{"id":40566,"date":"2022-06-10T22:28:00","date_gmt":"2022-06-10T20:28:00","guid":{"rendered":"https:\/\/zuniclaw.com\/don-t-skip-this-checklist-if-your-employees-use-open-source-code\/"},"modified":"2025-05-12T13:58:49","modified_gmt":"2025-05-12T11:58:49","slug":"open-source-code","status":"publish","type":"post","link":"https:\/\/zuniclaw.com\/en\/open-source-code\/","title":{"rendered":"Checklist If Your Employees Use Open-Source Code!"},"content":{"rendered":"\t\t<div data-elementor-type=\"wp-post\" data-elementor-id=\"40566\" class=\"elementor elementor-40566 elementor-33223\" data-elementor-post-type=\"post\">\n\t\t\t\t<div class=\"elementor-element elementor-element-5262da90 e-flex e-con-boxed e-con e-parent\" data-id=\"5262da90\" data-element_type=\"container\" data-e-type=\"container\">\n\t\t\t\t\t<div class=\"e-con-inner\">\n\t\t<div class=\"elementor-element elementor-element-2f7ebac e-con-full e-flex e-con e-child\" data-id=\"2f7ebac\" data-element_type=\"container\" data-e-type=\"container\">\n\t\t\t\t<div class=\"elementor-element elementor-element-3efe1b3 elementor-widget elementor-widget-text-editor\" data-id=\"3efe1b3\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t\t\t<blockquote><p><em>\u201cI am a lazy person, which is why I like open-source, for other people to do work for me.\u201d<\/em><\/p><\/blockquote><p style=\"text-align: right;\">Linus Torvalds<\/p>\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-5622fe5a elementor-widget elementor-widget-text-editor\" data-id=\"5622fe5a\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t\t\t<section class=\"av_textblock_section av-27b56fx-683079c2146446764f242d8086f7513a\"><div class=\"avia_textblock\"><p>Never mind if you are just lazy or want to focus on creating innovations by the use of already established shortcuts, open-source libraries usually speed up and facilitate the development of software products in the day-to-day work of developers (ranging from, e.g. image processing library, data filtering library, big data analysis, full-stack frameworks to machine learning). Millions of open-source code components are downloaded every year off the Internet to help modern software development. Hence, there is no doubt that the open-source ecosystem has far removed from the group of enthusiasts who are struggling against the predatory restrictions of commercial software, and for many, it became mainstream. The best proof of this is the fact that some of today\u2019s most used technologies are based on open-source code (IoT, Healthcare, AI, Android).<\/p><p>However, the fact that open-source software (hereinafter: OSS) is free does not mean that its use may not cost you a certain price. In fact, if you use an open-source library against their license, there is a chance you might eventually have to pay, as \u201cthere\u2019s no such thing as a free lunch\u201d.<\/p><p>Okay, let\u2019s start from the beginning, so we could get to the directions that should be certainly taken into account.<\/p><\/div><\/section><div class=\"av-special-heading av-l4cu0ul8-fc4d3d78174712c0e4dd8e6b36a6b6c3 av-special-heading-h2 custom-color-heading blockquote modern-quote avia-builder-el-13 el_after_av_textblock el_before_av_textblock \"><h2>\u00a0<\/h2><h2 class=\"av-special-heading-tag\">The Difference Between Proprietary and OSS Licenses<\/h2><\/div><section class=\"av_textblock_section av-23t1kil-622c04bfa2ce4edc25afd36ee5898150\"><div class=\"avia_textblock\"><p>\u00a0<\/p><p>The software, which represents the \u201cauthor\u2019s original creation\u201d, is <a href=\"https:\/\/zuniclaw.com\/en\/legal-protection-of-software\/\">protected by copyright<\/a>. The author or copyright holder decides who has the right to install and copy a computer program, has the right to use or sell it, publicly communicate, modify and improve it. Essentially, commercial software (software for commercial use such as sales) can be both proprietary software and OSS. However, the differences between them are crucial.