Just as lawyers are not typically expected to be to able to write lines of code that compile, most developers are not expected to know all the legal implications of using a cool component she/he found on Github and which solves a problem in her/his application.
While development teams are more or less familiar with the main principles of open-source software licensing, some license clauses may be written in a complex manner and are confusing to understand. This is where software intelligence comes into play to ease the understanding of OSS license terms, with intuituve license rulebooks.
CAN: what you are authorized to do with the licensed component
– Distribute the software to third parties
– Modify the software or combine with other works
– Sub-license the work or extend the license
– Make use of the work for a commercial purpose
– Use patent claims, i.e., patent rights from contributors
– Place additional warranty or services on the software
CANNOT: what you are not allowed to do with the licensed component
– Describes if the software owner can be charged for direct or indirect damages
– Allowance to use name, trademarks, or logo of the owner
– Sub-license the work or extend the license
MUST: what you must do when using the licensed component
– Original copyright and attributions must be retained
– Include the full text of the license
– Include a copy of the original software (or describe how to obtain it)
– Include a notice file and/or install instructions
– State any changes (or significant changes) made to the original
– Provide the source code when you distribute the software
Additional Properties of the license:
– For software related licensing (as opposed to data related licensing)
– Supported by a strong community (up-to-date website, FAQ, forum)
– OSI approved license (Open Source Initiative, https://opensource.org)
– FSF approved license (Free Software Foundation, https://www.fsf.org)
How to view license rulebooks in CAST Highlight
In CAST Highlight, license rulebooks are available for 120+ licenses and will continue to grow in the future. In the user interface, the rulebooks are available in the Software Composition (SCA) dashboards by clicking on a license. A modal opens with the entire license text, the corresponding color-coded rulebook items for the selected license as well as reference links about the license.
License rulebooks are available in the portfolio-level dashboards:
- Under the Components tab which lists all detected components and licenses at the portfolio level
- Under the Licenses tab
If you would like to have your own local copy of the CAST Highlight Open Source License Rulebook and Reference Guide, you can download a free copy here.
SHARE