SlideShare a Scribd company logo

Managing Open Source Licenses (Geeks Anonymes)

Geeks Anonymes
Geeks Anonymes

Présentation de Jérémie Fays aux Geeks Anonymes, le 4 décembre 2020

Software
1 of 40
Download to read offline
4 décembre 2020 ULiège - Interface Entreprises Recherche & Innovation Managing Open source licenses
Jérémie Fays Civil engineer in geology @ Interface ULg since 2004 Freelance : ▸ Websites ▸ Photographer : Insta @jeremiefays Geek Geek Anonymes : https://www.recherche.uliege.be/geeksanonymes
What is Open Source ?
History •  1950 : software source freely available •  1974 : Software copyright •  1985 : Free Software foundation •  1989 : GPLv1 license (copyleft ) •  4 freedoms : run, study, modify, distribute •  1998 : Open Source Initiative •  Today : OS won the war !
Licenses No license = no rights !
Licenses Public domain (WTFPL) Open source (FOSS) Academic / permissive MIT, BSD, Apache, X11 Weak copyleft LGPL, MPL Strong copyleft GPL, EUPL Super strong copyleft AGPL Closed source (commercial) Freeware Shareware / freemium Other commercial licenses
MIT, BSD,ISC, Apache v2.0 GPL v2-3 LGPL v2-3 Others (100+) Data from Blackduck, June 2018 Permissive Copyleft Weak copyleft Most used OS licenses…
Apache v2.0, MIT, BSD No copyleft Could be integrated in closed source software You must mention authors Trigger : distribution
GPL v3 Strong copyleft Source code has to be available ‘contaminates’ the whole work You must mention authors Trigger : distribution
GPL v2 Strong copyleft You must mention authors Source code has to be available ‘contaminates’ the whole work Incompatible with a lot of common licenses Trigger : distribution
AGPL v3 “Affero GPL” Super strong copyleft Source code has to be available ‘contaminates’ the whole work You must mention authors Trigger : distribution & interactions through a network
LGPL v3 Weak copyleft Could be integrated in closed source software, provided you make possible to link with another version of the library Intended for libraries You must mention authors Trigger : distribution
Creative Commons licenses Not adapted to software! Adapted to documentation Attribution Attribution No derivatives Attribution No commercial use Share alike Attribution Share alike Attribution No commercial use Attribution No commercial use No derivatives
How contaminating is copyleft (GPL) ?
Copyleft “contamination” •  Compiled in 1 executable à contamination •  Calling another executable and sharing data through command line or file à no contamination •  Run a software on a ‘copyleft’ operating system à no contamination from OS •  Interact with a webservice through standardized protocol (query online database with SQL) à no contamination
Copyleft “contamination” But a lot of grey zone…
Are there compatibility problems ?
“I don’t like to give bad news” © Jérémie fays
PhD Thesis - SimCity Effect of urban development on traffic jam SimCity 2D engine for maps Export to xls Color picker (palette)
PhD Thesis - SimCity SimCity 2D engine for maps Export to xls Color picker (palette) May I sell Licenses ? Effect of urban development on traffic jam
PhD Thesis - SimCity SimCity 2D engine for maps Export to xls Color picker (palette) May I sell Licenses ? Effect of urban development on traffic jam
PhD Thesis - SimCity SimCity 2D engine for maps Export to xls Color picker (palette) May I Open Source ? Effect of urban development on traffic jam
PhD Thesis - SimCity SimCity 2D engine for maps Export to xls Color picker (palette) May I Open Source ? Effect of urban development on traffic jam
Some known compatibilty problems •  BSD-4 à GPL •  Apache v1, v1.1 à GPL •  GPLv2 à GPLv3 •  GPLv3 à GPLv2 •  MPLv1.1 à GPL ! GPL compatible licences https://www.gnu.org/licenses/license-list
Dual licensing Purpose : ▸ Prevent compatibility issues (ex : using GPL v2+) ▸ Run a dual licensing business model Needs agreement of all rights owners ▸ 1 owner, or… ▸ All owners agree, or… ▸ Unify rights via CLA (Contributor License Agreement)
Freedom to operate Source : David A. Wheeler
How do I detect Open Source ?
How to detect Open Source ? 1.  Ask the developers (Uliège : Software disclosure form) 2.  Source code scanning tool ▸  open source licence finder ▸  Fossology (free) ▸  open source code finder ▸  Synopsys (Black Duck) – also binary detection ▸  Antelink ▸  Revenera
How to solve incompatibility ?
How to solve incompatibility ? •  Don’t bother (short code) •  Rewrite •  Replace with another library •  Ask authors for a different license •  Split your software (if at all possible)
What are the risks ?
What are the risks ? 1.  OS license incompatibility in an open source project è  Reputation è  Trouble in OS community è  (Lawsuit) è  Stop distribution
What are the risks ? 2.  Copyleft code in commercial code è  Development costs to clear the situation è  Lawsuit è  reputation è  open your code !! è  pay damages è  Dev companies : your customer could be sued
How to manage Open Source ?
For developpers… •  Choose a distribution strategy from the start (commercial, permissive, copyleft…) •  and choose dependencies with a compatible license •  Ask your employer •  Before contributing to an open source project •  Before integrating OS in the company software !
For developpers… •  Document your code with legal stuff •  Copyright and license header in each source file •  LICENSE and AUTHOR file •  Use a Version Control System (Git, SVN…) •  Test in branches •  Track who did what •  Use Fossology
For companies… Setup an Open Source Policy !
For companies : Open Source Policy •  OS licenses allowed, and not allowed •  Other criteria : maintenance, quality, security… •  Clear and rapid validation procedure •  Contributing to an open source project •  Inventory of dependencies •  Use tracking tools
Jérémie Fays j.fays@uliege.be +32 4 349 85 21 www.linkedin.com/in/jeremiefays Need some advice ?

