Choosing a distribution license for the software you publish on GitHub can seem confusing at first. After all, there are quite literally hundreds of licenses to choose from, all of which are suitable for different purposes and grant users of your code unique rights.
For first-time code publishers, it can seem safer to release your code without an open-source license at all, but doing so can come back to haunt you if someone chooses to use your work for anything you wouldn't authorize. Applying an open-source license to each of your code releases is an effective strategy for mitigating such risks. But, first, you should learn what kinds of licenses exist and when they are appropriate to use. Below, we’ve put together a comparison of open source licenses to get you started.
Permissive open source licenses
Open source, permissive, free software licenses are known to grant developers the most creative and commercial freedom in making use of a given repository or third-party code of any kind. By using these types of licenses, you’re effectively making it clear to other developers that they can use your work freely and with minimal commercial impediments should they choose to monetize something they make with it.
Open source licenses can be a powerful incentive for other developers to adopt portions of your codebase in their own projects and, therefore, be used to improve the reach of your project significantly. The caveat to such licenses is, of course, that they make it less likely that you’ll be able to profit from your code alone directly. Other developers are under no obligation to compensate you for your hard work in crafting it and may only be required to attribute code pulled from your project to you before using it for whatever purpose they have in mind. However, the exact requirements on their part depend on the type of license chosen.
The following open-source licenses are used by many different developers and are well-suited to those looking to allow others to use their work for free.
The Apache License 2.0
This license gives developers patent rights for derivatives of your project's code and does not limit how they may distribute such creations. To adhere to this type of license, developers need only maintain your copyright and license notice while abstaining from leveraging any trademarks, names, etc., of yourself or any of your project's contributors.
This is the license we actually chose for Mergify's engine.
The MIT License
This license is both brief and straightforward, protecting you from all liability if malicious third parties use your code.
Unlike the Apache License, this option does not explicitly grant patent rights, nor does it establish any ground rules for how your name, trademarks, or reputation should be treated by those who make use of your codebase.
The BSD License
This license type comes in many different forms as there are multiple variants to choose from. Two particularly significant versions of the BSD license are the BSD Zero Clause License and the BSD 3-Clause License.
These are both highly permissive licenses to use and can ensure other developers will feel comfortable using your code without having to fork over any proceeds if they begin monetizing their own work. The BSD 3-Clause License covers limitations on how redistributions of your source code must be presented. Specifically, other developers are not allowed to promote their creations using your name or those of your contributors, nor are they permitted to remove the license from their own source code, even in binary form. These are both highly permissive licenses to use and can ensure other developers will feel comfortable using your code without having to fork over any proceeds if they begin monetizing their own work.
As for the BSD Zero Clause License, it allows developers to do whatever they please with the code you’ve produced. No attribution or fee of any kind is required, nor do developers need to keep the license disclaimer in their own source code.
Copyleft licenses differ in purpose from permissive open source licenses. Whereas permissive licenses leverage copyright law to protect the original authors of a project's code, copyleft licenses are specifically intended to grant and preserve the creative freedoms of those who use said code. This means that identical freedoms to what were offered in the original license must usually be granted for derivatives of a licensed project. The inherent reciprocity of a copyleft license makes it an excellent choice for projects you intend to make permanently free for others to use. However, it may be an unacceptable choice for other for-profit organizations to accept when considering adopting your code.
GNU developed this well-known copyleft license to reinforce the project's goals of providing free software for everyone to enjoy. Since the original GNU General Public License (GPL) was devised, it has undergone several improvements to reach its currently most widespread form: GNU GPLv3. This third version exceeds its predecessors by including precautions against "tivoization" (companies using GPL code on their hardware while restricting users from accessing or modifying it), digital restrictions management (DRM) legislation, and discriminatory patents.
Choosing the right license matters
Your chosen license is the only thing that can protect you from liability once other people begin using your code.
GitHub offers an excellent service to choose an open-source license by answering a few questions. Try it out!