<\/p><p>When it comes to the proprietary software, licenses buy certain rights, that is, licenses define exactly what the user is restricted from doing and allowed to do with the software. First of all, the license should specify the answer to which code the user has access to \u2013 whether they have access only to the object code or have access to the source code as well. The rule is that the user can always access the machine code, while the access to the source code must be specially negotiated and not characteristic for, e.g., SaaS (Software As a Service) or for programs that are widely used and can be customized by users (e.g., Microsoft Office). In addition, <a href=\"https:\/\/zuniclaw.com\/en\/illegal-use-of-software\/\">the license agreement defines<\/a> where can the users install the software, how many times can they install it, and whether they can copy it, modify and distribute it.<\/p><p><strong>In short, the commercial software license starts with restrictions and then explicitly lists exceptions of what can be done with such software.<\/strong><\/p><p>A typical example of proprietary software is Microsoft, which involves the purchase of several additional software licenses, such as Microsoft Windows operating system, IIS web server, Microsoft SQL Server database, and ASP.NET programming language.<\/p><p>With open-source software, <a href=\"https:\/\/zuniclaw.com\/en\/intellectual-property\/\">copyright<\/a> is turned \u201cupside-down\u201d.<\/p><p><img fetchpriority=\"high\" decoding=\"async\" class=\"alignnone wp-image-59620 size-full\" src=\"https:\/\/zuniclaw.com\/wp-content\/uploads\/2024\/09\/copyleft-40848_1280-261x300-1-1.png\" alt=\"\" width=\"261\" height=\"300\" \/><\/p><\/div><\/section><section class=\"av_textblock_section av-203q6ql-4b457e2496b677b51aa98c51c1034992\"><div class=\"avia_textblock\"><p>While licenses list what is allowed within them, the OSS licenses only list restrictions meaning that the starting point is the fact that the user has a whole range of rights, and only the conditions under which these rights can be exercised are precisely defined. The following four criteria are the basis of <a href=\"https:\/\/opensource.org\/osd-annotated\" target=\"_blank\" rel=\"noopener\">open source definition<\/a>:<\/p><ul><li>The freedom to use the source code<\/li><li>The freedom to study the source code<\/li><li>The freedom to modify and improve the source code<\/li><li>The freedom to distribute the source code (infers copying)<\/li><\/ul><p>\u00a0<\/p><p>Therefore, the OSS license guarantees these freedoms without any compensation to the author\u2013owner of the code. Also, unlike the proprietary license, the OSS license automatically implies access to the source code.<\/p><p>Typical examples of a combination of OSS technologies are the Linux operating system, Apache Web server, MySQL database, and PHP programming language.<\/p><p>Nevertheless, however great the fact that such technologies can be obtained for free, there are a number of different licenses in the open-source world, and therefore a certain number of restrictions that you need to be aware of. The key is to understand the differences between the licenses.<\/p><\/div><\/section><div class=\"av-special-heading av-l4cu4qp8-cad56d361085b5c63d73e6a500485f49 av-special-heading-h2 custom-color-heading blockquote modern-quote avia-builder-el-17 el_after_av_textblock el_before_av_textblock \"><h2>\u00a0<\/h2><h2 class=\"av-special-heading-tag\">What Types of OSS Licenses Exist?<\/h2><\/div><section class=\"av_textblock_section av-6u12el-402f1a0129a99895148e36ed25211844\"><div class=\"avia_textblock\"><p>\u00a0<\/p><p>Every OSS license has certain requirements for both the use of open-source code and its modification. The \u201c<a href=\"https:\/\/opensource.org\/\" target=\"_blank\" rel=\"noopener\">Open-Source Initiative<\/a>\u201d organization contains a list of OSS licenses, which must go through the approval process, as they must comply with all open-source definition requirements. There are over 70 OSS licenses, but the 10 most popular ones are applied in 90% of cases.<\/p><p>If we would simplify the explanation of the OSS licenses as much as possible, the rough division would be to:<\/p><ul><li>Restrictive or prohibitive (copyleft) licenses<\/li><li>Permitting or permissive (non-copyleft) licenses<\/li><\/ul><p>\u00a0<\/p><p>Restrictive or copyleft licenses guarantee all users the aforementioned four freedoms free of charge, provided that this open-source code or any program that is created using this open-source code guarantees the same terms to its users. In other words, if OSS is protected by a restrictive license, you cannot restrict further users from using that code or its modifications. The four freedoms are forever embedded in this open-source code.