On the Variability of the BSD and MIT Licenses

Maryka, Trevor; Germán, Daniel M.; Poo-Caamaño, Germán

doi:10.1007/978-3-319-17837-0_14

Cited by 6 publications

(2 citation statements)

References 6 publications

(11 reference statements)

Supporting

Mentioning

Contrasting

Order By: Relevance

“…The next most common pairs are "Apache-2.0 & MIT" and "Apache-2.0 & BSD-3". Interestingly, these three licenses (MIT, Apache-2.0, and BSD-3) are essential ones because they allow derivative works with very few restrictions (even with different terms or licenses), as long as the necessary credit is given to the original work (Maryka et al, 2015). In particular, the Apache-2.0 license is a derivative of the BSD license and is also similar to the MIT license (Kechagia et al, 2010).…”

Section: Pairs Of Software Licensesmentioning

confidence: 99%

From One to Hundreds: Multi-Licensing in the JavaScript Ecosystem

Moraes¹,

Polato²,

Wiese³

et al. 2020

Preprint

View full text Add to dashboard Cite

Open source licenses create a legal framework that plays a crucial role in the widespread adoption of open source projects. Without a license, any source code available on the internet could not be openly (re)distributed. Although recent studies provide evidence that most popular open source projects have a license, developers might lack confidence or expertise when they need to combine software licenses, leading to a mistaken project license unification. This license usage is challenged by the high degree of reuse that occurs in the heart of modern software development practices, in which third-party libraries and frameworks are easily and quickly integrated into a software codebase. This scenario creates what we call "multi-licensed" projects, which happens when one project has components that are licensed under more than one license. Although these components exist at the file-level, they naturally impact licensing decisions at the project-level.In this paper, we conducted a mix-method study to shed some light on these questions. We started by parsing 1,426,263 (source code and non-source code) files available on 1,552 JavaScript projects, looking for license information. Among these projects, we observed that 947 projects (61%) employ more than one license. On average, there are 4.7 licenses per studied project (max: 256). Among the reasons for multi-licensing is to incorporate the source code of third-party libraries into the project's codebase. When doing so, we ob-

show abstract

Section: Pairs Of Software Licensesmentioning

confidence: 99%

From One to Hundreds: Multi-Licensing in the JavaScript Ecosystem

Moraes¹,

Polato²,

Wiese³

et al. 2020

Preprint

View full text Add to dashboard Cite

show abstract

“…These real-world needs have motivated over the years several empirical software engineering (ESE) studies on the evolution of open source licensing [4,15,32], on the emergence of open source license variants and exceptions [16,33], as well as the development of industry-strength tools to automatically detect and classify (FOSS) licenses [10,16,21].…”

mentioning

confidence: 99%

A Large-scale Dataset of (Open Source) License Text Variants

Zacchiroli

2022

Preprint

View full text Add to dashboard Cite

We introduce a large-scale dataset of the complete texts of free/open source software (FOSS) license variants. To assemble it we have collected from the Software Heritage archive-the largest publicly available archive of FOSS source code with accompanying development history-all versions of files whose names are commonly used to convey licensing terms to software users and developers.The dataset consists of 6.5 million unique license files that can be used to conduct empirical studies on open source licensing, training of automated license classifiers, natural language processing (NLP) analyses of legal texts, as well as historical and phylogenetic studies on FOSS licensing.Additional metadata about shipped license files are also provided, making the dataset ready to use in various contexts; they include: file length measures, detected MIME type, detected SPDX license (using ScanCode), example origin (e.g., GitHub repository), oldest public commit in which the license appeared.The dataset is released as open data as an archive file containing all deduplicated license files, plus several portable CSV files for metadata, referencing files via cryptographic checksums.

show abstract