
Ask HN: What open source licenses do you prefer (and why)? - SamWhited
I&#x27;d be curious to know what open source license individuals and companies prefer and why including both what licenses you release your own projects under, and what licenses you allow to be pulled in as dependencies, tools that get redistributed with your projects, etc.<p>Most companies I&#x27;ve been at prefer releasing software under the Apache 2.0 license and my limited understanding is that it&#x27;s purely because of the explicit patent grant. They also all avoid GPL because they&#x27;re worried that some developer will make a change, not tell anyone, and it won&#x27;t get contributed back.<p>I&#x27;ve always personally preferred to use a BSD 2-Clause (or BSD 2-Clause+Patents) license on my own projects, but that&#x27;s just habit because it&#x27;s short and used by other projects I&#x27;ve contributed to and not something I particular know enough to care about.
======
tty89
With my limited knowledge, I prefer GPLv3 for most of the stuff I write. This
is mostly because I would expect anyone enhancing the code to give it back.

I would not release something that I write with Apache or BSD. These are "do
whatever you want" licenses and might bite back. The whole Redis + Commons
Clause debacle(if I can call it that) happened because Cloud providers wrap
Redis in their services and charge for that without providing anything back to
Redis. This is the "do whatever you want" part of these licenses.

I have doubt if anything that I make will be so successful, but in case it is,
I would either want to earn by it by keeping it closed source, try some other
way to earn by keeping it FOSS, but surely would not want only the big
corporations to earn through it.

Last point to cover my ass. I understand that the Apache/BSD are pragmatic
licenses and probably the main reasons why Open Source has turned even
companies like MS to consider opening up their stuff. Only GPL wouldn't have
done that. But somehow as a user I would prefer the latter.

------
bowlich
Personal solo side projects that I'm just hacking on, I use MIT mostly because
it seems simple. If someone wants to use or fork my software, I don't really
care how or what they're doing with it.

None of my projects address significant enough space that I would figure
they're being incorporated into anything of business value anyways.

If I have a GPL dependency, then I license it GPL. I would probably use GPL or
Apache if I ever was working on a project that I actually thought would
provide business value to someone or was going to grow any kind of community
around it besides me.

I'd like attribution just because that seems nice, but I don't have the time
or desire to figure out or enforce something like GPL.

~~~
SamWhited
Thanks! I tend to agree with this reasoning and it's why I chose BSD (which is
basically the same thing except it has a bulleted list of its requirements,
which I liked). Is there a version of MIT+Patents or ISC+Patents or similar I
wonder?

------
orangeshark
For my own personal projects I use the GPLv3+ because I want to protect the
four freedoms[0] for users of my software. If I want something more permissive
I would use the LGPLv3+ but I might start to move away from that and just use
the GPL. For work, I have never been involved in deciding what dependencies we
will use for projects, so not really sure what the companies have preferred.

[0] [https://www.gnu.org/philosophy/free-
sw.html](https://www.gnu.org/philosophy/free-sw.html)

------
miguelrochefort
Zero-Clause BSD (0BSD) aka Free Public License 1.0.0

[https://opensource.org/licenses/0BSD](https://opensource.org/licenses/0BSD)

-

Permission to use, copy, modify, and/or distribute this software for any
purpose with or without fee is hereby granted.

THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES WITH
REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY
AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY SPECIAL, DIRECT,
INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM
LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE OR
OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
PERFORMANCE OF THIS SOFTWARE.

-

I will never use a less permissive license. I think it's irresponsible to put
any restriction (including attribution) on how all of current and future
humans and machines can use information.

~~~
SamWhited
The problem is that by using this you probably _are_ putting restrictions on
people. Lots of places don't have a concept of public domain, so this license
is unenforceable in many jurisdictions and your software defaults to being
copyrighted with no license.

Disclaimer: not a lawyer, this is just what company lawyers have told me in
the past.

~~~
miguelrochefort
I carefully picked a license that doesn't use public domain and is enforceable
everywhere, unlike WTFPL, CC0 and Unlicense.

------
kayamon
I usually use [http://unlicense.org](http://unlicense.org). TBH I think if
you’re giving code away and expecting people to be actually able to make use
of it, it’s morally indefensible to be using anything other than a zero-
condition giveaway license.

GPL is also acceptable for stand-alone programs if you want to enforce
openness, but never for libraries.

As for what companies prefer, MIT, zlib, or BSD should be fine. Most companies
won’t touch GPL with a ten-foot pole.

~~~
SamWhited
As mentioned in another thread, it is my not-a-lawyer understanding that
unlicense and similar aren't enforceable in many jurisdictions, so you end up
having it be unlicensed and unusable in many places.

------
z0mbie42
Hi,

First I want to make it clear that my preferred licenses are 'by default of
better'. That mean, regarding the news (re licensing of famous open source
projects) we clearly lack of License for real world use case (With cloud
providers abusing open sources projects and being unfair to companies behind
them.

\- Apache 2.0 (or an 'official' CCL) for libraries or small projects because
it's simplicity and protection

\- AGPLv3.0 (or an 'official' SSPL) for large projects, or project I would
like to sell as a service.

The ideal would be to 'make official' Confluent Community License (Apache 2.0
minus SaaS) and Server Side Public License (AGPLv3.0 minus SaaS) to protect
the ecosystem and fund the open source actors.

I think those 'hybrid' licenses are a great move toward open source and free
software sustainability and hope we will see some 'official' Licenses soon.