<\/p><p>The substance of restrictive licenses is that the source code is publicly available, so that other developers can study, modify, and improve it, and that such improved software remains free and accessible to the entire world and future developers with the same goals. If there was no copyleft, or if there were no restrictions to such software being commercialized, the derivatives of this software would become very quickly unavailable to everyone, and users of these derivatives would have no more an option to use such a code freely, to copy, distribute, modify and improve it The intention is for a restrictive license to motivate developers who are not exclusively profit-oriented, to promote various software solutions. Certain important programs (for example, the GNU C ++ compiler) were created exclusively thanks to them.<\/p><p>The most famous restrictive license is the GNU General Public License (GNU GPL or just GPL) compiled by Richard Stallman. For example, Linux operating systems are based on GPL licenses. Furthermore, if you were to write the code and publish it under the GNU GPL license, another developer who modifies your code and wants to distribute it would have to do it solely under the GNU GPL license. In other words, both the original and the new code must be open-source. Otherwise, another developer may violate your copyright.<\/p><p>On the other hand, permissive open-source licenses provide software users with the unlimited freedom to use, study, and modify software, and contain minimum redistribution requirements for this software. If the OSS you use is under the permissive license, you can also use the source code as part of the closed-source software, or software protected with a proprietary software license.<\/p><p>One of the most popular permissive licenses are BSD, MIT, and Apache. For instance, the known software packages that use one of the MIT license versions include Expat, Ruby on Rails, Node.js, jQuery, etc.<\/p><\/div><\/section><div class=\"avia-image-container av-1vknk59-89d2ef790bcb45885996b5bde43a3c92 av-styling- avia-align-center avia-builder-el-19 el_after_av_textblock el_before_av_textblock \"><div class=\"avia-image-container-inner\"><div class=\"avia-image-overlay-wrap\"><img decoding=\"async\" class=\"wp-image-5312 avia-img-lazy-loading-not-5312 avia_image \" src=\"https:\/\/zuniclaw.com\/wp-content\/uploads\/2017\/11\/Top-Open-Source-Licenses-2.png\" sizes=\"(max-width: 1226px) 100vw, 1226px\" srcset=\"https:\/\/zuniclaw.com\/wp-content\/uploads\/2017\/11\/Top-Open-Source-Licenses-2.png 1226w, https:\/\/zuniclaw.com\/wp-content\/uploads\/2017\/11\/Top-Open-Source-Licenses-2-300x159.png 300w, https:\/\/zuniclaw.com\/wp-content\/uploads\/2017\/11\/Top-Open-Source-Licenses-2-1030x545.png 1030w, https:\/\/zuniclaw.com\/wp-content\/uploads\/2017\/11\/Top-Open-Source-Licenses-2-768x407.png 768w, https:\/\/zuniclaw.com\/wp-content\/uploads\/2017\/11\/Top-Open-Source-Licenses-2-710x375.png 710w, https:\/\/zuniclaw.com\/wp-content\/uploads\/2017\/11\/Top-Open-Source-Licenses-2-705x373.png 705w\" alt=\"\" width=\"1226\" height=\"649\" \/><\/div><\/div><\/div><section class=\"av_textblock_section av-1t50jwd-e843ffec353017715fdc5514111e2ab6\"><div class=\"avia_textblock\"><p>However, bear in mind that this division is not black and white. Some licenses are between restrictive and permissive. For example, the GNU Lesser General Public License is in its essence restrictive (like GPL), but allows for the open-source code under this license to be related to proprietary software, which would otherwise not be allowed under the GPL license. Since LGPL is mostly used for libraries, it\u2019s possible that your code contains open-source libraries, without it becoming open-source itself.<\/p><p>However, keep in mind that this does not apply to the change of the library. If its new version exists, it must be published as open-source.<\/p><p><strong>However, the most important for you is to always read the license when using OSS. <\/strong>Additionally, regardless of whether it is a restrictive or a permissive license, both such licenses may have their requirements which you must comply with. For example, the license requires a liability limitation to be entered, or to specify the name of the author to describe changes in the code before its further distribution, and the like.