Understanding Open Source Licenses

Publish on: Classify at:
Words: 362 Read:≈ 2min
Summary
This post explores the various types of open source licenses, highlighting their core requirements, use cases, and key differences. It provides a quick selection guide to help readers choose the most suitable license for their projects, emphasizing the importance of understanding the freedom spectrum, patent handling, and compatibility of each license type.
flowchart TD A["Need a License?"] --> B{"Want derivatives\nto stay open?"} B -->|Yes| C{"Network/Cloud\nservice?"} B -->|No| D{"Need patent\nprotection?"} C -->|Yes| E["AGPL"] C -->|No| F{"Library or\nApplication?"} F -->|Library| G["LGPL"] F -->|App| H["GPL"] D -->|Yes| I["Apache 2.0"] D -->|No| J["MIT"]

Types of Open Source Licenses

Open source licenses can be broadly categorized into two main types:

  1. Copyleft Licenses (e.g., GPL)

    • Requires derivative works to remain open source
    • Enforces “share-alike” principle
    • Examples: GNU GPL, LGPL, AGPL
    • Ensures software freedom propagates

  2. Permissive Licenses (e.g., MIT, BSD, Apache)

    • Allows derivative works to be either open or closed source
    • Minimal restrictions on code reuse
    • Popular in commercial projects
    • Maximizes adoption flexibility
pie title Share of open-source licenses
         "Apache" : 11.1
         "BSD" : 22.2
         "GPL Style" : 66.7

Major Open Source Licenses

LicenseCore RequirementsUse CasesExample Projects
MITRetain copyright noticePersonal/commercial projectsReact, Node.js
Apache 2.0Retain copyright + patent notices; document changesEnterprise projects, patent protectionAndroid, Kubernetes
GPL-3.0Derivative works must be open sourceEnforce community contributionsLinux kernel (GPL-2.0)
LGPLAllows dynamic linking with closed-source codeLibraries + closed-source integrationGNU C Library
BSD 3-ClauseRetain copyright + no endorsement by authorsAcademic/lightweight projectsNginx (early versions)
MPL 2.0File-level open source; allows closed-source mixingBalance commercial and open-sourceFirefox, Rust
AGPLRequires open-sourcing network service codeCloud/SaaS applicationsMongoDB (early versions)

Key Differences

  1. Freedom Spectrum

    MIT ≈ Apache 2.0 > BSD > MPL > LGPL > GPL > AGPL

    (Increasing restrictions from left to right)

  2. Patent Handling

  • Apache 2.0: Explicit patent grants and litigation protection.
  • MIT/BSD/GPL: No explicit patent clauses; potential risks.
  1. Compatibility
    • GPL Family: “Infectious” license; incompatible with many others (e.g., GPL code cannot be used in MIT projects).
    • MIT/Apache: Freely combinable with other licenses.

Quick Selection Guide

  1. Maximize flexibility → Choose MIT (personal) or Apache 2.0 (enterprise).
  2. Enforce open-source derivatives → Use GPL (strict) or MPL (flexible).
  3. Avoid AGPL for cloud services unless willing to open-source service code.

It is recommended that you use the Choose a License tool to further match requirements.

Official Resources

ResourceDescription
Choose a License GitHub’s license picker
OSI Approved Licenses Official list of approved licenses
SPDX License List Standardized license identifiers
TLDRLegal Plain-English license summaries