The General Public License (GPL) is a group of widely used open source software licenses that have transformed the world of software development. GPL has fostered collaboration and transparency among developers and allows teams to build on existing projects without legal barriers to innovation. There’s a wide range of popular GPL-licensed software, including the Linux kernel, which powers numerous devices worldwide, and WordPress, a CMS used by millions of websites.
Reading the above might have convinced you that the GPL is the right software license for your next development project. However, you need the full picture before making a decision – the GPL has certain requirements, and violations can lead to legal issues, loss of license, and damage to reputations in the open-source community. We’ll discuss the GPL requirements in this article, and by the end, you’ll have the information needed to make decisions about using GPL-licensed software in your projects.
As founder of the Free Software Foundation (FSF), Richard Stallman introduced the GPL to ensure that software remains accessible and modifiable for everyone. The license embodies the concept of copyleft, which mandates that any derivative works be distributed under the same GPL terms. This ensures that software freedom is preserved across versions and iterations.
Let’s explore how GPL has evolved over the years:
The GPL seeks to create a culture of collaboration and innovation, where developers can build on each other’s work and contribute to a thriving community.
GPL requires four essential freedoms which include:
Unlike traditional copyright, which locks software down, the copyleft principle of the GPL keeps software free by requiring that any changes are also shared under the same license, which prevents companies from modifying someone else’s GPL code and declaring the result to be private.
The Free Software Foundation ensures the rules of the GPL are followed, and why they prefer cooperative GPL compliance, they are willing to take legal action as a last resort to defend the GPL, as they did in their 2008 lawsuit against Cisco for alleged violations, which was settled. However, litigation is rare, and most compliance issues are resolved amicably.
The FSF additionally provides various forms of legal support and resources to help Free Software developers navigate legal issues:
Let’s see how GPL promotes innovation and collaboration as well as the potential challenges it poses for businesses and developers.
The GPL’s copyleft provision ensures that any derivative works are also licensed under it. This means the four essential freedoms discussed above apply to code forks, improvements, and modifications – so these remain open and accessible.* (*See “SaaS Loophole” section below). This ensures that developers have the freedom to build upon and enhance existing projects without worrying about restrictions on the use of their work, leading to rapid advancements and improvements in software technology.
This fundamentally makes the GPL a great choice for developers who subscribe to a philosophy of openness and shared progress, who aim to ensure that software serves to benefit society as a whole.
If you wish to keep your code proprietary, then the GPL is likely not for you. Businesses that incorporate GPL-licensed components into their software must release their entire codebase that embodies the GPL code if they distribute it. With this said, it is possible to distribute GPL code alongside proprietary software if the programs are kept separate and only interact through arms-length mechanisms like APIs or command line interfaces. This allows companies to use GPL libraries or tools in their development pipeline without having to open source their own proprietary code, as long as there is a clear boundary between the GPL and non-GPL components in the final distributed product.
Navigating compliance involves potential legal risks and complexities. Ensuring that all derivative works and distributions adhere to GPL terms can be challenging, and failure to comply can lead to legal disputes or loss of licensing rights. Therefore, it’s essential for companies to consult legal professionals to ensure they choose the license that is the best fit for their needs.
Using GPL might trigger compatibility issues with other licenses, both open-source and proprietary. The strict requirements of the GPL can complicate software integration, particularly when mixing code with other licenses that have different terms and conditions.
The most recent version of GPL (GPLv3) takes a strong stance against “tivoization” and Digital Rights Management (DRM), which can limit its applicability in certain contexts. “Tivoization,” named after TiVo’s practice of using GPL software in hardware that prevented users from running modified versions, refers to the use of hardware restrictions that block users from executing altered versions of GPL-licensed software on that hardware. Similarly, GPL is opposed to applying DRM in a manner that prevent users’ ability from modifying and sharing the software.
While these GPLv3 provisions protect user freedoms, they may be difficult to apply in certain hardware environments. For instance, many consumer electronics with locked-down firmware, smart home devices, or gaming consoles might find it challenging to incorporate GPLv3 software. This stance has led some manufacturers to either avoid GPL v3 software or to use earlier versions of GPL that don’t include these provisions.
