The GPL version 2 has been in decline for some time, and has just dipped below a 50 percent adoption rate among open-source projects, according to new data released by Black Duck Software.
While some of this decline may be due to GPL version 3's increased adoption, at least some may derive from growing commercial interest in Apache-style licensing.
GPLv2 adoption falls below 50 percent
(Credit: Black Duck Software)One of the best indications of this shift is Red Hat's decision to license the JBoss HornetQ project under an Apache license, rather than the Lesser General Public License, to which it had previously defaulted.
Having said that, it's important to note that Apache's share of the market hasn't been growing dramatically (see the July 2009 data), which lends further weight to a hypothesis that GPLv3 is cannibalizing GPLv2. Even so, I find the dip interesting, and anecdotally I'm seeing a groundswell of support for Apache.
This isn't to suggest that the GPL doesn't matter: it clearly does. As Redmonk analyst Stephen O'Grady recently noted, "the GPLv2 is more popular than all of the other licenses on the (Black Duck) list...combined."
But as Open Core becomes the default business model for "pure-play" open-source companies, we will see more software licensed under the Apache license.
The GPL makes sense in a world where vendors hope to exercise control over their communities (by constraining the sorts of derivative works that remain palatable to would-be competitors or "free-riding" users), but if the desire is to foster unfettered growth, Apache licensing offers a better path.
I don't see an end to GPL adoption anytime soon, as its ethos appeals to a certain class of developer and because it can offer tangible development and business benefits, as I'll be arguing at Monday's "Which open-source license is best?" discussion with the Free and Open Source Software Learning Centre. The whole Apache vs. GPL debate may be much like Coke vs. Pepsi: a matter of personal preference and nothing more.
With GPLv2 adoption dropping below 50 percent of open-source projects surveyed by Black Duck Software, however, it's very possible that preferences are starting to shift in favor of Apache licensing.
Follow me on Twitter @mjasay.
In July 2007, version 3 of the GNU General Public License barely accounted for 164 projects. A year later, the number had climbed past 2,000 total projects. Today, as announced by Google open-source programs office manager Chris DiBona, the number of open-source projects licensed under GPLv3 is at least 56,000.
And that's just counting the projects hosted at Google Code.
In a hallway conversation with DiBona at OSCON, he told me roughly half of all projects on Google Code use the GPL and, of those, roughly half have moved to GPLv3, or 25 percent of all Google Code projects.
With more than 225,000 projects currently hosted at Google Code, that's a lot of GPLv3.
If we make the reasonable assumption that other open-source project repositories Sourceforge.net and Codehaus have similar GPLv3 adoption rates, the numbers of GPLv3 projects get very big, very fast.
The data becomes even more significant, however, when you consider the number of active projects on Google Code, Sourceforge, and elsewhere. Google's ratio of active projects is much higher than Sourceforge's, which generously sees maybe 12 percent of its total number of projects under active development.
Hence, even if GPLv3's overall numbers may still seem small compared with GPLv2, its share of active projects may be quite large.
My recent flirtations with Apache-style licensing notwithstanding, clearly there's life remaining in the GPL, and particularly Version 3.
Follow me on Twitter @mjasay.
If most developers contribute to open-source projects because they want to, rather than because they're forced to, why do we have the GNU General Public License?
Free Software Foundation
That's the question that hit me last night as I tried to sleep in the shadow of Richard Stallman's MIT. Stallman, of course, originated the GPL, a brilliant way to turn copyright on its head in order to force software to remain open.
But in the process, did Stallman simply create an alternative way to release proprietary software?
I'm not trying to be cute here. Think about it. If you you want to maximize adoption and reuse of your software, why wouldn't you use Apache? Perhaps because you don't like the thought of someone using your free software in a proprietary product?
"I would actually rather nobody use my software than be in a situation where everyone is using my gear, and nobody is admitting it," wrote Zed Shaw, creator of a popular library and Web server for Rails called Mongrel.
Shaw, and perhaps other coders, have turned to the GPL as a way to protect their software from use they deem objectionable. But isn't this precisely what the proprietary software licenses do? The only difference is that the GPL forces code to be open, rather than closed.
Are the two approaches so very different? The effect--blocking undesirable use of one's software--is largely the same.
After 10 years in open source, I'm increasingly of the Apache-licensing persuasion because I'm starting to concur with open-source luminary Eric Raymond that "the GPL is unnecessary...(and) is also a confession of fear and weakness."
If I'm mostly concerned about adoption, Apache promises to be better than the GPL for all the reasons stated by Daniel Jalkut in his excellent ode to Apache.
And if I'm concerned about protection, then why not simply use a proprietary license--one that doesn't scare opposing legal counsel?
With the Web making open-source licensing largely irrelevant, anyway, it's a good time to evaluate the merits of the two dominant open-source-licensing approaches. For this moment in time, they're essentially equivalent, at least to end users and Web developers, neither of which is required to contribute back derivative works.
Indeed, I believe that one of the primary reasons that Linux, MySQL, Lucene, Hadoop, and other Web-oriented technologies have thrived in the past few years is that they have basically come legal-encumbrance-free.
