphSummit Stockholm - Neo4j - Knowledge Graphs and Product Updates
GraphSummit Stockholm - Neo4j - Knowledge Graphs and Product Updates
 
CompTIA Security+ (Study Notes) for cs.pdf
CompTIA Security+ (Study Notes) for cs.pdfCompTIA Security+ (Study Notes) for cs.pdf
CompTIA Security+ (Study Notes) for cs.pdf
 
Tree in the Forest - Managing Details in BDD Scenarios (live2test 2024)
Tree in the Forest - Managing Details in BDD Scenarios (live2test 2024)Tree in the Forest - Managing Details in BDD Scenarios (live2test 2024)
Tree in the Forest - Managing Details in BDD Scenarios (live2test 2024)
 
OpenChain @ LF Japan Executive Briefing - May 2024
OpenChain @ LF Japan Executive Briefing - May 2024OpenChain @ LF Japan Executive Briefing - May 2024
OpenChain @ LF Japan Executive Briefing - May 2024
 
5 Reasons Driving Warehouse Management Systems Demand
5 Reasons Driving Warehouse Management Systems Demand5 Reasons Driving Warehouse Management Systems Demand
5 Reasons Driving Warehouse Management Systems Demand
 
IT Software Development Resume, Vaibhav jha 2024
IT Software Development Resume, Vaibhav jha 2024IT Software Development Resume, Vaibhav jha 2024
IT Software Development Resume, Vaibhav jha 2024
 

Managing Open Source Licenses (Geeks Anonymes)

  • 1. 4 décembre 2020 ULiège - Interface Entreprises Recherche & Innovation Managing Open source licenses
  • 2.
  • 3. Jérémie Fays Civil engineer in geology @ Interface ULg since 2004 Freelance : ▸ Websites ▸ Photographer : Insta @jeremiefays Geek Geek Anonymes : https://www.recherche.uliege.be/geeksanonymes
  • 4. What is Open Source ?
  • 5. History •  1950 : software source freely available •  1974 : Software copyright •  1985 : Free Software foundation •  1989 : GPLv1 license (copyleft ) •  4 freedoms : run, study, modify, distribute •  1998 : Open Source Initiative •  Today : OS won the war !
  • 6. Licenses No license = no rights !
  • 7. Licenses Public domain (WTFPL) Open source (FOSS) Academic / permissive MIT, BSD, Apache, X11 Weak copyleft LGPL, MPL Strong copyleft GPL, EUPL Super strong copyleft AGPL Closed source (commercial) Freeware Shareware / freemium Other commercial licenses
  • 8. MIT, BSD,ISC, Apache v2.0 GPL v2-3 LGPL v2-3 Others (100+) Data from Blackduck, June 2018 Permissive Copyleft Weak copyleft Most used OS licenses…
  • 9. Apache v2.0, MIT, BSD No copyleft Could be integrated in closed source software You must mention authors Trigger : distribution
  • 10. GPL v3 Strong copyleft Source code has to be available ‘contaminates’ the whole work You must mention authors Trigger : distribution
  • 11. GPL v2 Strong copyleft You must mention authors Source code has to be available ‘contaminates’ the whole work Incompatible with a lot of common licenses Trigger : distribution
  • 12. AGPL v3 “Affero GPL” Super strong copyleft Source code has to be available ‘contaminates’ the whole work You must mention authors Trigger : distribution & interactions through a network
  • 13. LGPL v3 Weak copyleft Could be integrated in closed source software, provided you make possible to link with another version of the library Intended for libraries You must mention authors Trigger : distribution
  • 14. Creative Commons licenses Not adapted to software! Adapted to documentation Attribution Attribution No derivatives Attribution No commercial use Share alike Attribution Share alike Attribution No commercial use Attribution No commercial use No derivatives
  • 15. How contaminating is copyleft (GPL) ?
  • 16. Copyleft “contamination” •  Compiled in 1 executable à contamination •  Calling another executable and sharing data through command line or file à no contamination •  Run a software on a ‘copyleft’ operating system à no contamination from OS •  Interact with a webservice through standardized protocol (query online database with SQL) à no contamination
  • 17. Copyleft “contamination” But a lot of grey zone…
  • 19. “I don’t like to give bad news” © Jérémie fays
  • 20. PhD Thesis - SimCity Effect of urban development on traffic jam SimCity 2D engine for maps Export to xls Color picker (palette)
  • 21. PhD Thesis - SimCity SimCity 2D engine for maps Export to xls Color picker (palette) May I sell Licenses ? Effect of urban development on traffic jam
  • 22. PhD Thesis - SimCity SimCity 2D engine for maps Export to xls Color picker (palette) May I sell Licenses ? Effect of urban development on traffic jam
  • 23. PhD Thesis - SimCity SimCity 2D engine for maps Export to xls Color picker (palette) May I Open Source ? Effect of urban development on traffic jam
  • 24. PhD Thesis - SimCity SimCity 2D engine for maps Export to xls Color picker (palette) May I Open Source ? Effect of urban development on traffic jam
  • 25. Some known compatibilty problems •  BSD-4 à GPL •  Apache v1, v1.1 à GPL •  GPLv2 à GPLv3 •  GPLv3 à GPLv2 •  MPLv1.1 à GPL ! GPL compatible licences https://www.gnu.org/licenses/license-list
  • 26. Dual licensing Purpose : ▸ Prevent compatibility issues (ex : using GPL v2+) ▸ Run a dual licensing business model Needs agreement of all rights owners ▸ 1 owner, or… ▸ All owners agree, or… ▸ Unify rights via CLA (Contributor License Agreement)
  • 27. Freedom to operate Source : David A. Wheeler
  • 28. How do I detect Open Source ?
  • 29. How to detect Open Source ? 1.  Ask the developers (Uliège : Software disclosure form) 2.  Source code scanning tool ▸  open source licence finder ▸  Fossology (free) ▸  open source code finder ▸  Synopsys (Black Duck) – also binary detection ▸  Antelink ▸  Revenera
  • 30. How to solve incompatibility ?
  • 31. How to solve incompatibility ? •  Don’t bother (short code) •  Rewrite •  Replace with another library •  Ask authors for a different license •  Split your software (if at all possible)
  • 32. What are the risks ?
  • 33. What are the risks ? 1.  OS license incompatibility in an open source project è  Reputation è  Trouble in OS community è  (Lawsuit) è  Stop distribution
  • 34. What are the risks ? 2.  Copyleft code in commercial code è  Development costs to clear the situation è  Lawsuit è  reputation è  open your code !! è  pay damages è  Dev companies : your customer could be sued
  • 35. How to manage Open Source ?
  • 36. For developpers… •  Choose a distribution strategy from the start (commercial, permissive, copyleft…) •  and choose dependencies with a compatible license •  Ask your employer •  Before contributing to an open source project •  Before integrating OS in the company software !
  • 37. For developpers… •  Document your code with legal stuff •  Copyright and license header in each source file •  LICENSE and AUTHOR file •  Use a Version Control System (Git, SVN…) •  Test in branches •  Track who did what •  Use Fossology
  • 38. For companies… Setup an Open Source Policy !
  • 39. For companies : Open Source Policy •  OS licenses allowed, and not allowed •  Other criteria : maintenance, quality, security… •  Clear and rapid validation procedure •  Contributing to an open source project •  Inventory of dependencies •  Use tracking tools
  • 40. Jérémie Fays j.fays@uliege.be +32 4 349 85 21 www.linkedin.com/in/jeremiefays Need some advice ?