Decisions on whether or not to incorporate a particular open source component into your closed-source software product should be guided by an awareness of the two different categories of open source licenses and the requirements of each.
Open source software licenses are of two types:
- Copyleft Licenses — These licenses require that any software incorporating any of the copyleft-licensed source code must also be licensed under the same copyleft license. This means that the source code of the combined work must be made publicly available. This requirement is typically triggered by distribution of the combined work in binary form. Great care should be taken when incorporating copyleft-licensed source code into any products that are meant to be closed-source. Examples of copyleft licenses: GPL, LGPL, and the Mozilla Public License.
- Permissive Licenses — These licenses have fewer requirements. Permissively-licensed source code can be incorporated into closed-source software without triggering a requirement to apply the same license to the combined work or to disclose the source code of the combined work. Generally, the main requirements of permissive licenses are attribution (i.e., a notice must be provided that the combined work incorporates the permissively-licensed source code) and notice of the license (i.e., a copy of the permissive license must be provided with the combined work). These requirements are usually triggered by distribution of the combined work in binary form. Examples of permissive licenses: the MIT license, the BSD license, and the Apache License.