Just a friendly reminder about what it means to not have a license in your repository. You can read about it here: <a href="http://choosealicense.com/no-license/" rel="nofollow">http://choosealicense.com/no-license/</a><p>Essentially, by not including a license, you default to standard copyright protections and "you retain all rights to your source code and that nobody else may reproduce, distribute, or create derivative works from your work." However, GitHub's ToS say that "by setting your pages to be viewed publicly, you agree to allow others to view your Content. By setting your repositories to be viewed publicly, you agree to allow others to view and fork your repositories."[1] If you go into the glossary you can see that the definition for fork "allow[s] you to freely make changes to a project without affecting the original."[2]<p>Since I'm not a lawyer, I'm not going to do any deeper analysis other than direct quotation here, but I can say that I personally like to submit pull requests with the MIT license to projects I wish to use which do not include a license, as well as a link to <a href="http://choosealicense.com/" rel="nofollow">http://choosealicense.com/</a> before I will use them in my own project.<p>[1] <a href="https://help.github.com/articles/github-terms-of-service/#f-copyright-and-content-ownership" rel="nofollow">https://help.github.com/articles/github-terms-of-service/#f-...</a><p>[2] <a href="https://help.github.com/articles/github-glossary/#fork" rel="nofollow">https://help.github.com/articles/github-glossary/#fork</a>
There are several entire communities of projects, such as Ruby or node.js, which by policy put all of their myriad projects on GitHub. Those communities have thousands or tens of thousands of repositories each, which make up a significant part of the 80000 repositories shown in the main graph in this article, and they're almost all MIT. So I'm wondering how much of the huge set of MIT repositories on GitHub all come from that handful of communities, and how much is random contributors.<p>I'd also suggest that there's a significant overlap between people who choose copyleft licenses and people who avoid proprietary hosting services.<p>So while I <i>do</i> think this data is significant, I think it represents the GitHub community, not the broader FOSS community.
I was curious how this handled repositories that use are offered under more than one license, so I tried this out on the Rust repository:<p><pre><code> "license": {
"key": "apache-2.0",
"name": "Apache License 2.0",
"url": "https://api.github.com/licenses/apache-2.0"
}
</code></pre>
Rust is offered under both MIT and Apache 2, and has corresponding LICENSE-MIT and LICENSE-APACHE files in its root directory. I'm assuming that Github simply searches alphabetically for all files that begin with LICEN[CS]E and eagerly terminates upon finding a single match.
It's good to see MIT and GPLv2 in the top 3, with BSD* and LGPL* in the top 10.<p>The MIT license is also known as the <i>X11 License</i>: <a href="https://www.gnu.org/licenses/license-list.en.html#X11License" rel="nofollow">https://www.gnu.org/licenses/license-list.en.html#X11License</a><p>In the age <i>secure boot</i> functionality of <i>UEFI</i> (BIOS replacement) to hinder or outright prevent the installation of alternative operating systems and locked <i>firmwares</i> on common smartphone and tablet hardware. The source code license has a strategic value, especially with high profile open source projects like operating systems. Examples: Android based on GPLv2 Linux, OSX/iOS and many routers based *BSD operating system source code that ship on a closed down hardware.
Very interesting blog post. I wouldn't have thought that so less projects on GitHub provide a proper license! I'm working on <a href="https://www.versioneye.com" rel="nofollow">https://www.versioneye.com</a> and we track currently more than 500K open source projects in package managers. I just did a quick lookup in our database about Ruby licenses. Currently we have licenses for 56803 Ruby projects (RubyGems) and 49842 of them are MIT! That means 87% of all Ruby projects who provide a license at all, provide an MIT license! I will do a couple more queries and write a blog post to this!
Well. Thanks for the reminder. I always mean for the code I put on Github to be shared but I rarely seem to plonk a license file in the project root folder. (Does that mean I subconscious _don't_ want to share???)<p>I just GPLv2'd <a href="https://github.com/igravious/clearsilver_ruby" rel="nofollow">https://github.com/igravious/clearsilver_ruby</a> and <a href="https://github.com/igravious/clearsilver_ebuild" rel="nofollow">https://github.com/igravious/clearsilver_ebuild</a>
Nothing earth-shattering but it's a start I hope...
Too bad that choosealicense.com is so carefully designed to maintain neutral appearance while actively discouraging copyleft licenses (relegate GPL to last option, describe it as only about sharing rather than about preserving freedom, make it outdated GPLv2 — since they like GPLv2 loopholes better than closing the loopholes etc.)
> To detect what license, if any, a project is licensed under, we used an open source Ruby gem called Licensee to compare the repository's LICENSE file to a short list of known licenses<p>They should also look in COPYING, which is the conventional place to declare that a project is licensed under the GPL. The GPL percentage would likely get a boost if they did this.
I prefer the shorter ISC license to BSD or MIT... It's the default from npm's init, and just feels better than putting more verbiage than what's really needed.
If I start a project on GitHub, I generally put a license in the LICENSE file (at their repo creation). If I don't start it on GitHub and later add it, I generally just put the license in the README(.md, 'cause GitHub).<p>This should definitely crawl the README as well.
Is there any way to select a license for an existing GitHub repository, without adding or modifying any file at a particular location in the tree?<p>Also, it's difficult to find out the license for any given repository while casually browsing or searching. I'm often looking for things that come with (or without) a particular license, e.g. "I can't use any GPL components in my current project." It would be really nice if the license was displayed prominently, just like the programming language used.
For another alternative:<p><a href="https://tldrlegal.com/api/license" rel="nofollow">https://tldrlegal.com/api/license</a><p>is available w/ default REST pagination/query params for content on TLDRLegal