PlanetMysql.ru — информация о СУБД MySQL

We’re continuing to see signs that the dominant GPL open source license may be fading from favor among commercial open source software players. The latest move away from the GPL comes from content management software vendor Alfresco, which is moving to the LGPL after originally releasing its code under the GPL three years ago. The reasoning for the shift, according to Alfresco CEO John Newton, is the company sees greater opportunity beyond being a software application, particularly given the emergence of the Content Management Interoperability Services standard. Alfresco won mostly praise for its move, and it does make sense given where open source is going these days.

I believe the emerging trend away from GPL and toward more permissive, mixable licenses such as LGPL or Apache reflects the broadening out of open source software not only throughout the enterprise IT software stack, but also throughout uses beyond individual applications, frameworks and systems. More and more open source software vendors are pursuing opportunities in embedded use or OEM deals whereby open source software often must sit alongside or even inside of proprietary code and products. Similar to what we’ve seen in the mobile space — where open source software and development are more prominent than ever, but end products with accessible code are not — open source is broadening out, but it is doing so in many cases by integrating with proprietary code.

We also see some debate about the community and commercial ups and downs of GPL as organizations contemplate the balance of the two and the best way to achieve commercial success with open source software. As Matt highlights, we are seeing a choice of non-GPL licensing in order to more effectively foster community and third-party involvement, but we also continue to see GPL as a top choice to similarly build community.

While the debate about community versus commercial benefit may not necessarily be prompting movement away from GPL, I believe another recent action may indeed do so. The latest series of GPL lawsuits are aimed at raising awareness, profile and legitimacy for open source software. While those bringing the suits — primarily the Software Freedom Law Center — have exhibited a reasonable approach and settled with past lawsuit targets, these suits and publicity may still serve to steer organizations making the choice to other licenses, including the LGPL, BSD, Apache and the Eclipse Public License.

Another factor is the GPL thumping that took place during the SaveMySQL campaign as the European Commission contemplated Oracle’s proposed (and now closed) acquisition of Sun Microsystems and the open source MySQL. I voiced my concern that the SaveMySQL campaign might jeopardize or de-value open source software projects and pieces in M&A, but I believe I’m actually in agreement with SaveMySQL leader Monty Widenius that the deal and process may end up tarnishing the GPL and its reputation in the enterprise.

As stated above, much of the movement we’re seeing away from the GPL has to do with the desire and opportunity to place open source software alongside, within, on top of or otherwise with proprietary software. Non-GPL open source licenses are also more flexible in terms of integrating and bundling with other open source software licensed under other, non-GPL licenses.

We anticipated this fade of GPL as covered in our report, The Myth of Open Source License Proliferation. Given its clout, durability and continued popularity in commercial open source (and with help from continued growth of GPL-licensed Linux) we believe the GPL will endure as a top open source license. However, given their flexibility and the ability to combine with other code, we see a number of other challengers — Apache, BSD, EPL and LGPL — rising while GPL dominance wanes. We’re also watching to see whether the AGPLv3 for networked software will provide new life for GPL-style licensing and community building in emerging virtualized, SaaS and cloud computing environments.

Code scanning and management vendor Black Duck reports the GNU General Public License v2 (GPLv2) now dipping below 50% share of open source software. While we already knew that GPLv2 was somewhat in decline from its far greater share of open source code over the last 5-10 years, it is useful to know what pool of code we’re talking about. We must also remember that while GPLv2 may not be as dominant as it once was and that other licenses, particularly GPLv3, are quickly gaining share, GPLv2 is still quite relevant to enterprise open source software, is used in a variety of newer and popular applications across the enterprise stack and is likely to remain in the top 10 licenses for a long time.

Regarding GPLv2 and Black Duck’s findings, some folks are rightly asking what code and how much of it are we considering where GPLv2 accounts for half or less of the software? Well, the short answer is, I believe, hosted open source code. Black Duck draws its figures from open source software in its Software Knowledgebase, which draws on other repositories and includes more than 185,000 software projects.

For our recent report, The Myth of Open Source License Proliferation, we thought it would be useful to look at open source license representation in another cross-section of software that was more reflective of code in use. Thus, with the help of Airius Internet Solutions, we considered the open source licenses of software that was the subject of vulnerability reporting (arguably, a decent measure of the software’s use). What we found, somewhat surprisingly, was that the list of most popular open source licenses among hosted open source software was very consistent with the list of most popular open source licenses among open source software in use. Both lists have the GPLv2, GPLv3, Artistic, BSD and Apache licenses in their top six, albeit in somewhat different orders. The percentages for different licenses, however, were quite different, giving more share to other licenses further down the list in the case of software in use.

At the time of our report, May 2009, the GPLv2 license accounted for 50.49% of all projects documented in Black Duck’s Software Knowledgebase, which is more than 185,000 projects. During the same time frame, Airius reported that the GPLv2 license accounted for 36.34% of software subject to vulnerability reporting and the Airius Risk Report, which consists of more than 139,000 projects reviewed. GPLv2 still tops both lists for now, but it is clear that GPLv3 is rising fast. Black Duck reported in June that GPLv3 had moved past the Mozilla, MIT and Apache licenses to the fifth spot on its list with 5.10%, behind BSD. Our research with Airius indicated that GPLv3 was number two on the list of projects reviewed with 18.5% as of June 15, 2009. This reinforces the idea that GPLv2 is being used less while GPLv3 is gaining more use. Nevertheless, it is important to remember GPLv2 is still being used in many projects and products beyond Linux and MySQL (which are, nevertheless, among prominent uses of the GPLv2). Examples range from applications such as Jaspersoft BI to systems management software such as Likewise, to cloud computing pieces such as the Puppet server automation software.

We’ll be delving into these and related issues with a lively, live debate on OSS licenses coming this Monday, August 31. Here Matt Assay argue for GPL, Eclipse Foundation’s Mike Milinkovich pull for EPL and Coverity’s David Maxwell for the BSD as they spar over which license is best. The audience and a panel including yours truly will judge who wins, and we’ll post our thoughts here and elsewhere for others to weigh in as well. Please