<\/p><p>For comparison purposes, GPL, LGPL, Apache, and BSD require the introduction of liability limitation, while GPL, LGPL, and Apache require code changes to be described prior to its further distribution, which is not the case with BSD.<\/p><\/div><\/section><div class=\"av-special-heading av-l4cu71ut-693103adf565497af4a28b8bbce23703 av-special-heading-h2 custom-color-heading blockquote modern-quote avia-builder-el-21 el_after_av_textblock el_before_av_textblock \"><h2>\u00a0<\/h2><h2 class=\"av-special-heading-tag\">Which Licenses Could Cause Problems?<\/h2><\/div><section class=\"av_textblock_section av-69fwb1-ce3a7204ac702dd9ab27a00d0a2a9c91\"><div class=\"avia_textblock\"><p>\u00a0<\/p><p>Essentially, each developer must pay attention both when using and modifying OSS, as well as when publishing the code under the OSS license. Bearing in mind that someone can sue you only for you not complying with open-source licenses and, in this case, the court could determine that there has been a copyright infringement, each license might potentially be problematic.<\/p><p>However, for this article, we will focus on a problem that may arise when combining OSS with proprietary software. Specifically, when you write your own code, if you use open-source code or open-source libraries that are protected by a restrictive license, your software may not be proprietary, but will become OSS.<\/p><p>In other words, an OSS restrictive license can \u201cinfect\u201d your code.<\/p><\/div><\/section><div class=\"av-special-heading av-4gj07x-10909a6c05c87028a9e25560a4674a3e av-special-heading-h2 custom-color-heading blockquote modern-quote avia-builder-el-23 el_after_av_textblock el_before_av_textblock \"><h2>\u00a0<\/h2><h2 class=\"av-special-heading-tag\">When Is Your Code Infected With an OSS License?<\/h2><\/div><section class=\"av_textblock_section av-1moccot-d58047f7b03f5e8d4945a4ce6c04076d\"><div class=\"avia_textblock\"><p>\u00a0<\/p><p>To know whether your code has been infected, you have to analyze how OSS and your code are linked. In about 80% of cases, the answer will be obvious, and in 20% this issue will be more complex. Hence, this is a technical matter and it would require that your development team is working with your <a href=\"https:\/\/zuniclaw.com\/en\/akz\/tijana-zunic-maric\/\">legal team<\/a>.<\/p><p>Hence, after identifying parts of OSS in your software, including identifying restrictive licenses that are accordingly applied, this is the first question you should ask:<\/p><ul><li>Are the OSS sequences embedded in your code? If the answer is yes: your code has been infected with an OSS license.<\/li><\/ul><p>\u00a0<\/p><p>If the answer is negative, you should ask yourself these follow-up questions:<\/p><ul><li>Is the link between the OSS sequences and your code\u2019s sequences static? If the answer is yes: your code has been infected with an OSS license.<\/li><li>Is the link between the OSS sequences and your code\u2019s sequences dynamic? If yes, the final answer depends on the particular case, but the chances are that your code has not been infected.<\/li><\/ul><p>\u00a0<\/p><\/div><\/section><div class=\"avia-image-container av-5qf3j1-dc32dd8879eff8a24c0969d085010d3d av-styling- avia-align-center avia-builder-el-25 el_after_av_textblock el_before_av_textblock \"><div class=\"avia-image-container-inner\"><div class=\"avia-image-overlay-wrap\"><img decoding=\"async\" class=\"wp-image-30265 avia-img-lazy-loading-not-30265 avia_image \" src=\"https:\/\/zuniclaw.com\/wp-content\/uploads\/2018\/04\/OPEN-SOURCE-CODE.jpg\" sizes=\"(max-width: 1030px) 100vw, 1030px\" srcset=\"https:\/\/zuniclaw.com\/wp-content\/uploads\/2018\/04\/OPEN-SOURCE-CODE.jpg 1030w, https:\/\/zuniclaw.com\/wp-content\/uploads\/2018\/04\/OPEN-SOURCE-CODE-300x169.jpg 300w, https:\/\/zuniclaw.com\/wp-content\/uploads\/2018\/04\/OPEN-SOURCE-CODE-768x432.jpg 768w, https:\/\/zuniclaw.com\/wp-content\/uploads\/2018\/04\/OPEN-SOURCE-CODE-705x397.jpg 705w, https:\/\/zuniclaw.com\/wp-content\/uploads\/2018\/04\/OPEN-SOURCE-CODE.jpg 1280w\" alt=\"\" width=\"1030\" height=\"579\" \/><\/div><\/div><\/div><section class=\"av_textblock_section av-1jva8gt-563f73894664c0fb1f11f8b7423a7cc5\"><div class=\"avia_textblock\"><p>\u00a0<\/p><p>Please note that, if the purpose of the software that you are developing is exclusively internal, you are not at risk of violating open-source licenses. You are only in danger should you wish to further distribute the software as proprietary to your customers\/users, in which case, the aforementioned analysis should be crucial for you.