Open source does not mean free! In order to accelerate our development, we will use open source software and source code; in order to avoid commercial risks, we need to understand third parties such as software agreements, versions, and known CVE risks when using it; this article is intended to be used from the open source software redistribution process Start from the perspective of permissions, summarize the similarities and differences of various common open source agreements, and facilitate understanding.
Most people hope that works can be shared and viewed by most people. This not only improves the visibility of your own industry, but also facilitates those in need to contribute to open source. But once the code is posted, anyone can see and get it, and you can't control what happens afterwards. So in order to share your code publicly and at the same time allow you to reserve certain rights to the code, it is very necessary to declare a license agreement in your work. There is a very important difference between bare code with and without agreement. Generally, those with no agreement declared are Copy right, that is, copyright reservation. This situation indicates that others do not have any authorization and must not copy, distribute, modify, use, etc. With the statement of the agreement, it will be much more convenient for your rights protection in the future, allowing your work to be shared while retaining some of your own rights.
License is a software authorization license, which details the rights you have after obtaining the code, what operations you can perform on other people's works, and what operations are prohibited.
Software agreements can be divided into open source and commercial• For commercial agreements, or legal declarations or license agreements, each software has its own set of language, written by the software author or specialized lawyer. Because it involves matters such as infringement and litigation in the future, the formulation of this commercial clause is very rigorous and exquisite, and it is very difficult to read.
• For open source agreements, it is important to know that open source does not mean free or unlimited. Although it is more concise than a commercial agreement, it is still like reading a book for many people.
Protocol listFirst of all, what are the public agreements:
https://opensource.org/licenses/alphabeTIcal
Common agreementThe six most popular types-GPL, BSD, MIT, Mozilla, Apache and LGPL.
Ukrainian programmer Paul Bagwell drew an analysis chart to explain how to choose. In just two minutes, you can figure out the biggest difference between the six licenses. The following is the Chinese translation of Ruan Yifeng:
The Apache License (Apache License) is a free software license issued by the Apache Software Foundation, originally written for the Apache http server. The Apache license requires the licensee to retain copyright and a statement of waiver of rights, but it is not an anti-copyright license. The latest version of this license is "Version 2", which was released in January 2004. The Apache license is widely used inside and outside the Apache community. All projects under the Apache Foundation use the Apache license, and many non-Apache Foundation projects also use the Apache license: According to statistics, as of April 2008, more than 3000 projects on sourceforge use the Apache license.
The Apache License Agreement, version 2.0, grants users a lot of rights. These rights can be used for copy rights, and can also be used for patent rights. Because many license agreements can only apply to copy rights, not patent rights, this flexibility has become a significant reference factor for patented developers when choosing a license agreement (to understand the difference between the two , Please refer to this article on How Stuff Works).
The following is a detailed description of what is allowed in the Apache license agreement:
• Power is forever.
Once authorized, the rights are never lost.
• Rights know no boundaries.
Being authorized in one country is the same as being authorized in all countries. For example, if you are in the United States, but the permission was originally granted in India, you can also use this authorized program.
• No payment and no compensation for authorization.
You neither need to pay any fees before use, nor do you need to pay any fees each time you use it, or other similar situations.
• Rights are not exclusive.
When using the software under this license agreement, it does not prevent you from using other software.
• The rights cannot be changed.
Once the right is granted, it cannot be taken away. In other words, when you use this software, you don’t need to worry about this situation: when you develop an enviable derivative product based on this licensed software, someone suddenly pops out and says to you, sorry, you Will no longer be allowed to use this app. (There is a clause in this agreement stating: if you sue others for patent infringement on the products under this license agreement, your authorization will be automatically terminated, but this is only applicable to patented works. As long as you do not You never need to worry about this kind of problem when engaging in litigation involving patented works.)
• There is also a special requirement for redistributed works. In general, the authors of these programs and the maintainers of the license agreement must be given a proper reputation.
