Thanks, Larry. The list is not designed exactly for the purpose of this 
discussion, but I thought it might provide some useful, objective data. 
Certainly not taking anything personally.

All of your questions are good questions; most really important if one is 
recommending licenses which Black Duck generally, and the list absolutely, does 
not. The list is simply a ranking by “number of unique programs (in the Black 
Duck KnowledgeBase) under the license.” We call them as we see them, i.e. 
identifying the license declared for each project. So, while you might make a 
great point about the 2- and 3-clause BSD, we make the distinction and let 
lawyers decide whether they “give a damn about” it. We endeavor to capture any 
software freely available on the Internet and thus end up a long tail of 
associated licenses which are not strictly open source licenses. And, yes, we 
keep old projects and deprecated licenses. Understand that one of the key use 
cases the data are meant to support is scanning code to discover its 
composition, and often old components (with old licenses) turn up in new code.

For lawyers who review code, the message of the top 20 list is that there’s a 
clear Paredo distribution; if you understand the top 10 or 20, you are in 
reasonable shape. This is back to Luis’ original point of which we should not 
lose sight; there are a bunch of good reasons to steer developers towards a 
well-understood licenses. Hey maybe “well-understood” is a good alternative to 
“standard."



From: Lawrence Rosen <lro...@rosenlaw.com<mailto:lro...@rosenlaw.com>>
Reply-To: <lro...@rosenlaw.com<mailto:lro...@rosenlaw.com>>, 
<license-discuss@opensource.org<mailto:license-discuss@opensource.org>>
Date: Mon, 28 Apr 2014 16:06:41 -0700
To: <license-discuss@opensource.org<mailto:license-discuss@opensource.org>>
Subject: Re: [License-discuss] FAQ entry (and potential website page?) on "why 
standard licenses"?


Hi Philip,



Thanks for the Black Duck "Top 20" list of open source licenses. Your list is 
the best around, so please don't take the following criticism too personally. 
But this list demonstrates that even the ways that we calculate popularity are 
flawed. For example:



·         Are GPLv2 and GPLv3 really one license nowadays with total 38% 
popularity, or still two licenses? [Ben Tilly already made that suggestion on 
this list.] And the classpath exception version of the GPL (at < 1%) qualifies 
that license for yet a third spot on your "Top 20" list?



·         Same with the LGPL; is that one license at (5% and 2%, respectively) 
or one license at 7%?



·         Are these numbers based on lines of code created, numbers of unique 
programs under the license, or number of copies of the software actually 
distributed? For example, under what criteria does the zlib/libpng license 
count? Wikipedia describes that license as intended for two specific software 
libraries but "also used by many other free software packages." That comment in 
Wikipedia is as vague and uninformative as the "< 1%" that you cite in your 
table. I say this to point out that numbers on a list need to be *interpreted* 
and *scaled* to be useful.



·         Is there any value to listing the 2-clause and the 3-clause BSD 
licenses separately, given that no company lawyer in the world gives a damn 
about the distinctions between them? Meanwhile, every conversation about the 
BSD licenses on these OSI email lists concludes with the following great 
suggestion: "Why don't you use the Apache License 2.0 instead?" If OSI is ever 
going to recommend answers to easy legal questions, surely this is among them. 
It serves absolutely no useful purpose at this stage of our maturity to list 
each version of the BSD license separately – not even the two you placed on 
your list.



·         You list the CDDL, a license created by a company that no longer 
exists and whose successor company doesn't use it. Do we still count deprecated 
licenses for as long as a even single copy of that code resides in the wild? 
Not only that, but two versions of that single obsolete license are 
individually listed in the "Top 20".



·         Wikipedia refers to the CPOL license as "mainly applied to content 
that is being published on a single community site for software developers" 
known as The Code Project. Wikipedia further reports that the CPOL license is 
neither "open" as defined by OSI nor "free" as defined by FSF. Why is it on 
your list at all?



/Larry





-----Original Message-----
From: Philip Odence [mailto:pode...@blackducksoftware.com]
Sent: Monday, April 28, 2014 2:48 PM
To: license-discuss@opensource.org<mailto:license-discuss@opensource.org>
Subject: Re: [License-discuss] FAQ entry (and potential website page?) on "why 
standard licenses"?



In case it helps, Black Duck publishes a top licenses list based on the number 
of projects in our KnowledgeBase (out of a current total of about a

million) that utilize each respective license.

http://www.blackducksoftware.com/resources/data/top-20-open-source-licenses

The webpage only shows the top 20, but if OSI thought that 30, say, was a good 
number, we could provide those.



By the way, we are working on improving the presentation of the list, but I 
didn¹t want to wait for that before throwing the thought into the mix.







On 4/28/14, 4:57 PM, "Richard Fontana" 
<font...@sharpeleven.org<mailto:font...@sharpeleven.org>> wrote:



>On Mon, 28 Apr 2014 13:31:06 -0700

>Ben Tilly <bti...@gmail.com<mailto:bti...@gmail.com>> wrote:

>

>> Suggested solution, can we use the word "common" instead of

>> "standard"?  And our definition of common should be something

>> relatively objective, like the top X licenses in use on github, minus >> 
>> licenses (like the GPL v2) whose authors are pushing to replace with

>> a different license.

>

>You'd exclude the most commonly-used FLOSS license from "common"?

>

> - RF

>_______________________________________________

>License-discuss mailing list

>License-discuss@opensource.org<mailto:License-discuss@opensource.org>

>http://projects.opensource.org/cgi-bin/mailman/listinfo/license-discuss



_______________________________________________

License-discuss mailing list

License-discuss@opensource.org<mailto:License-discuss@opensource.org>

http://projects.opensource.org/cgi-bin/mailman/listinfo/license-discuss

_______________________________________________ License-discuss mailing list 
License-discuss@opensource.org<mailto:License-discuss@opensource.org> 
http://projects.opensource.org/cgi-bin/mailman/listinfo/license-discuss
_______________________________________________
License-discuss mailing list
License-discuss@opensource.org
http://projects.opensource.org/cgi-bin/mailman/listinfo/license-discuss

Reply via email to