Open Source Is Old School, Says The GitHub Generation

For years, the software industry has been trending away from so-called 'copyleft' licenses like the GNU General Public License (GPL) and toward permissive, Apache-style licensing. Given the rising importance of developers, this isn't surprising: developers just want to get work done without being bogged down by license requirements. It's perhaps not surprising, therefore, that permissive Apache licensing may simply be a way station on the road to no licensing at all.

That's what GitHub seems to be telling us, anyway.

A Trend Toward Extreme Permissiveness

Early in the life of free and open-source software, copyleft licensing reigned supreme. But for years, permissive licenses like BSD and MIT have been climbing, as Redmonk analyst Donnie Berkholz nicely pictures:

Not content to stop there, however, we seem to be entering a new phase: the no-license model. As free-software advocate Glyn Moody notes, "the logical conclusion of the move to more 'permissive' licences [is] one that permits everything."

While Moody talks about public domain software, the GitHub generation seems to be less fussy about legal mechanics.

The GitHub License Black Hole

As Aaron Williamson, senior staff counsel with the Software Freedom Law Center, presented at this year's Linux Collaboration Summit, the vast majority of projects on GitHub don't appear to carry any license terms at all. (The Register's Neil McAllister offers a great summary.) GitHub has become the gathering point for modern open-source development, so it's hugely significant that a mere 14.9% (219,326) of the 1,692,135 code repositories Williamson scanned had a file in their top-level directories that specified a license. 

In other words, the vast majority of code on GitHub isn't necessarily open source. Or proprietary software. Or, well, anything. It's just code.

Redmonk analyst James Governor nailed this trend in 2012, arguing that "younger devs today are about POSS - Post open source software." For such developers, Governor holds, licensing and governance are an afterthought: the code is all. Both Gartner and Forrester find that open source is booming precisely because developers want flexibility.

Less licensing = more flexibility.

Is Licensing Necessary?

Not that this approach is unproblematic. Outercurve Foundation board member Stephen Walli posits that such "promiscuous" sharing without governance and licensing will lead to "software transmitted diseases." But it's unclear that the GitHub generation cares. Maybe they will. Maybe they'll wake up and smell the need for licensing. 

Or maybe the project/company they create will attract the interest of a would-be buyer, and suddenly source code hygeine will matter. A lot. As a Black Duck study shows, open-source compliance is becoming an increasingly common question in mergers and acquisitions:

But all is not lost. Berkholz analyzed a wide array of projects to determine the interplay between project size and licensing. As he summarizes, "as projects grow, they tend to sort out any licensing issues, likely because they get corporate users, professional developers, etc."

License rebels, in other words, tend to become less rebellious as their projects mature.

Ultimately, then, we almost certainly don't face an industry meltdown stemming from uncertain code provenance. Instead, we have a highly permissive license culture that helps to foster the development of code in the early phases of open-source development, which graduates to Apache-style licensing as projects catch on. Lawyers can rest easy. 

Lead image courtesy of Shutterstock.