Software provided under open source licenses is widely used, from forming high-profile stand-alone applications (e.g., Mozilla Firefox) to being embedded in commercial offerings (e.g., network routers). Despite the high frequency of use of open source licenses, there has been little work about whether software developers understand the open source licenses that they use. To help understand whether or not developers understand the open source licenses they use, we conducted a survey that posed development scenarios involving three popular open source licenses (GNU GPL 3.0, GNU LGPL 3.0 and MPL 2.0) both alone and in combination. The 375 respondents to the survey, who were largely developers, gave answers consistent with those of a legal expert’s opinion in 62% of 42 cases. Although developers clearly understood cases involving one license, they struggled when multiple licenses were involved. To understand the context in which licensing issues arise in practice, we analyzed real-world questions posed by developers about the three licenses considered in the survey on online question-and-answer communities. We also interviewed practicing developers about license interaction problems they have faced. Among several lessons, we learnt that licensing issues can constrain software evolution and that developers are cautious of more restrictive licenses. Our results indicate a need for tool support to help guide developers in understanding the structure of the code and the technical details of a project while taking into account the exact requirements imposed by the licenses involved.
This is a preview of subscription content, log in to check access.
Buy single article
Instant access to the full article PDF.
Price includes VAT for USA
Subscribe to journal
Immediate online access to all issues from 2019. Subscription will auto renew annually.
This is the net price. Taxes to be calculated in checkout.
Alspaugh TA, Scacchi W, Asuncion HU (2010) Software licenses in context: the challenge of heterogeneously-licensed systems. J Assoc Inf Syst 11(11):730
Aslett M (2011) On the continuing decline of the gpl. http://blogs.the451group.com/opensource/2011/12/15/on-the-continuing-decline-of-the-gpl/
Corbin J, Strauss A (1990) Grounded theory research: procedures, canons and evaluation criteria. Qual Sociol 13:3–21
Di Penta M, German DM, Guéhéneuc YG, Antoniol G (2010) An exploratory study of the evolution of software licensing. In: Proceedings of the 32nd ACM/IEEE international conference on software engineering, ICSE ’10, vol 1. ACM, pp 145–154
Gamalielsson J, Lundell B (2017) On licensing and other conditions for contributing to widely used open source projects: an exploratory analysis. In: Proceedings of the 13th international symposium on open collaboration, opensym ’17, pp 9:1–9:14
German DM, Hassan AE (2009) License integration patterns: addressing license mismatches in component-based development. In: Proceedings of the 31st international conference on software engineering, IEEE Computer Society, ICSE ’09, pp 188–198
German DM, Di Penta M, Davies J (2010a) Understanding and auditing the licensing of open source software distributions. In: Proceedings of the 2010 IEEE 18th international conference on program comprehension, IEEE Computer Society, ICPC ’10, pp 84–93
German DM, Manabe Y, Inoue K (2010b) A sentence-matching method for automatic license identification of source code files. In: Proceedings of the IEEE/ACM international conference on automated software engineering, ASE ’10. ACM, pp 437–446
Hemel A, Kalleberg KT, Vermaas R, Dolstra E (2011) Finding software license violations through binary code clone detection. In: Proceedings of the 8th working conference on mining software repositories, MSR ’11. ACM, pp 63–72
Hofmann G, Riehle D, Kolassa C, Mauerer W (2013) A dual model of open source license growth. In: IFIP International conference on open source systems. Springer, pp 245–256
Kim M, Bergman LD, Lau TA, Notkin D (2004) An ethnographic study of copy and paste programming practices in OOPL. In: 2004 International symposium on empirical software engineering (ISESE 2004), 19–20 August 2004, Redondo Beach, CA, USA, pp 83–92
Robillard MP, Deline R (2011) A field study of api learning obstacles. Empir Softw Eng 16(6):703–732
Rosson MB, Carroll JM (1996) The reuse of uses in smalltalk programming. ACM Trans Comput-Hum Interact 3(3):219–253
Sen R, Subramaniam C, Nelson M (2008) Determinants of the choice of open source software license. J Manage Inf Syst 25(3):207–240
Sonatype (2015) 2015 State of the software supply chain report: hidden speed bumps on the road to “continuous”. https://www.sonatype.com/state-of-the-software-supply-chain. Access Jan 30 2017
Stewart KJ, Ammeter AP, Maruping LM (2006) Impacts of license choice and organizational sponsorship on user interest and development activity in open source software projects. Info Sys Research 17(2):126–144
Vendome C (2015) A large scale study of license usage on github. In: Proceedings of the 37th international conference on software engineering, ICSE ’15, vol 2. IEEE Press, pp 772–774
Vendome C, Poshyvanyk D (2016) Assisting developers with license compliance. In: Proceedings of the 38th international conference on software engineering companion, ICSE ’16. ACM, pp 811–814
Vendome C, Linares-Vásquez M, Bavota G, Di Penta M, German D, Poshyvanyk D (2015a) License usage and changes: a large-scale study of java projects on github. In: Proceedings of the 2015 IEEE 23rd international conference on program comprehension, ICPC ’15. IEEE Press, pp 218–228
Vendome C, Linares-Vasquez M, Bavota G, Di Penta M, German DM, Poshyvanyk D (2015b) When and why developers adopt and change software licenses. In: Proceedings of the 2015 IEEE international conference on software maintenance and evolution (ICSME), IEEE Computer Society, ICSME ’15, pp 31–40
Vendome C, Bavota G, Penta MD, Linares-Vásquez M, German D, Poshyvanyk D (2017a) License usage and changes: a large-scale study on github. Empir Softw Eng 22(3):1537–1577
Vendome C, Linares-Vásquez M, Bavota G, Di Penta M, German D, Poshyvanyk D (2017b) Machine learning-based detection of open source license exceptions. In: Proceedings of the 39th international conference on software engineering, ICSE ’17. IEEE Press, pp 118–129
Wu Y, Manabe Y, Kanda T, German DM, Inoue K (2017) Analysis of license inconsistency in large collections of open source projects. Empir Softw Eng 22(3):1194–1222
Communicated by: David Lo and Alexander Serebrenik
Appendix A: Interview Script
Appendix A: Interview Script
What is your current role in your organization?
What are your main responsibilities?
How are you involved with the software products produced at your organization?
Do you write code? Select open source components? Test?
How are licensing decisions made at your organization?
How are developers involved? Could you give a few examples of decisions you have been involved in?
Have you ever encountered license incompatibility issues?
Could you describe a particular scenario in which license incompatibilities occurred?
What were the licenses? What was the structure of the code carrying the licenses?
How did the code with different licenses interact?
What was your role in identifying or resolving the challenge?
How often has a situation like this occurred?
About this article
Cite this article
Almeida, D.A., Murphy, G.C., Wilson, G. et al. Investigating whether and how software developers understand open source software licensing. Empir Software Eng 24, 211–239 (2019). https://doi.org/10.1007/s10664-018-9614-9
- Open source
- Software licenses
- Empirical studies