SaaS applications don’t traditionally distribute software to users in the same way desktop applications do: SaaS applications allow use of the software hosted on remote servers, rather than distributing the actual software code itself. Because the software itself is not distributed, the GPL open sourcing requirements do not apply. Some call this the “SaaS loophole.”
Because users are interacting with the software without actually receiving a copy of it, companies using GPL-licensed components in their SaaS offerings are not technically required to share the source code.
The loophole leads to several legal questions. For instance, if a contractor accesses a SaaS product that uses GPL code, does this constitute a distribution event? If so, this potentially triggers GPL obligations. However, the definition of distribution in a cloud environment remains unclear.
However, even with this loophole which obviates the need to distribute source code used solely on a SaaS-basis, many developers are still unwilling to use GPL because they worry that they will be forced to reveal their proprietary code. Developers concerned about this tend to favor more flexible licenses such as the Massachusetts Institute of Technology (MIT) or Apache licenses, which do not have the same copyleft requirements.
It’s important to remember that GPL, and other open source software licenses, are a form of copyright license that applies to software code. It is not a trademark license. As a result, you can use code released under GPL, but you don’t have the automatic right to use the name of the code affixed by the original author. For example, you could modify Linux(™) to make your own operating system and release it far and wide – but you don’t have the right to call your new software Linux.
If you want to use an existing trademarks, whether it be WordPress(™) or MariaDB(™) or Linux(™), you need to seek permission from the owner of those trademarks.
Earlier we mentioned two other types of open-source licenses that developers often consider: the MIT and Apache licenses. How does GPL stack up against them, and why would you be inclined to choose one over the other?
We’ve seen how the GPL promotes software user freedom. The MIT Licence, on the other hand, prioritizes developer freedom. It is a permissive license, allowing users to use, modify, and distribute the software with minimal restrictions. The MIT License does not require derivative works to be open-sourced, providing more flexibility for developers who wish to maintain proprietary control over their modifications.
The main differences between GPL and MIT are:
To sum up, choose GPL for community-driven projects that prioritize collaboration and transparency, ensuring improvements are accessible to all. Go for MIT if you need flexibility for proprietary software or compatibility with other licenses.
The Apache License is permissive, similar to the MIT License, but includes additional patent protections. It allows developers to use, modify, and distribute the software with fewer restrictions. It provides explicit patent grants, which protect users from patent litigation related to the software.
The main differences between GPL and Apache are:
Apache is well-suited for projects that need patent protection or when a more flexible licensing approach is desired. Its permissive nature makes it attractive for businesses that want to develop proprietary software while avoiding complex compliance requirements.
Looking to apply the GPL license to your open-source project? Let’s get into a detailed, step-by-step guide to make sure you do so correctly and stay fully compliant with the license requirements.
Before you can apply the GPL to your software, you need to clarify the ownership of the code, especially if it was developed during employment or academic activities. This is where a copyright disclaimer comes in. If your project was developed while working for an employer or attending an educational institution, you should obtain their approval of a written disclaimer stating that you hold the copyright for the code. Obtaining their approval will prevent any potential legal disputes over ownership of the code.
A typical copyright disclaimer text might look like:
I, [Your Name], declare that I hold the copyright for the software developed for [Project Name], created during my employment/academic tenure at [Company/Institution Name]. All rights to apply open-source licensing remain with me.
Each file in your project should contain a copyright notice to establish your ownership. This notice is an important part of maintaining legal protection for your work.
A copyright notice might look like:
// Copyright 2024 John Doe
Include this notice at the top of every source code file in your project.
A COPYING file is necessary for every GPL-licensed project. This file contains the full text of the license and is vital for compliance. The COPYING file should be placed in the root directory of your project. You can download the full text of the GPL license from the GNU website.
