Advertisement

Investigating whether and how software developers understand open source software licensing

  • Daniel A. Almeida
  • Gail C. Murphy
  • Greg Wilson
  • Michael Hoye
Article
  • 111 Downloads

Abstract

Software provided under open source licenses is widely used, from forming high-profile stand-alone applications (e.g., Mozilla Firefox) to being embedded in commercial offerings (e.g., network routers). Despite the high frequency of use of open source licenses, there has been little work about whether software developers understand the open source licenses that they use. To help understand whether or not developers understand the open source licenses they use, we conducted a survey that posed development scenarios involving three popular open source licenses (GNU GPL 3.0, GNU LGPL 3.0 and MPL 2.0) both alone and in combination. The 375 respondents to the survey, who were largely developers, gave answers consistent with those of a legal expert’s opinion in 62% of 42 cases. Although developers clearly understood cases involving one license, they struggled when multiple licenses were involved. To understand the context in which licensing issues arise in practice, we analyzed real-world questions posed by developers about the three licenses considered in the survey on online question-and-answer communities. We also interviewed practicing developers about license interaction problems they have faced. Among several lessons, we learnt that licensing issues can constrain software evolution and that developers are cautious of more restrictive licenses. Our results indicate a need for tool support to help guide developers in understanding the structure of the code and the technical details of a project while taking into account the exact requirements imposed by the licenses involved.

Keywords

Open source Software licenses Empirical studies 

References

  1. Alspaugh TA, Scacchi W, Asuncion HU (2010) Software licenses in context: the challenge of heterogeneously-licensed systems. J Assoc Inf Syst 11(11):730Google Scholar
  2. Corbin J, Strauss A (1990) Grounded theory research: procedures, canons and evaluation criteria. Qual Sociol 13:3–21CrossRefGoogle Scholar
  3. Di Penta M, German DM, Guéhéneuc YG, Antoniol G (2010) An exploratory study of the evolution of software licensing. In: Proceedings of the 32nd ACM/IEEE international conference on software engineering, ICSE ’10, vol 1. ACM, pp 145–154Google Scholar
  4. Gamalielsson J, Lundell B (2017) On licensing and other conditions for contributing to widely used open source projects: an exploratory analysis. In: Proceedings of the 13th international symposium on open collaboration, opensym ’17, pp 9:1–9:14Google Scholar
  5. German DM, Hassan AE (2009) License integration patterns: addressing license mismatches in component-based development. In: Proceedings of the 31st international conference on software engineering, IEEE Computer Society, ICSE ’09, pp 188–198Google Scholar
  6. German DM, Di Penta M, Davies J (2010a) Understanding and auditing the licensing of open source software distributions. In: Proceedings of the 2010 IEEE 18th international conference on program comprehension, IEEE Computer Society, ICPC ’10, pp 84–93Google Scholar
  7. German DM, Manabe Y, Inoue K (2010b) A sentence-matching method for automatic license identification of source code files. In: Proceedings of the IEEE/ACM international conference on automated software engineering, ASE ’10. ACM, pp 437–446Google Scholar
  8. Hemel A, Kalleberg KT, Vermaas R, Dolstra E (2011) Finding software license violations through binary code clone detection. In: Proceedings of the 8th working conference on mining software repositories, MSR ’11. ACM, pp 63–72Google Scholar
  9. Hofmann G, Riehle D, Kolassa C, Mauerer W (2013) A dual model of open source license growth. In: IFIP International conference on open source systems. Springer, pp 245–256Google Scholar
  10. Kim M, Bergman LD, Lau TA, Notkin D (2004) An ethnographic study of copy and paste programming practices in OOPL. In: 2004 International symposium on empirical software engineering (ISESE 2004), 19–20 August 2004, Redondo Beach, CA, USA, pp 83–92Google Scholar
  11. Robillard MP, Deline R (2011) A field study of api learning obstacles. Empir Softw Eng 16(6):703–732CrossRefGoogle Scholar
  12. Rosson MB, Carroll JM (1996) The reuse of uses in smalltalk programming. ACM Trans Comput-Hum Interact 3(3):219–253CrossRefGoogle Scholar
  13. Sen R, Subramaniam C, Nelson M (2008) Determinants of the choice of open source software license. J Manage Inf Syst 25(3):207–240CrossRefGoogle Scholar
  14. Sonatype (2015) 2015 State of the software supply chain report: hidden speed bumps on the road to “continuous”. https://www.sonatype.com/state-of-the-software-supply-chain. Access Jan 30 2017
  15. Stewart KJ, Ammeter AP, Maruping LM (2006) Impacts of license choice and organizational sponsorship on user interest and development activity in open source software projects. Info Sys Research 17(2):126–144CrossRefGoogle Scholar
  16. Vendome C (2015) A large scale study of license usage on github. In: Proceedings of the 37th international conference on software engineering, ICSE ’15, vol 2. IEEE Press, pp 772–774Google Scholar
  17. Vendome C, Poshyvanyk D (2016) Assisting developers with license compliance. In: Proceedings of the 38th international conference on software engineering companion, ICSE ’16. ACM, pp 811–814Google Scholar
  18. Vendome C, Linares-Vásquez M, Bavota G, Di Penta M, German D, Poshyvanyk D (2015a) License usage and changes: a large-scale study of java projects on github. In: Proceedings of the 2015 IEEE 23rd international conference on program comprehension, ICPC ’15. IEEE Press, pp 218–228Google Scholar
  19. Vendome C, Linares-Vasquez M, Bavota G, Di Penta M, German DM, Poshyvanyk D (2015b) When and why developers adopt and change software licenses. In: Proceedings of the 2015 IEEE international conference on software maintenance and evolution (ICSME), IEEE Computer Society, ICSME ’15, pp 31–40Google Scholar
  20. Vendome C, Bavota G, Penta MD, Linares-Vásquez M, German D, Poshyvanyk D (2017a) License usage and changes: a large-scale study on github. Empir Softw Eng 22(3):1537–1577CrossRefGoogle Scholar
  21. Vendome C, Linares-Vásquez M, Bavota G, Di Penta M, German D, Poshyvanyk D (2017b) Machine learning-based detection of open source license exceptions. In: Proceedings of the 39th international conference on software engineering, ICSE ’17. IEEE Press, pp 118–129Google Scholar
  22. Wu Y, Manabe Y, Kanda T, German DM, Inoue K (2017) Analysis of license inconsistency in large collections of open source projects. Empir Softw Eng 22(3):1194–1222CrossRefGoogle Scholar

Copyright information

© Springer Science+Business Media, LLC, part of Springer Nature 2018

Authors and Affiliations

  1. 1.University of British ColumbiaVancouverCanada
  2. 2.DataCampTorontoCanada
  3. 3.Mozilla CorporationTorontoCanada

Personalised recommendations