Recommended

Leveraging Open Source
Leveraging Open SourceLeveraging Open Source
Leveraging Open SourceJohn Lewis
 
Open Source Software Concepts
Open Source Software ConceptsOpen Source Software Concepts
Open Source Software ConceptsJITENDRA LENKA
 
The Importance of Free Software
The Importance of Free SoftwareThe Importance of Free Software
The Importance of Free SoftwareBrent Toderash
 
Introduction to License Compliance and My research (D. German)
Introduction to License Compliance and My research (D. German)Introduction to License Compliance and My research (D. German)
Introduction to License Compliance and My research (D. German)dmgerman
 
GoOpen 2010: Sandro D'Elia
GoOpen 2010: Sandro D'EliaGoOpen 2010: Sandro D'Elia
GoOpen 2010: Sandro D'EliaFriprogsenteret
 
Leaping the chasm from proprietary to open: A survivor's guide
Leaping the chasm from proprietary to open: A survivor's guideLeaping the chasm from proprietary to open: A survivor's guide
Leaping the chasm from proprietary to open: A survivor's guidebcantrill
 
Open Source & Open Development
Open Source & Open Development Open Source & Open Development
Open Source & Open Development Sander van der Waal
 
Intro to open source - 101 presentation
Intro to open source - 101 presentationIntro to open source - 101 presentation
Intro to open source - 101 presentationJavier Perez
 

Recommended

Leveraging Open Source
Leveraging Open SourceLeveraging Open Source
Leveraging Open SourceJohn Lewis
 
Open Source Software Concepts
Open Source Software ConceptsOpen Source Software Concepts
Open Source Software ConceptsJITENDRA LENKA
 
The Importance of Free Software
The Importance of Free SoftwareThe Importance of Free Software
The Importance of Free SoftwareBrent Toderash
 
Introduction to License Compliance and My research (D. German)
Introduction to License Compliance and My research (D. German)Introduction to License Compliance and My research (D. German)
Introduction to License Compliance and My research (D. German)dmgerman
 
GoOpen 2010: Sandro D'Elia
GoOpen 2010: Sandro D'EliaGoOpen 2010: Sandro D'Elia
GoOpen 2010: Sandro D'EliaFriprogsenteret
 
Leaping the chasm from proprietary to open: A survivor's guide
Leaping the chasm from proprietary to open: A survivor's guideLeaping the chasm from proprietary to open: A survivor's guide
Leaping the chasm from proprietary to open: A survivor's guidebcantrill
 
Open Source & Open Development
Open Source & Open Development Open Source & Open Development
Open Source & Open Development Sander van der Waal
 
Intro to open source - 101 presentation
Intro to open source - 101 presentationIntro to open source - 101 presentation
Intro to open source - 101 presentationJavier Perez
 
Open-Source Software Panel - IP Track
Open-Source Software Panel - IP TrackOpen-Source Software Panel - IP Track
Open-Source Software Panel - IP TrackAaron G. Sauers, CLP
 
Introduction To Open Source
Introduction To Open SourceIntroduction To Open Source
Introduction To Open SourceUchechukwu Obimma
 
What is open source
What is open sourceWhat is open source
What is open sourceAnuchit Chalothorn
 
Lecture 2011.05A - FOSS Fundamentals (Digital Sustainability)
Lecture 2011.05A - FOSS Fundamentals (Digital Sustainability)Lecture 2011.05A - FOSS Fundamentals (Digital Sustainability)
Lecture 2011.05A - FOSS Fundamentals (Digital Sustainability)Marcus Dapp
 
Open source operating systems
Open source operating systemsOpen source operating systems
Open source operating systemsTushar B Kute
 
Using Open Source for Enterprise
Using Open Source for EnterpriseUsing Open Source for Enterprise
Using Open Source for EnterpriseEric Fesler
 
Opensource
OpensourceOpensource
OpensourceDave Everitt
 
The Rise of Open Source
The Rise of Open SourceThe Rise of Open Source
The Rise of Open SourceMartin Westhead
 
Open Source vs Proprietary
Open Source vs ProprietaryOpen Source vs Proprietary
Open Source vs ProprietaryM. Antoinette Jerom
 
Open Source
Open SourceOpen Source
Open SourceJohn Gs
 
Economics of Open Source Software
Economics of Open Source SoftwareEconomics of Open Source Software
Economics of Open Source SoftwareRay Toal
 
A research and innovation perspective on Free and Open Source Software (FOSS)
A research and innovation perspective on Free and Open Source Software (FOSS)A research and innovation perspective on Free and Open Source Software (FOSS)
A research and innovation perspective on Free and Open Source Software (FOSS)Derek Keats
 
