Let’s Talk Licenses: Beware the Beerware License

Many companies are relaxed about reusing software under the Beerware License and similar open source licenses. But could licensors have a real claim?

Let’s Talk Licenses: Beware the Beerware open source license

We came across a variation on the Beerware License that is worth note.

First, the Beerware License: It’s a reasonably well-known (and oft misquoted) open source license. It was the brainchild of Danish developer Poul-Henning Kemp, a main contributor to the FreeBSD project. The full text of the current version is as follows:

/*
 * ----------------------------------------------------------------------------
 * "THE BEER-WARE LICENSE" (Revision 42):
 * <phk@FreeBSD.ORG> wrote this file. As long as you retain this notice you
 * can do whatever you want with this stuff. If we meet some day, and you think
 * this stuff is worth it, you can buy me a beer in return Poul-Henning Kamp
 * ----------------------------------------------------------------------------
 */

What do organizations think about the Beerware License?

In our experience, most companies and attorneys are pretty relaxed about it. The Fedora project’s analysis is, “This license is extremely permissive, and falls under the ‘Copyright only’ category of licenses, where it is effectively in the Public Domain, but Copyright is still retained.”

But some organizations take a different stance. Google is one of those exceptions. They publish licensing guidelines that tend to take a hard line. Beerware-licensed software cannot be used at Google, nor can their developers contribute projects so licensed. The grant of rights is “vague,” according to Google.

The Stronger Beer License

We’ve run into a license that was clearly inspired by the Beerware License but has a little more in the way of “teeth.” This license is the one for the JASidePanels project. It reads exactly like the MIT License with the following addition:

If you happen to meet one of the copyright holders in a bar you are obligated to buy them one pint of beer.

The Stronger Beer License

The Fedora project justifies and clarifies its position on the original Beerware License as follows:

The license contains an optional clause where, if the recipient feels that the licensed work is “worth it”, they have the option to purchase the copyright holder a beer. If this were mandatory, it would make this license non-free, but since it is optional, it does not consist of a use restriction.

Given this reasoning, Fedora would certainly take issue with the clear obligation in this license. The extra punch of this unnamed license has led us to refer to it internally as the Stronger Beer License.

Every company has to make its own calls on the risks it’s willing to take and the types of software licenses it’s willing to allow. What are the chances of running into one of the copyright holders in a bar? What are the chances of their pursuing a claim should “you” (whoever that is) not purchase the required pint? But JASidePanels, a UI display controller, shows up in a number of open source and commercial apps, so the question is worth considering. Is this new beerware-type license too strong for your taste?

To learn more about how Black Duck Audits can reduce open source, legal, security, and quality risks in software, visit our website.

Learn more about open source software audits



*** This is a Security Bloggers Network syndicated blog from Software Integrity Blog authored by Phil Odence. Read the original post at: https://www.synopsys.com/blogs/software-security/beerware-open-source-license/