DEV Community

Discussion on: Why I no longer use the MIT license for new projects

Collapse
 
unsungnovelty profile image
Nikhil • Edited

FYI - The below opinion is not entirely directed at the author cos I don't know how much the person knows about licenses. But this is for people who don't know much about licenses and get the idea that MIT license is bad for open source. Spoiler alert, it is not. :)

Most people don't know about licenses and it's intricacies. But it is a very complicated topic. All open source licenses have its place and use cases. You should choose licenses based on what you want to accomplish. Not hate a license cos it was doing it's job. :)

For example, there is a fundamental difference between permissive licenses and copyleft licenses alone. Then there are other issues depending on the license you are using and for what you are using it.

With permissive licenses like ISC, MIT, BSD-2, BSD-3 etc, you give anyone the permission to do whatever you want. To put it very simply (They all have characteristics and differ in certain ways). You shouldn't be worried if someone copies your code and makes a commercial product or start a company with your code which is permissively licensed. In fact, if you are worried, then you are using the wrong license for your project.

There are very important use cases for permissive licenses like MIT. For example, most of the libraries and frameworks like Vue.js, Reactjs and TailwindCSS are MIT licensed, which is a permissive license. Permissive licenses make interoperability with other software with different licenses possible. This is why you can integrate an MIT licensed software into your project which is GPLv3/v2 based. But you cannot do it the other way around. Cos GPLv3 is not a permissive license. This means if Tailwindcss, React, Vue or other projects used a copy left license, you wouldn't have been able to use it in your personal project which is private or commercial. None of those companies wouldn't be using React, TailwindCSS to name a few if they were using non-permissive open source licenses. You will have to make the code public for one matter. Again, this is me putting it simply. There are ways in which copyleft licenses can be integrated for commercial use cases.

Some interesting things/instances I learned in the open source license land are:

  • Linus Torvald saying he won't move Linux which is a kernel from GPLv2 to v3

  • There are license provisions which says "GPL3 or more". By this the author is meaning this software will support GPLv3 and any new license version which comes after GPLv3. This to me is bonkers. Imagine trusting a license provider that you agree your software will support GPL3 and any version that comes after it. What if GPLv4 creates some terms you don't like? What if some terms disallow you move towards certain goals the project want to go? It is a messy thing to change your license once you make it public.

  • MacOS and Playstation uses/used FreeBSD which uses permissive license called BSD-2 IIRC. You might think it is radical or unfair for companies to just copy the FreeBSD code. But the thing is, since Linux uses GPLv2 which isn't permissive, companies now have to make Linux flexible for them by politics and other tactics to get what they want. This has good and bad effects. Meanwhile Apple, Playstation are all examples of FreeBSD's use of permissive licenses successfully avoiding political maneuvers better than Linux. IMO, One of the reason why Linux hasn't captured the Desktop by storm is because the companies working on it don't care. They are only worried about enterprise use cases. Take a look at Linux Foundation (which governs and make decisions for the project) website to see this in action. It's all numbers and product pitches. Most GUI and desktop oriented projects if not all are community based. This all comes from a SINGLE LICENSE ISSUE of License being non-permissive.

Meanwhile Playstation takes what they want and they have brought back code IIRC to FreeBSD. But the important thing is, they don't have to do any kind of tactics. This has kept FreeBSD more community oriented. Netflix works with FreeBSD too cause they use FreeBSD for making Netflix possible. They are not enforced by anyone. They do what they want by taking what they want and they contribute a lot of code back to FreeBSD and it's network stack (cos netflix is cool that way). This would've taken a different turn if FreeBSD was GPLv3 for example.

  • Plausible which is a analytics company which are open source is another example of a company choosing the wrong license for their project. Read - plausible.io/blog/open-source-lice....

  • An example of license compatibility issue - ZFS filesystem is not bundled in Linux Kernel like other filesystems BTRFS, EXT4 etc cos of license interoperability issue. So if you want your Linux distro to use ZFS file system, you have to load it separately. Only some linux distributions offer ZFS OOTB. Others have to manually load modules which is not so straight forward. Read -theregister.com/2020/01/13/zfs_linux/

But all in all it is the author's responsibility to choose a license which integrates well with their goals for the project. Not the responsibility of the license which does what it is intended to do. :)

Edit: Made some parts more clearer since this is making rounds now. FreeBSD uses BSD-2-Clause and not BSD-3 as mentioned earlier in this comment. Fixed that as well. Drop a comment if you see anything that needs to be fixed.

Collapse
 
spamaps profile image
Clint 'SpamapS' Byrum

Did you forget that there is a lesser GPL?

Permissive licenses are fine, but they're not the only way to make software that can be combined and shipped with code licensed under different terms.

Collapse
 
unsungnovelty profile image
Nikhil • Edited

Permissive licenses are fine, but they're not the only way to make software that can be combined and shipped with code licensed under different terms.

You are right. I didn't say it is the only way either. I told people to choose the licenses depending on what they are trying to accomplish.

Did you forget that there is a lesser GPL?

Not really. I did indirectly convey about LGPL. But I don't know why it should be important since this post or my comment isn't about covering all OSS licenses.