Gup2011| open source
Gup2011| open sourceGup2011| open source
Gup2011| open sourceOutserve
 
Open Source
Open SourceOpen Source
Open Sourcenqfaq
 
OPEN SOURCE SEMINAR PRESENTATION
OPEN SOURCE SEMINAR PRESENTATIONOPEN SOURCE SEMINAR PRESENTATION
OPEN SOURCE SEMINAR PRESENTATIONRitwick Halder
 
Free and Open Source Software
Free and Open Source SoftwareFree and Open Source Software
Free and Open Source SoftwareRam Nath
 
Scale14x Patterns and Practices for Open Source Project Success
Scale14x Patterns and Practices for Open Source Project SuccessScale14x Patterns and Practices for Open Source Project Success
Scale14x Patterns and Practices for Open Source Project SuccessStephen Walli
 
Asf icfoss-mentoring
Asf icfoss-mentoringAsf icfoss-mentoring
Asf icfoss-mentoringLuciano Resende
 
Open source software and os
Open source software and osOpen source software and os
Open source software and osMd. Tasdikul Islam Khan
 
Foss For Media Makers
Foss For Media MakersFoss For Media Makers
Foss For Media MakersEngageMedia
 
Programmer sous Unreal Engine
Programmer sous Unreal EngineProgrammer sous Unreal Engine
Programmer sous Unreal EngineGeeks Anonymes
 
Implémentation efficace et durable de processus métiers complexes
Implémentation efficace et durable de processus métiers complexesImplémentation efficace et durable de processus métiers complexes
Implémentation efficace et durable de processus métiers complexesGeeks Anonymes
 

More Related Content

Similar to Managing Open Source Licenses (Geeks Anonymes)

Open-Source Software Panel - IP Track
Open-Source Software Panel - IP TrackOpen-Source Software Panel - IP Track
Open-Source Software Panel - IP TrackAaron G. Sauers, CLP
 
Lecture 2011.05A - FOSS Fundamentals (Digital Sustainability)
Lecture 2011.05A - FOSS Fundamentals (Digital Sustainability)Lecture 2011.05A - FOSS Fundamentals (Digital Sustainability)
Lecture 2011.05A - FOSS Fundamentals (Digital Sustainability)Marcus Dapp
 
Open source operating systems
Open source operating systemsOpen source operating systems
Open source operating systemsTushar B Kute
 
Using Open Source for Enterprise
Using Open Source for EnterpriseUsing Open Source for Enterprise
Using Open Source for EnterpriseEric Fesler
 
Open Source
Open SourceOpen Source
Open SourceJohn Gs
 
Economics of Open Source Software
Economics of Open Source SoftwareEconomics of Open Source Software
Economics of Open Source SoftwareRay Toal
 
A research and innovation perspective on Free and Open Source Software (FOSS)
A research and innovation perspective on Free and Open Source Software (FOSS)A research and innovation perspective on Free and Open Source Software (FOSS)
A research and innovation perspective on Free and Open Source Software (FOSS)Derek Keats
 
Gup2011| open source
Gup2011| open sourceGup2011| open source
Gup2011| open sourceOutserve
 
Open Source
Open SourceOpen Source
Open Sourcenqfaq
 
OPEN SOURCE SEMINAR PRESENTATION
OPEN SOURCE SEMINAR PRESENTATIONOPEN SOURCE SEMINAR PRESENTATION
OPEN SOURCE SEMINAR PRESENTATIONRitwick Halder
 
Free and Open Source Software
Free and Open Source SoftwareFree and Open Source Software
Free and Open Source SoftwareRam Nath
 
Scale14x Patterns and Practices for Open Source Project Success
Scale14x Patterns and Practices for Open Source Project SuccessScale14x Patterns and Practices for Open Source Project Success
Scale14x Patterns and Practices for Open Source Project SuccessStephen Walli
 
Foss For Media Makers
Foss For Media MakersFoss For Media Makers
Foss For Media MakersEngageMedia
 

Similar to Managing Open Source Licenses (Geeks Anonymes) (20)

Open-Source Software Panel - IP Track
Open-Source Software Panel - IP TrackOpen-Source Software Panel - IP Track
Open-Source Software Panel - IP Track
 
Introduction To Open Source
Introduction To Open SourceIntroduction To Open Source
Introduction To Open Source
 
What is open source
What is open sourceWhat is open source
What is open source
 
Lecture 2011.05A - FOSS Fundamentals (Digital Sustainability)
Lecture 2011.05A - FOSS Fundamentals (Digital Sustainability)Lecture 2011.05A - FOSS Fundamentals (Digital Sustainability)
Lecture 2011.05A - FOSS Fundamentals (Digital Sustainability)
 
Open source operating systems
Open source operating systemsOpen source operating systems
Open source operating systems
 
Using Open Source for Enterprise
Using Open Source for EnterpriseUsing Open Source for Enterprise
Using Open Source for Enterprise
 
Opensource
OpensourceOpensource
Opensource
 
The Rise of Open Source
The Rise of Open SourceThe Rise of Open Source
The Rise of Open Source
 
Open Source vs Proprietary
Open Source vs ProprietaryOpen Source vs Proprietary
Open Source vs Proprietary
 
