Open source license compatibility - GPLv3 and Apache 2.0

Previous: Which Open Source Software Licenses To Use And Why?

In our previous blog post, you could read about Open Source Software and why it is crucial to add a software license to your software. This blog will start by looking at two open-source licenses we use at The Hyve, Apache 2.0 and GPLv3. A list of the most popular open-source software licenses can be found here. Please read our next blog post for an overview of which licenses are compatible with each other.

Why do we use Apache and GPL at The Hyve?

In principle, we could use any of the Open Source Initiative (OSI) approved licenses. However, as reuse is one of our core principles, we are somewhat dependent on licenses used by the software's original author. As we will go into later, some licenses add obligations to the reuse and redistribution of the software.

Many of the tools we use are licensed with an Apache 2.0 license (e.g., Grails, Spark, Hadoop, Kafka). To avoid compatibility issues, it is easiest for us to use the same license. Apache 2.0 is a permissive license that grants users rights to use, modify and distribute the source code. Using this license brings some obligations, including state changes to the source code and adding a license and copyright notice.

As GPL licenses are the copyleft licenses to use for open-source software, it fits our company vision of sharing and reusing. Version 2 of the GPL licenses have compatibility issues with Apache 2.0, making it hard to use it for the tools we support. GPL version 3 is the latest version and is compatible with Apache 2.0, ensuring we can use it jointly with the tools we already support. Compared to Apache 2.0, users have the same rights as GPLv3.0; however, the obligations for GPLv3.0 are more extensive. On top of the state changes and license and copyright notice, GPLv3.0 obliges you to disclose the source of the code and use the same license when you redistribute the source code.

Copyleft versus Permissive licenses

As mentioned earlier, a license ensures users have certain rights when using the software. Next to rights, a license also adds obligations when using and modifying the source of the code. Depending on your license, these rights and obligations may differ and lead to compatibility issues.

Permissive licenses are simple licenses that allow you to do whatever you want with the software as long as you honor the license's obligations. Like every other open-source license, they provide the software without any warranties and contain a limitation of liability.

Copyleft licenses are more complex in that they add additional obligations to the derivative work of the original source code. They provide the same rights and limitation of liability and provide software without any warranties but require the user to redistribute derivative works under the same license. This differs from Permissive licenses, where you can keep your own adjusted code closed.

As you can see, rights and obligations under Apache 2.0 are covered by GPLv3, making sure the Apache license terms are met when using the GPLv3 license. The GPLv3 user terms are not satisfied when using the Apache 2.0 license to redistribute GPLv3-licensed software, making the licenses one-way incompatible with each other.

Next time we will expand on license compatibility when making adjustments to the source code of the original work. Some licenses tell you which license you have to use in case of derivative work, which could lead to incompatibility problems when combining work from different sources. For more, please tune in to our next and final blog post in this series.

Next: Combining open-source software licenses - The final chapter