Bài viết bởi James Chae — Đồng sáng lập, Expert Sapiens
Rà soát lần cuối Tháng 3 2026
Technology
Định nghĩa
An open source license is the legal instrument that governs how open source software can be used, modified, and distributed — and understanding which licenses your codebase contains is a critical compliance and IP obligation for any software business.
Open source software is software whose source code is publicly available and freely modifiable. But 'free' and 'open' do not mean 'no restrictions' — open source licenses impose specific conditions on use, modification, and redistribution, and the conditions vary dramatically by license type. The most important distinction is between permissive licenses and copyleft licenses. Permissive licenses (MIT, Apache 2.0, BSD) allow the software to be used, modified, and distributed with minimal restrictions — you can incorporate MIT-licensed code into a proprietary commercial product. Copyleft (or 'viral') licenses (GPL, LGPL, AGPL) require that any derivative work or software that links to the library be released under the same license — which for many commercial software products means you cannot use GPL-licensed code without making your entire codebase open source.
For commercial software companies, the AGPL (Affero GPL) is particularly significant and often misunderstood. Standard GPL's copyleft provisions are triggered by distribution — but many SaaS companies don't distribute software, they provide it as a service, which some argued was a GPL loophole. The AGPL closed this loophole: using AGPL-licensed code to provide a network service requires releasing your source code under the AGPL. This is why many SaaS companies have strict policies against using AGPL dependencies.
Open source license compliance also requires maintaining attribution notices, not removing copyright headers, and in some cases contributing back modifications to the original project. Commercial licensing deals (dual-licensing) are a common business model: a company releases its software under GPL for open source use, and separately sells a commercial license to companies that need to use it in proprietary products without the copyleft obligations.
Open source license violations are a serious legal and business risk that many software companies discover too late — during due diligence for an acquisition or investment round. A codebase containing undisclosed AGPL dependencies, or GPL code incorporated without fulfilling copyleft obligations, can create claims of copyright infringement and require costly remediation. Sophisticated acquirers and investors now routinely commission open source license audits as part of technical due diligence.
A technology attorney with open source expertise can audit your codebase for license compliance, advise on which licenses are compatible with your commercial model, draft a compliant open source policy for your engineering team, and review incoming license changes for packages you depend on. This is especially important for companies planning to raise capital or pursue an exit in the near term.
Bài viết bởi James Chae — Đồng sáng lập, Expert Sapiens
Rà soát lần cuối Tháng 3 2026