Each file in your project should also have a license notice. This notice specifies that the software is distributed under the terms of the GPL, ensuring users are aware of their rights and responsibilities.
License notices can look like:
This program is free software: you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation, either version 3 of the License, or (at your option) any later version.
For some applications, it can be beneficial to display a startup notice that indicates the software is GPL-licensed. This can be particularly useful in software that has a user interface, providing immediate transparency to users about their rights.
An example of a startup notice might be:
This software is licensed under the GNU General Public License (GPL). For more information, visit <https://www.gnu.org/licenses/>.
Although not legally required, registering your copyright with the U.S. Copyright Office can provide additional legal protection. This registration makes it easier to prove ownership in case of infringement disputes.
To register your copyright:
Understanding the legal implications of applying a particular licensing scheme is essential, especially if your project involves third-party code. For this reason, we always recommend consulting a legal professional.
You should also verify the compatibility of your project with other licenses, as some may conflict with GPL terms. Using standardized templates and examples can streamline this process.
Compliance with the GPL’s unique requirements can be complex, but it’s essential for avoiding legal risks and ensuring smooth software distribution. Here are some practical ways to help developers and legal professionals achieve compliance effectively.
Conducting regular audits is essential for identifying potential GPL violations – these help verify that your software complies with the requirements, including proper documentation and source code availability.
Here’s how to conduct an effective GPL compliance audit:
Explicitly informing users of their rights under the GPL is a crucial aspect of compliance. Here are some tips:
An example of a clear user notification is:
This software is distributed under the GNU General Public License. You have the right to access and modify the source code. For more details, see the LICENSE file included in this package or contact [Your Contact Information].
Maintaining records is vital for demonstrating GPL compliance. Effective record-keeping practices include:
Ongoing training and education are essential for creating a culture of compliance within your organization:
The principles of the GPL are deeply embedded in the foundation of WordPress. Matt Mullenweg and Mike Little built the open source project with the mission to democratize publishing, a vision that naturally aligns with the GPL’s emphasis on freedom and openness. As a result, WordPress is licensed under the GPLv2, meaning the software remains accessible, modifiable, and shareable by everyone.
What does this mean in practice?
As a WordPress user, you have complete ownership of your website and its content, including any posts, videos, or other media you create and publish.
However, for developers working within the WordPress ecosystem, it’s important to understand that because the GPL extends to derivative works that embody the WordPress code, this includes any custom themes or plugins you develop that use its code. And if your code is licensed under GPL, anyone who obtains it has the legal right to freely use, modify, and distribute it.
It’s important to remember that giving your users freedom to see and adapt your code, doesn’t diminish the value of your work. It makes your code more valuable and useful for the end users. It’s these freedoms that make it possible to provide high-quality software like WordPress to everyone in the first place.
Commercial businesses on top of open source software are often built on charging users for the added benefits you provide, such as premium support, regular updates, and ongoing maintenance. These services are as valuable as the code itself, which is why the market for premium WordPress products continues to thrive.
While the GPL has loads of benefits by creating open-source collaboration, it also demands diligence in compliance, such as proper source code distribution and attribution. Remember, you need to stay vigilant and adapt as technology and licensing practices evolve.
Projects like WordPress show the true power of the GPL, driving innovation and creativity through community collaboration. As a committed supporter of WordPress and open-source principles, Pressable helps developers embrace these values and contribute to a future where innovation and openness are shared goals.
Let’s continue to push the boundaries of what’s possible, together. Learn more about utilizing our managed WordPress hosting for your WordPress projects.
You’ve probably heard about this thing called WordPress and how people are using it to make money. They could be developing WordPress themes and plugins or creating amazing websites. You might ask, “can I start a WordPress business of my own?” Let’s […]
What separates great agency websites from boring or mediocre ones? It’s all about design, tone, and copy. Let’s look at some tips and examples from some of our favorite agency sites to see what we […]
When you’re looking for a website host that can boost your site’s performance as it scales, the options can be overwhelming. You’ve likely come across cloud hosting and managed hosting as top contenders. But here’s […]