Would Google have built its server infrastructure with Linux if it had been required to contribute all its software back? Almost certainly not. Yes, it has elected to contribute back to MySQL and others when it was advantageous to do so, but I think that Affero GPL, which translates the GPL's provisions to network-hosted software, would have effectively killed the utility of MySQL, Linux, and other open-source technologies for Web titans like Google, Facebook, and others.
In short, perhaps the best thing that could have happened to open source in the past few years is the increasing relevance of its code due to the decreasing relevance of its licensing. More adoption due to fewer controls.
Developers don't contribute to open-source projects out of force. They do so out of interest, desire for recognition, and other reasons. Once you take force out of the equation, the GPL loses its relevance except as a tool to protect against competition...which proprietary licensing perfected long ago.
For those who worry about the world being closed off behind proprietary licenses, it's not going to happen. The software world has been opening up, though not always at the pace some open-source advocates would prefer. On this point Tim O'Reilly has correctly argued:
If you close things off, eventually, you lose. This is why one of my slogans is, "Create more value than you capture." As long as people are doing that, I don't care whether they're trying to capture some value (through proprietary licensing).
In other words, people don't have to be forced into openness. It happens out of natural, selfish desires. Given the history of humanity, that's probably a more dependable basis for business strategy than an expectation of charitable donations through code contributions.
So, wither the GPL? I'm asking a sincere question to which I have hunches but no definitive answers. I'd love to hear your thoughts.
Disclosure: my company licenses its software under the GPL. This post reflects my personal (evolving) opinion and should not be construed as representative of the intentions of my employer.
Follow me on Twitter @mjasay.
The GNU General Public License (GPL) used to dominate open-source licensing, but its hold appears to be slipping according to new research from Black Duck Software. While GPLv3 has seen a 400-percent increase in adoption, and though the GPL and its variants still claim over 65 percent of all open-source projects, Black Duck reports a 5 percent decline in GPL adoption.
This drop makes sense, given the GPL's decreasing relevance to the modern world of network-delivered software and the increasing value of data over software.
ZDNet's Dana Blankenhorn points out that there are no clear replacements arising for the GPL, and he's right. But I'm not sure that's the point.
Peter Vescuso, executive vice president of marketing and business development at Black Duck Software, argues that we're starting to see greater diversity in licensing approaches, as "many developers are selecting licenses that are less restrictive, a move that underscores the broader adoption and value of open source in today's multisource development environments."
Perhaps. Or perhaps developers simply don't care that much about open-source licensing qua licensing very much any more. The real value in open-source software is no longer the software, but rather the resultant services that are delivered over the Web, a theme that Tim O'Reilly has been hitting consistently over the past six years.
The GPL was highly relevant in the Software 1.0 world because it was a great way to protect software assets. In effect, the GPL became the preferred way to replicate the copyright regime, except under the banner of free software.
Today, the GPL (and open-source licensing, generally) is irrelevant.
It's irrelevant because the GPL protects nothing in a world where software is delivered over the Web, because the GPL's "distribution clause" isn't triggered. The GPL becomes BSD/Apache, in short.
Because of this, Web developers long ago stopped worrying about open-source license requirements and instead are focused on data-driven lock-in. Open-source software becomes a way to build free services that encourage adoption, which adoption yields valuable data. That data is the crown jewels in a networked world, as O'Reilly suggests.
Because Web developers don't necessarily need to protect their software, we're seeing more adopt licenses like BSD, Apache, and other permissive licenses in order to foster community, rather than protection, around their software. Those who persist in seeing the world through the Software 1.0 lens continue to try to protect the software, which is why we're seeing a four-fold increase in AGPLv3 adoption. (AGPLv3 extends the definition of "distribution" to include network-based delivery of software.)
The GPL isn't dead, and perhaps it's not even dying. But that isn't the point. The point is that the real question is Web-based delivery of software, and current licensing has almost nothing to say on that topic.
Follow me on Twitter @mjasay.
For years people have suggested that open-source adoption would go even faster if only open-source licenses like the GNU General Public License (GPL) were easier to understand. My personal belief is that "It's so hard to understand!" tends to be an euphemism for "I really want to pilfer this open-source software but its terms don't let me!" After all, the terms of the GPL have been explained repeatedly, including by the Free Software Foundation itself, which authored the GPL.
Regardless, the Software Freedom Law Center is now making it easy to understand the GPL and related licenses with a guide (available online) that walks through effective compliance:
Unlike highly permissive FOSS licenses (such as the ISC license), which typically only require preservation of copyright notices, the GPL places a number of important requirements upon licensees. These requirements are carefully designed to uphold certain values and standards of the software freedom community. While the GPL's requirements may appear initially counter-intuitive to those more familiar with proprietary software licenses, by comparison its terms are in fact clear and favorable to licensees. The terms of the GPL actually simplify compliance when violations occur.
GPL violations are often caused or compounded by a failure to adopt sound practices for the incorporation of GPL'd components into a company's internal development environment. In this section, we introduce some best practices for software tool selection, integration and distribution, inspired by and congruent with FOSS methodologies.
What follows, then, is a highly practical walk-through of how to use GPL software, when to release derivative works, etc. Any company that uses GPL software - which includes roughly 99.999 percent of IT departments due to the rise of Linux - should get a copy of this compliance guide and study it. Ignorance is no longer an excuse for a lack of compliance with open-source license compliance.
- prev
- 1
- next