Open Source
Open SourceOpen Source
Open Source
 
Economics of Open Source Software
Economics of Open Source SoftwareEconomics of Open Source Software
Economics of Open Source Software
 
A research and innovation perspective on Free and Open Source Software (FOSS)
A research and innovation perspective on Free and Open Source Software (FOSS)A research and innovation perspective on Free and Open Source Software (FOSS)
A research and innovation perspective on Free and Open Source Software (FOSS)
 
Gup2011| open source
Gup2011| open sourceGup2011| open source
Gup2011| open source
 
Open Source
Open SourceOpen Source
Open Source
 
OPEN SOURCE SEMINAR PRESENTATION
OPEN SOURCE SEMINAR PRESENTATIONOPEN SOURCE SEMINAR PRESENTATION
OPEN SOURCE SEMINAR PRESENTATION
 
Free and Open Source Software
Free and Open Source SoftwareFree and Open Source Software
Free and Open Source Software
 
Scale14x Patterns and Practices for Open Source Project Success
Scale14x Patterns and Practices for Open Source Project SuccessScale14x Patterns and Practices for Open Source Project Success
Scale14x Patterns and Practices for Open Source Project Success
 
Asf icfoss-mentoring
Asf icfoss-mentoringAsf icfoss-mentoring
Asf icfoss-mentoring
 
Open source software and os
Open source software and osOpen source software and os
Open source software and os
 
Foss For Media Makers
Foss For Media MakersFoss For Media Makers
Foss For Media Makers
 

More from Geeks Anonymes

Programmer sous Unreal Engine
Programmer sous Unreal EngineProgrammer sous Unreal Engine
Programmer sous Unreal EngineGeeks Anonymes
 
Implémentation efficace et durable de processus métiers complexes
Implémentation efficace et durable de processus métiers complexesImplémentation efficace et durable de processus métiers complexes
Implémentation efficace et durable de processus métiers complexesGeeks Anonymes
 
Reprendre le contrôle de ses données
Reprendre le contrôle de ses donnéesReprendre le contrôle de ses données
Reprendre le contrôle de ses donnéesGeeks Anonymes
 
Geeks Anonymes - Le langage Go
Geeks Anonymes - Le langage GoGeeks Anonymes - Le langage Go
Geeks Anonymes - Le langage GoGeeks Anonymes
 
Le rôle du testeur et le Blackbox testing
Le rôle du testeur et le Blackbox testingLe rôle du testeur et le Blackbox testing
Le rôle du testeur et le Blackbox testingGeeks Anonymes
 
Vulnérabilités au cœur des applications Web, menaces et contre-mesures
Vulnérabilités au cœur des applications Web, menaces et contre-mesures Vulnérabilités au cœur des applications Web, menaces et contre-mesures
Vulnérabilités au cœur des applications Web, menaces et contre-mesuresGeeks Anonymes
 
191121 philippe teuwen cryptographie et attaques materielles
191121 philippe teuwen cryptographie et attaques materielles191121 philippe teuwen cryptographie et attaques materielles
191121 philippe teuwen cryptographie et attaques materiellesGeeks Anonymes
 
"Surfez couverts !" - Conseils de Cyber securité
"Surfez couverts !" - Conseils de Cyber securité "Surfez couverts !" - Conseils de Cyber securité
"Surfez couverts !" - Conseils de Cyber securité Geeks Anonymes
 
Introduction au développement mobile - développer une application iOS et Andr...
Introduction au développement mobile - développer une application iOS et Andr...Introduction au développement mobile - développer une application iOS et Andr...
Introduction au développement mobile - développer une application iOS et Andr...Geeks Anonymes
 
Intelligence artificielle et propriété intellectuelle
Intelligence artificielle et propriété intellectuelleIntelligence artificielle et propriété intellectuelle
Intelligence artificielle et propriété intellectuelleGeeks Anonymes
 
Pour une histoire plophonique du jeu video
Pour une histoire plophonique du jeu videoPour une histoire plophonique du jeu video
Pour une histoire plophonique du jeu videoGeeks Anonymes
 
Become Rick and famous, thanks to Open Source
Become Rick and famous, thanks to Open SourceBecome Rick and famous, thanks to Open Source
Become Rick and famous, thanks to Open SourceGeeks Anonymes
 
Reconnaissance vocale et création artistique
Reconnaissance vocale et création artistiqueReconnaissance vocale et création artistique
Reconnaissance vocale et création artistiqueGeeks Anonymes
 
Natural Language Processing
Natural Language ProcessingNatural Language Processing
Natural Language ProcessingGeeks Anonymes
 
Sécurité, GDPR : vos données ont de la valeur
Sécurité, GDPR : vos données ont de la valeur Sécurité, GDPR : vos données ont de la valeur
Sécurité, GDPR : vos données ont de la valeur Geeks Anonymes
 

More from Geeks Anonymes (20)

Programmer sous Unreal Engine
Programmer sous Unreal EngineProgrammer sous Unreal Engine
Programmer sous Unreal Engine
 
Implémentation efficace et durable de processus métiers complexes
Implémentation efficace et durable de processus métiers complexesImplémentation efficace et durable de processus métiers complexes
Implémentation efficace et durable de processus métiers complexes
 
