Feature Focus: Open Source License Rulebooks

CAST Highlight now displays open source licenses terms, permissions, and constraints in a user-friendly manner: the license rulebooks. This article explains how to access this information from the dashboard to quickly understand the legal implications of OSS component licenses.

Developers are not (all) legal experts

Just as lawyers are not typically expected to be to able to write lines of code that compile, most developers are not expected to know all the legal implications of using a cool component she/he found on Github and which solves a problem in her/his application. While development teams are more or less familiar with the main principles of Open Source software licensing, some license clauses may be written in a complex manner and are confusing to understand. This is where CAST Highlight comes into play to ease the understanding of OSS license terms, with intuituve license rulebooks.

9292
In CAST Highlight, a license rulebook is a user-friendly summary of a license’s terms that make it easier to understand possible legal implications. In other words, you don’t necessarily have to read the entire license text (although it is available in the license rulebook) to understand what you can, cannot, must do with a component under a specific license. Here are the different possible elements of the license rulebook including example terms:

 

CAN: what you are authorized to do with the licensed component
– Distribute the software to third parties
– Modify the software or combine with other works
– Sublicense the work or extend the license
– Make use of the work for a commercial purpose
– Use patent claims, i.e., patent rights from contributors
– Place additional warranty or services on the software

 

CANNOT: what you are not allowed to do with the licensed component
– Describes if the software owner can be charged for direct or indirect damages
– Allowance to use name, trademarks, or logo of the owner
– Sublicense the work or extend the license


MUST: what you must do when using the licensed component
– Original copyright and attributions must be retained
– Include the full text of the license
– Include a copy of the original software (or describe how to obtain it)
– Include a notice file and/or install instructions
– State any changes (or significant changes) made to the original
– Provide the source code when you distribute the software

 

Additional Properties of the license:
– For software related licensing (as opposed to data related licensing)
– Supported by a strong community (up-to-date website, FAQ, forum)
– OSI approved license (Open Source Initiative, https://opensource.org)
– FSF approved license (Free Software Foundation, https://www.fsf.org)

How to view license rulebooks in CAST Highlight

In CAST Highlight, license rulebooks are available for 120+ licenses and will continue to grow in the future. In the user interface, the rulebooks are available in the Software Composition (SCA) dashboards by clicking on a license. A modal opens with the entire license text, the corresponding color-coded rulebook items for the selected license as well as reference links about the license.

License rulebooks are available in the portfolio-level dashboards:

  • Under the Components tab which lists all detected components and licenses at the portfolio level
  • Under the Licenses tab

9293
At the application level, license rulebooks can be displayed by clicking on a license from the Software Composition tab.
9294
Last but not least, license rulebooks are also available in the Bill of Material export in Word format.
9295
If you would like to have your own local copy of the CAST Highlight Open Source License Rulebook and Reference Guide, you can download a free copy here: https://content.castsoftware.com/download-wp-open-source-license-rulebook-and-reference-guide