MIT License AgreementThe MIT protocol should be the shortest and most widely used protocol among the popular open source protocols. Its terms are very lenient and more liberal than other agreements. The MIT protocol is currently the least restrictive protocol. It basically means that anyone can do anything with the software under this agreement, as long as you can approve this agreement. The most basic terms of this agreement (the informaTIon that it is provided without warranty, which comprises the final paragraph) are as follows:
It is hereby authorized that anyone can obtain a copy of this software and related documents (the Software) for free, and can use this software without restrictions, including unlimited rights to use, copy, modify, merge, publish, additional subordinate agreements, and / Or sell copies of the software. At the same time, in order for the software provider to have the right to do this, the following conditions must be observed:
The above copy right statement and license statement must be included in all copies of this software and the actual distribution part.
This means:
• You can use, copy and modify this software at will. No one can prevent you from using it in any project, you can copy it any number of times, in any form, or modify it as you wish.
• You can distribute or sell for free. You can distribute it freely, without any restrictions.
• The only restriction is that you must accept the terms of the agreement.
BSD license agreementThere are many branches of the BSD protocol. They all represent a loose free software protocol. Compared with other protocols, such as the GPL, they impose fewer restrictions on the spread of software.
Among the various versions of this protocol, two versions are particularly important: the new BSD protocol/revised BSD protocol and the simplified BSD protocol/FreeBSD protocol. Both of these two types of agreements implement GPL-compatible free software agreements, and are recognized as open source software agreements by Open Source IniTIaTIve.
The new BSD agreement (3-clause license) allows you to redistribute this software for any purpose without any restrictions. The only requirement is that you must retain the copy right statement and the software right waiver clause in the agreement. There is also a restriction on this type of agreement. All the signatures of previous donors of this work are not allowed to be used without permission. The main difference between the new BSD agreement and the simplified BSD agreement is that the latter removes the attribution clause.
The BSD open source agreement is an agreement that gives users a lot of freedom. Basically, users can "do whatever they want", use it freely, modify the source code, or redistribute the modified code as open source or proprietary software.
But the premise of "doing whatever you want" When you release code that uses the BSD protocol, or when you do secondary development of your own products based on the BSD protocol code, you need to meet three conditions:
• If the re-released product contains source code, the source code must contain the BSD protocol in the original code.
• If only the binary class library/software is re-released, the BSD protocol in the original code must be included in the class library/software documentation and copyright statement.
• Do not use the author/organization name of the open source code and the original product name for marketing purposes.
• BSD code encourages code sharing, but needs to respect the copyright of the code author. BSD allows users to modify and redistribute the code, and also allows the use or development of commercial software to be released and sold on the BSD code, so it is a very friendly agreement for business integration. Many companies and enterprises prefer the BSD protocol when choosing open source products, because they can completely control these third-party codes, and can modify or re-development when necessary.
GPL license agreement
The Linux that we are very familiar with uses the GPL. The GPL agreement is very different from BSD, Apache Licence and other licenses that encourage code reuse. The starting point of the GPL is the open source/free use of the code and the open source/free use of the reference/modification/derivative code, but the revised and derivative code is not allowed to be released and sold as closed source commercial software. This is why we can use all kinds of free Linux, including commercial companies' linux and various free software developed by individuals, organizations, and commercial software companies.
The main content of the GPL agreement is that as long as the product is used in a software ("use" refers to class library reference, modified code or derivative code) GPL agreement product, the software product must also adopt the GPL agreement, and it must be open source and free. . This is the so-called "infectiousness". The product under the GPL agreement can be used as a separate product without any problems, and you can also enjoy the advantage of free.
Since GPL strictly requires that software products that use GPL libraries must use GPL agreement, open source code using GPL agreement, commercial software or departments that require confidentiality of the code are not suitable for integration/adoption as the basis for class libraries and secondary development .
Other details such as the need to accompany the GPL agreement when re-released and similar to BSD/Apache.
LGPL license agreementLGPL is an open source agreement of GPL designed mainly for the use of class libraries. It is different from the GPL requirement that any software that uses/modifies/derives the GPL library must adopt the GPL agreement. LGPL allows commercial software to use LGPL class libraries through class library links without the need for open source commercial software codes. This makes the open source code using the LGPL agreement can be referenced, published and sold by commercial software as a class library.