Reprendre le contrôle de ses données
Reprendre le contrôle de ses donnéesReprendre le contrôle de ses données
Reprendre le contrôle de ses données
 
Geeks Anonymes - Le langage Go
Geeks Anonymes - Le langage GoGeeks Anonymes - Le langage Go
Geeks Anonymes - Le langage Go
 
Le rôle du testeur et le Blackbox testing
Le rôle du testeur et le Blackbox testingLe rôle du testeur et le Blackbox testing
Le rôle du testeur et le Blackbox testing
 
Kubernetes
KubernetesKubernetes
Kubernetes
 
Vulnérabilités au cœur des applications Web, menaces et contre-mesures
Vulnérabilités au cœur des applications Web, menaces et contre-mesures Vulnérabilités au cœur des applications Web, menaces et contre-mesures
Vulnérabilités au cœur des applications Web, menaces et contre-mesures
 
191121 philippe teuwen cryptographie et attaques materielles
191121 philippe teuwen cryptographie et attaques materielles191121 philippe teuwen cryptographie et attaques materielles
191121 philippe teuwen cryptographie et attaques materielles
 
"Surfez couverts !" - Conseils de Cyber securité
"Surfez couverts !" - Conseils de Cyber securité "Surfez couverts !" - Conseils de Cyber securité
"Surfez couverts !" - Conseils de Cyber securité
 
Introduction au développement mobile - développer une application iOS et Andr...
Introduction au développement mobile - développer une application iOS et Andr...Introduction au développement mobile - développer une application iOS et Andr...
Introduction au développement mobile - développer une application iOS et Andr...
 
Le langage rust
Le langage rustLe langage rust
Le langage rust
 
Test your code
Test your codeTest your code
Test your code
 
Intelligence artificielle et propriété intellectuelle
Intelligence artificielle et propriété intellectuelleIntelligence artificielle et propriété intellectuelle
Intelligence artificielle et propriété intellectuelle
 
Pour une histoire plophonique du jeu video
Pour une histoire plophonique du jeu videoPour une histoire plophonique du jeu video
Pour une histoire plophonique du jeu video
 
Become Rick and famous, thanks to Open Source
Become Rick and famous, thanks to Open SourceBecome Rick and famous, thanks to Open Source
Become Rick and famous, thanks to Open Source
 
Reconnaissance vocale et création artistique
Reconnaissance vocale et création artistiqueReconnaissance vocale et création artistique
Reconnaissance vocale et création artistique
 
Natural Language Processing
Natural Language ProcessingNatural Language Processing
Natural Language Processing
 
Sécurité, GDPR : vos données ont de la valeur
Sécurité, GDPR : vos données ont de la valeur Sécurité, GDPR : vos données ont de la valeur
Sécurité, GDPR : vos données ont de la valeur
 
Modern sql
Modern sqlModern sql
Modern sql
 
Qt
QtQt
Qt
 

Recently uploaded

Optimizing AI for immediate response in Smart CCTV
Optimizing AI for immediate response in Smart CCTVOptimizing AI for immediate response in Smart CCTV
Optimizing AI for immediate response in Smart CCTVshikhaohhpro
 
Test Automation Strategy for Frontend and Backend
Test Automation Strategy for Frontend and BackendTest Automation Strategy for Frontend and Backend
Test Automation Strategy for Frontend and BackendArshad QA
 
SyndBuddy AI 2k Review 2024: Revolutionizing Content Syndication with AI
SyndBuddy AI 2k Review 2024: Revolutionizing Content Syndication with AISyndBuddy AI 2k Review 2024: Revolutionizing Content Syndication with AI
SyndBuddy AI 2k Review 2024: Revolutionizing Content Syndication with AIABDERRAOUF MEHENNI
 
Try MyIntelliAccount Cloud Accounting Software As A Service Solution Risk Fre...
Try MyIntelliAccount Cloud Accounting Software As A Service Solution Risk Fre...Try MyIntelliAccount Cloud Accounting Software As A Service Solution Risk Fre...
Try MyIntelliAccount Cloud Accounting Software As A Service Solution Risk Fre...MyIntelliSource, Inc.
 
The Essentials of Digital Experience Monitoring_ A Comprehensive Guide.pdf
The Essentials of Digital Experience Monitoring_ A Comprehensive Guide.pdfThe Essentials of Digital Experience Monitoring_ A Comprehensive Guide.pdf
The Essentials of Digital Experience Monitoring_ A Comprehensive Guide.pdfkalichargn70th171
 
5 Signs You Need a Fashion PLM Software.pdf
5 Signs You Need a Fashion PLM Software.pdf5 Signs You Need a Fashion PLM Software.pdf
5 Signs You Need a Fashion PLM Software.pdfWave PLM
 
Tech Tuesday-Harness the Power of Effective Resource Planning with OnePlan’s ...
Tech Tuesday-Harness the Power of Effective Resource Planning with OnePlan’s ...Tech Tuesday-Harness the Power of Effective Resource Planning with OnePlan’s ...
Tech Tuesday-Harness the Power of Effective Resource Planning with OnePlan’s ...OnePlan Solutions
 