<\/p><\/div><\/section><div class=\"av-special-heading av-20dcod-30a8da16fae8dbc2c5ed506c6e65ca79 av-special-heading-h2 custom-color-heading blockquote modern-quote avia-builder-el-27 el_after_av_textblock el_before_av_textblock \"><h2>\u00a0<\/h2><h2 class=\"av-special-heading-tag\">To-Do-List for Using OSS<\/h2><p>\u00a0<\/p><\/div><section class=\"av_textblock_section av-1g3h1nx-821507f10703a7afdb6365268eb59693\"><div class=\"avia_textblock\"><p>In order to be sure that you do are not violating the OSS license, and that no one can surprise you one day with a lawsuit for copyright infringement, make sure that you can answer all of the following questions affirmatively:<\/p><ul><li>Prior to using OSS, has each developer read the license and complied with its requirements?<\/li><li>Are there procedures for using OSS in the company\/organization? Is there a person who is responsible for complying with these procedures? Are all levels of our organization familiar with the procedures?<\/li><li>Is there a list of all the OSS and commercial libraries that are being used? How often is this list updated?<\/li><li>Are open-source sequences of the code published in accordance with the OSS license requirements?<\/li><li>Do we send the necessary licenses and notification files as required in the open-source libraries that we use?<\/li><\/ul><p>\u00a0<\/p><p>In addition, there are automated solutions for identifying OSS sequences in your code, which can significantly save you time and reduce the risk while using OSS.<\/p><p>Although weaknesses of OSS are not the subject of this text, one should bear in mind that certain studies claim that in 2016, 58.1 million open-source components were downloaded off the Internet. Keeping in mind the circulation of these components in new code sequences, it\u2019s not surprising that your code might have one of the identified shortcomings. Therefore, implementation of the aforementioned procedures is not only relevant from the legal aspect but from the technical aspect as well. If you properly keep track of the OSS sequences in your code, this will definitely reduce all potential risks and make you stand out in the market.<\/p><p>Now that you have clearer instructions, it\u2019s up to you to decide.<\/p><\/div><\/section>\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t","protected":false},"excerpt":{"rendered":"<p>\u201cI am a lazy person, which is why I like open-source, for other people to do work for me.\u201d Linus Torvalds Never mind if you are just lazy or want to focus on creating innovations by the use of already established shortcuts, open-source libraries usually speed up and facilitate the development of software products in [&hellip;]<\/p>\n","protected":false},"author":5,"featured_media":66532,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[128,110,111],"class_list":["post-40566","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-labor-employment","category-information-technology-en","category-intellectual-property-en"],"_links":{"self":[{"href":"https:\/\/zuniclaw.com\/en\/wp-json\/wp\/v2\/posts\/40566","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/zuniclaw.com\/en\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/zuniclaw.com\/en\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/zuniclaw.com\/en\/wp-json\/wp\/v2\/users\/5"}],"replies":[{"embeddable":true,"href":"https:\/\/zuniclaw.com\/en\/wp-json\/wp\/v2\/comments?post=40566"}],"version-history":[{"count":16,"href":"https:\/\/zuniclaw.com\/en\/wp-json\/wp\/v2\/posts\/40566\/revisions"}],"predecessor-version":[{"id":66542,"href":"https:\/\/zuniclaw.com\/en\/wp-json\/wp\/v2\/posts\/40566\/revisions\/66542"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/zuniclaw.com\/en\/wp-json\/wp\/v2\/media\/66532"}],"wp:attachment":[{"href":"https:\/\/zuniclaw.com\/en\/wp-json\/wp\/v2\/media?parent=40566"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/zuniclaw.com\/en\/wp-json\/wp\/v2\/categories?post=40566"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}