However, if the code or derivative of the LGPL agreement is modified, all the modified code, the additional code involving the modification and the derivative code must adopt the LGPL agreement. Therefore, the open source code of the LGPL agreement is very suitable as a third-party class library to be cited by commercial software, but it is not suitable for commercial software that hopes to use the LGPL agreement code as the basis for secondary development through modification and derivation.
Both GPL/LGPL protect the intellectual property rights of the original author, and avoid anyone using open source code to copy and develop similar products.
MPL license agreementMPL is short for The Mozilla Public License. It is a software license designed by Netscape's Mozilla team for its open source software projects in early 1998. The most important reason for the emergence of the MPL license is that Netscape believes that the GPL license does not well balance the developers' demand for source code with the benefits they obtain from using the source code. Compared with the famous GPL license and BSD license, MPL is the same as them in many rights and obligations (because they are all open source software licenses recognized by OSIA).
However, in comparison, MPL has the following significant differences:
-Although MPL requires the modification of the source code released under the MPL license to be re-licensed in the form of an MPL license to ensure that other people can share the source code under the terms of the MPL. However, the definition of "release" in the MPL license is "documents released in source code", which means that MPL allows an enterprise to add an interface to its existing source code library, in addition to the source of the interface program In addition to the external license of the code in the form of an MPL license, the source code in the source code library can be compulsorily licensed externally without the MPL license. These leave a gap for the behavior of borrowing other people's source code to use for their own commercial software development.
-Article 3, paragraph 7 of the MPL license allows the licensee to mix the source code obtained through the MPL license with other types of code to obtain his own software program.
-The attitude towards software patents, MPL license does not express opposition to software patents like the GPL license, but it clearly requires the source code provider not to provide the source code protected by the patent (unless he is the patentee, and The source code is freely licensed to the public in writing), and it is not possible to apply for patents related to the source code after the source code is licensed in the form of an open source license.
Definition of source code• In the MPL (version 1.1) license, the definition of source code is: "Source code refers to the most preferred form of modification to the work, which includes: all source programs of all modules, plus relevant The definition of the interface, plus the'original' (original'Script') that controls the installation and compilation of executable works, or source code that is not significantly different from the original source code, or is available from the public domain selected by the source code contributor Program code."
• Article 3 of the MPL License has a special provision on the description of source code modification, which requires all republishers to have a special document describing the time and method of source code program modification .
summary• The legal difference between GPL agreement, LGPL agreement and BSD agreement.
In short, the GPL agreement is an open source agreement. After the initial developer of the software uses the GPL agreement and discloses the source program of the software, the subsequent developers using the source program of the software should also write their own source code according to the GPL agreement. The program is made public. The key to the GPL agreement is to open source programs, but it does not exclude software authors from charging users. Even so, many large companies still love and hate the GPL agreement. What I love is that the software under this agreement has undergone numerous modifications by many programmers and has been very mature and perfect. What I hate is that they must open their follow-up source programs, leading to competition. Opponents can also develop competitive products based on their modified source programs.
Because large companies have commercial concerns about the GPL agreement, the other two agreements are more commonly used. The first is the LGPL (also known as GPL V2) agreement, which can be translated into a more relaxed GPL agreement. The difference from the GPL agreement is that if the latter only calls the program of the LGPL software library instead of including its source code, the related source program does not need to be open source. The difference between calling and including is similar to quoting the content of other people's webpages on Internet pages: if you copy all or part of other people's content to your own webpage, it is similar to including, if you only paste a URL link of another person's webpage without quoting the content , Is similar to calling. With this agreement, many large companies can hide a lot of their source programs for subsequent development.
The second is the BSD protocol (the MIT protocol is similar). The BSD agreement encourages software authors to disclose the source code of their subsequent development, but does not force it. For software developed under the BSD agreement, the original source program is open source, but after the user has modified it, he can choose to release the source program or binary program (ie the target program). Of course, the user is obliged to use the original The source program and BSD agreement are released together when the software is released. Because of its flexibility, BSD is popular with large companies.
3U Splice Panel,3U Panel,3U Splice Panel Adapter,3U Splice Panel Bracket
Huizhou Fibercan Industrial Co.Ltd , https://www.fibercannetworks.com