Unlocking the Future of AI Agents with Large Language Models
Unlocking the Future of AI Agents with Large Language ModelsUnlocking the Future of AI Agents with Large Language Models
Unlocking the Future of AI Agents with Large Language Modelsaagamshah0812
 
Adobe Marketo Engage Deep Dives: Using Webhooks to Transfer Data
Adobe Marketo Engage Deep Dives: Using Webhooks to Transfer DataAdobe Marketo Engage Deep Dives: Using Webhooks to Transfer Data
Adobe Marketo Engage Deep Dives: Using Webhooks to Transfer DataBradBedford3
 
How To Troubleshoot Collaboration Apps for the Modern Connected Worker
How To Troubleshoot Collaboration Apps for the Modern Connected WorkerHow To Troubleshoot Collaboration Apps for the Modern Connected Worker
How To Troubleshoot Collaboration Apps for the Modern Connected WorkerThousandEyes
 
Project Based Learning (A.I).pptx detail explanation
Project Based Learning (A.I).pptx detail explanationProject Based Learning (A.I).pptx detail explanation
Project Based Learning (A.I).pptx detail explanationkaushalgiri8080
 
Building a General PDE Solving Framework with Symbolic-Numeric Scientific Mac...
Building a General PDE Solving Framework with Symbolic-Numeric Scientific Mac...Building a General PDE Solving Framework with Symbolic-Numeric Scientific Mac...
Building a General PDE Solving Framework with Symbolic-Numeric Scientific Mac...stazi3110
 
Building Real-Time Data Pipelines: Stream & Batch Processing workshop Slide
Building Real-Time Data Pipelines: Stream & Batch Processing workshop SlideBuilding Real-Time Data Pipelines: Stream & Batch Processing workshop Slide
Building Real-Time Data Pipelines: Stream & Batch Processing workshop SlideChristina Lin
 
Hand gesture recognition PROJECT PPT.pptx
Hand gesture recognition PROJECT PPT.pptxHand gesture recognition PROJECT PPT.pptx
Hand gesture recognition PROJECT PPT.pptxbodapatigopi8531
 
(Genuine) Escort Service Lucknow | Starting ₹,5K To @25k with A/C 🧑🏽‍❤️‍🧑🏻 89...
(Genuine) Escort Service Lucknow | Starting ₹,5K To @25k with A/C 🧑🏽‍❤️‍🧑🏻 89...(Genuine) Escort Service Lucknow | Starting ₹,5K To @25k with A/C 🧑🏽‍❤️‍🧑🏻 89...
(Genuine) Escort Service Lucknow | Starting ₹,5K To @25k with A/C 🧑🏽‍❤️‍🧑🏻 89...gurkirankumar98700
 
Der Spagat zwischen BIAS und FAIRNESS (2024)
Der Spagat zwischen BIAS und FAIRNESS (2024)Der Spagat zwischen BIAS und FAIRNESS (2024)
Der Spagat zwischen BIAS und FAIRNESS (2024)OPEN KNOWLEDGE GmbH
 
Professional Resume Template for Software Developers
Professional Resume Template for Software DevelopersProfessional Resume Template for Software Developers
Professional Resume Template for Software DevelopersVinodh Ram
 
Reassessing the Bedrock of Clinical Function Models: An Examination of Large ...
Reassessing the Bedrock of Clinical Function Models: An Examination of Large ...Reassessing the Bedrock of Clinical Function Models: An Examination of Large ...
Reassessing the Bedrock of Clinical Function Models: An Examination of Large ...harshavardhanraghave
 

Recently uploaded (20)

Optimizing AI for immediate response in Smart CCTV
Optimizing AI for immediate response in Smart CCTVOptimizing AI for immediate response in Smart CCTV
Optimizing AI for immediate response in Smart CCTV
 
Test Automation Strategy for Frontend and Backend
Test Automation Strategy for Frontend and BackendTest Automation Strategy for Frontend and Backend
Test Automation Strategy for Frontend and Backend
 
SyndBuddy AI 2k Review 2024: Revolutionizing Content Syndication with AI
SyndBuddy AI 2k Review 2024: Revolutionizing Content Syndication with AISyndBuddy AI 2k Review 2024: Revolutionizing Content Syndication with AI
SyndBuddy AI 2k Review 2024: Revolutionizing Content Syndication with AI
 
Try MyIntelliAccount Cloud Accounting Software As A Service Solution Risk Fre...
Try MyIntelliAccount Cloud Accounting Software As A Service Solution Risk Fre...Try MyIntelliAccount Cloud Accounting Software As A Service Solution Risk Fre...
Try MyIntelliAccount Cloud Accounting Software As A Service Solution Risk Fre...
 
The Essentials of Digital Experience Monitoring_ A Comprehensive Guide.pdf
The Essentials of Digital Experience Monitoring_ A Comprehensive Guide.pdfThe Essentials of Digital Experience Monitoring_ A Comprehensive Guide.pdf
The Essentials of Digital Experience Monitoring_ A Comprehensive Guide.pdf
 
5 Signs You Need a Fashion PLM Software.pdf
5 Signs You Need a Fashion PLM Software.pdf5 Signs You Need a Fashion PLM Software.pdf
5 Signs You Need a Fashion PLM Software.pdf
 
Tech Tuesday-Harness the Power of Effective Resource Planning with OnePlan’s ...
Tech Tuesday-Harness the Power of Effective Resource Planning with OnePlan’s ...Tech Tuesday-Harness the Power of Effective Resource Planning with OnePlan’s ...
Tech Tuesday-Harness the Power of Effective Resource Planning with OnePlan’s ...
 
