Blogs

I noticed in the first week of August, the GPL version 2 open source license dropped below the 50% share mark for the first time since we started tracking this data in 2007. Up until this point, a majority of open source projects were using the GPLv2 license, but GPLv2 share has eroded pretty steadily over the last year+. In July 2008, GPLv2 was used by 57.7% of all projects. Today it stands 8% lower at under 49.6% (which means roughly 100,000 projects). During the same period, LPGL 2.1 is down about 1% and GPLv3 is up 3.4%.

That is not to say that the GPL is going away. GPL version 2 is still by far the most widely used open source license. At over 49% of all OS projects, it is used by four times more projects than the number two license which is the LGPL version 2.1 (9.5%). Collectively the GPL family of licenses accounts for more than 65% of all open source projects in the Black Duck KnowledgeBase.

FOSSBazaar will host a track at Open World Forum (Paris; October 1/2) about the governance of open source. We will have number of interesting talks: Martin von Willebrand will talk about Validos, Luc Grateau and Guillaume Rousseau will present INRIA's IPR Tracking Methodology, Michael Mahemoff from BT will talk about an open source governance tool, Bruno Cornec will give a demo of FOSSology and Charles-H. Schulz will present a checklist for engaging in FOSS projects. There will also be plenty of opportunities for discussions.

Here is the full program. Open World Forum is free but you have to register. I hope to see many of you there!

I'm currently managing and facilitating the Validos-collaboration – it's an open collaboration of companies for open source compliance. Validos does the basic validation of open source software packages and shares the results with every participating company/entity. Thus the basic work is done only once. I have introduced the idea and our law firm provides the compliance work. Validos is essentially a collaboration between our customers and new customers.

From our customers' perspective the business model is great. They get the traditional outsourcing benefits (expertise and scale) and most importantly, they do not need to redo work done by some other company. With a growing number of members and a growing database, the work needed per customer becomes smaller all the time. 

Regardless of what you might think of Microsoft's Community Promise I'm sure that it will generally be seen as a step forward, that Microsoft yesterday stated that the Community Promise will apply to ECMA 334 and ECMA 335 specifications (this affects C# and the CLI). In the blog entry from Peter Galli, it was pointed out that this means that "Microsoft provides assurance that it will not assert its Necessary Claims against anyone who makes, uses, sells, offers for sale, imports, or distributes any Covered Implementation under any type of development or distribution model, including open-source licensing models such as the LGPL or GPL"

http://port25.technet.com/archive/2009/07/06/the-ecma-c-and-cli-standards.aspx

When we think about the implications of non-compliance with F/OSS licensing the considerations tend to be around legal exposure and concern that the conditions of a reciprocal license, e.g. the GPL, may propagate into proprietary code. When risk is assessed it is usually in terms of the possibility of litigation and the associated costs, and/or the weakening of business models that are based upon exercising exclusive rights in connection with associated proprietary IP.