Unlocking the Future of AI Agents with Large Language Models
Unlocking the Future of AI Agents with Large Language ModelsUnlocking the Future of AI Agents with Large Language Models
Unlocking the Future of AI Agents with Large Language Models
 
Adobe Marketo Engage Deep Dives: Using Webhooks to Transfer Data
Adobe Marketo Engage Deep Dives: Using Webhooks to Transfer DataAdobe Marketo Engage Deep Dives: Using Webhooks to Transfer Data
Adobe Marketo Engage Deep Dives: Using Webhooks to Transfer Data
 
Call Girls In Mukherjee Nagar 📱 9999965857 🤩 Delhi 🫦 HOT AND SEXY VVIP 🍎 SE...
Call Girls In Mukherjee Nagar 📱 9999965857 🤩 Delhi 🫦 HOT AND SEXY VVIP 🍎 SE...Call Girls In Mukherjee Nagar 📱 9999965857 🤩 Delhi 🫦 HOT AND SEXY VVIP 🍎 SE...
Call Girls In Mukherjee Nagar 📱 9999965857 🤩 Delhi 🫦 HOT AND SEXY VVIP 🍎 SE...
 
How To Troubleshoot Collaboration Apps for the Modern Connected Worker
How To Troubleshoot Collaboration Apps for the Modern Connected WorkerHow To Troubleshoot Collaboration Apps for the Modern Connected Worker
How To Troubleshoot Collaboration Apps for the Modern Connected Worker
 
Project Based Learning (A.I).pptx detail explanation
Project Based Learning (A.I).pptx detail explanationProject Based Learning (A.I).pptx detail explanation
Project Based Learning (A.I).pptx detail explanation
 
Building a General PDE Solving Framework with Symbolic-Numeric Scientific Mac...
Building a General PDE Solving Framework with Symbolic-Numeric Scientific Mac...Building a General PDE Solving Framework with Symbolic-Numeric Scientific Mac...
Building a General PDE Solving Framework with Symbolic-Numeric Scientific Mac...
 
Building Real-Time Data Pipelines: Stream & Batch Processing workshop Slide
Building Real-Time Data Pipelines: Stream & Batch Processing workshop SlideBuilding Real-Time Data Pipelines: Stream & Batch Processing workshop Slide
Building Real-Time Data Pipelines: Stream & Batch Processing workshop Slide
 
Hand gesture recognition PROJECT PPT.pptx
Hand gesture recognition PROJECT PPT.pptxHand gesture recognition PROJECT PPT.pptx
Hand gesture recognition PROJECT PPT.pptx
 
(Genuine) Escort Service Lucknow | Starting ₹,5K To @25k with A/C 🧑🏽‍❤️‍🧑🏻 89...
(Genuine) Escort Service Lucknow | Starting ₹,5K To @25k with A/C 🧑🏽‍❤️‍🧑🏻 89...(Genuine) Escort Service Lucknow | Starting ₹,5K To @25k with A/C 🧑🏽‍❤️‍🧑🏻 89...
(Genuine) Escort Service Lucknow | Starting ₹,5K To @25k with A/C 🧑🏽‍❤️‍🧑🏻 89...
 
Der Spagat zwischen BIAS und FAIRNESS (2024)
Der Spagat zwischen BIAS und FAIRNESS (2024)Der Spagat zwischen BIAS und FAIRNESS (2024)
Der Spagat zwischen BIAS und FAIRNESS (2024)
 
Professional Resume Template for Software Developers
Professional Resume Template for Software DevelopersProfessional Resume Template for Software Developers
Professional Resume Template for Software Developers
 
Reassessing the Bedrock of Clinical Function Models: An Examination of Large ...
Reassessing the Bedrock of Clinical Function Models: An Examination of Large ...Reassessing the Bedrock of Clinical Function Models: An Examination of Large ...
Reassessing the Bedrock of Clinical Function Models: An Examination of Large ...
 
Exploring iOS App Development: Simplifying the Process
Exploring iOS App Development: Simplifying the ProcessExploring iOS App Development: Simplifying the Process
Exploring iOS App Development: Simplifying the Process
 

Managing Open Source Licenses (Geeks Anonymes)

  • 1. 4 décembre 2020 ULiège - Interface Entreprises Recherche & Innovation Managing Open source licenses
  • 2.
  • 3. Jérémie Fays Civil engineer in geology @ Interface ULg since 2004 Freelance : ▸ Websites ▸ Photographer : Insta @jeremiefays Geek Geek Anonymes : https://www.recherche.uliege.be/geeksanonymes
  • 4. What is Open Source ?
  • 5. History •  1950 : software source freely available •  1974 : Software copyright •  1985 : Free Software foundation •  1989 : GPLv1 license (copyleft ) •  4 freedoms : run, study, modify, distribute •  1998 : Open Source Initiative •  Today : OS won the war !
  • 6. Licenses No license = no rights !
  • 7. Licenses Public domain (WTFPL) Open source (FOSS) Academic / permissive MIT, BSD, Apache, X11 Weak copyleft LGPL, MPL Strong copyleft GPL, EUPL Super strong copyleft AGPL Closed source (commercial) Freeware Shareware / freemium Other commercial licenses
  • 8. MIT, BSD,ISC, Apache v2.0 GPL v2-3 LGPL v2-3 Others (100+) Data from Blackduck, June 2018 Permissive Copyleft Weak copyleft Most used OS licenses…
  • 9. Apache v2.0, MIT, BSD No copyleft Could be integrated in closed source software You must mention authors Trigger : distribution
  • 10. GPL v3 Strong copyleft Source code has to be available ‘contaminates’ the whole work You must mention authors Trigger : distribution
  • 11. GPL v2 Strong copyleft You must mention authors Source code has to be available ‘contaminates’ the whole work Incompatible with a lot of common licenses Trigger : distribution
  • 12. AGPL v3 “Affero GPL” Super strong copyleft Source code has to be available ‘contaminates’ the whole work You must mention authors Trigger : distribution & interactions through a network
  • 13. LGPL v3 Weak copyleft Could be integrated in closed source software, provided you make possible to link with another version of the library Intended for libraries You must mention authors Trigger : distribution
  • 14. Creative Commons licenses Not adapted to software! Adapted to documentation Attribution Attribution No derivatives Attribution No commercial use Share alike Attribution Share alike Attribution No commercial use Attribution No commercial use No derivatives
  • 15. How contaminating is copyleft (GPL) ?
  • 16. Copyleft “contamination” •  Compiled in 1 executable à contamination •  Calling another executable and sharing data through command line or file à no contamination •  Run a software on a ‘copyleft’ operating system à no contamination from OS •  Interact with a webservice through standardized protocol (query online database with SQL) à no contamination
  • 17. Copyleft “contamination” But a lot of grey zone…
  • 19. “I don’t like to give bad news” © Jérémie fays
  • 20. PhD Thesis - SimCity Effect of urban development on traffic jam SimCity 2D engine for maps Export to xls Color picker (palette)
  • 21. PhD Thesis - SimCity SimCity 2D engine for maps Export to xls Color picker (palette) May I sell Licenses ? Effect of urban development on traffic jam
  • 22. PhD Thesis - SimCity SimCity 2D engine for maps Export to xls Color picker (palette) May I sell Licenses ? Effect of urban development on traffic jam
  • 23. PhD Thesis - SimCity SimCity 2D engine for maps Export to xls Color picker (palette) May I Open Source ? Effect of urban development on traffic jam
  • 24. PhD Thesis - SimCity SimCity 2D engine for maps Export to xls Color picker (palette) May I Open Source ? Effect of urban development on traffic jam
  • 25. Some known compatibilty problems •  BSD-4 à GPL •  Apache v1, v1.1 à GPL •  GPLv2 à GPLv3 •  GPLv3 à GPLv2 •  MPLv1.1 à GPL ! GPL compatible licences https://www.gnu.org/licenses/license-list
  • 26. Dual licensing Purpose : ▸ Prevent compatibility issues (ex : using GPL v2+) ▸ Run a dual licensing business model Needs agreement of all rights owners ▸ 1 owner, or… ▸ All owners agree, or… ▸ Unify rights via CLA (Contributor License Agreement)
  • 27. Freedom to operate Source : David A. Wheeler
  • 28. How do I detect Open Source ?
  • 29. How to detect Open Source ? 1.  Ask the developers (Uliège : Software disclosure form) 2.  Source code scanning tool ▸  open source licence finder ▸  Fossology (free) ▸  open source code finder ▸  Synopsys (Black Duck) – also binary detection ▸  Antelink ▸  Revenera
  • 30. How to solve incompatibility ?
  • 31. How to solve incompatibility ? •  Don’t bother (short code) •  Rewrite •  Replace with another library •  Ask authors for a different license •  Split your software (if at all possible)
  • 32. What are the risks ?
  • 33. What are the risks ? 1.  OS license incompatibility in an open source project è  Reputation è  Trouble in OS community è  (Lawsuit) è  Stop distribution
  • 34. What are the risks ? 2.  Copyleft code in commercial code è  Development costs to clear the situation è  Lawsuit è  reputation è  open your code !! è  pay damages è  Dev companies : your customer could be sued
  • 35. How to manage Open Source ?
  • 36. For developpers… •  Choose a distribution strategy from the start (commercial, permissive, copyleft…) •  and choose dependencies with a compatible license •  Ask your employer •  Before contributing to an open source project •  Before integrating OS in the company software !
  • 37. For developpers… •  Document your code with legal stuff •  Copyright and license header in each source file •  LICENSE and AUTHOR file •  Use a Version Control System (Git, SVN…) •  Test in branches •  Track who did what •  Use Fossology
  • 38. For companies… Setup an Open Source Policy !
  • 39. For companies : Open Source Policy •  OS licenses allowed, and not allowed •  Other criteria : maintenance, quality, security… •  Clear and rapid validation procedure •  Contributing to an open source project •  Inventory of dependencies •  Use tracking tools
  • 40. Jérémie Fays j.fays@uliege.be +32 4 349 85 21 www.linkedin.com/in/jeremiefays Need some advice ?