Free software is defined by open access to the source code, but above all by its licence characteristics.
The following is a purely informative description of our practice; it is expressly not a recommendation of any kind to proceed in this way.
When using free software we can use all OSI Approved Licences.
If we modify and republish open source software ourselves, the respective licence must be observed and the required conditions must be complied with. As a rule, modifying existing software does not pose a problem with regard to the licence, as a fork of the repository is created, which also contains the licence file.
The publication of the software developed by LHM is carried out under the MIT License in order to hinder reuse as little as possible. The MIT licence is also proposed in the City Council resolution 'Develop new software in an open source context!'.
We take care not to use software with licenses with a strong copyleft effect. This gives us more freedom in choosing the license for our own software and avoids licensing conflicts.
We prefer to use software that has licences which are either permissive or have a weak copyleft effect.
In practice, we mainly use software with the following permissive licences verified by the Open Source Initiative:
Licences with weak copyleft are possible:
We avoid the use of software under licences with a strong copyleft. Typical representatives are:
Java is an exception. Java is licensed under the GPL. However, the GPL with exceptions for linked software applies to OpenJDK. This means that software that uses OpenJDK does not necessarily have to be licenced under the GPL.
To ensure that we do not commit any licence violations, all dependencies of our software must be checked and documented.
We use GitHub Dependency Review for this purpose, which is already predefined in oss-repository-en-template.
The central it@M policy file is defined in it-at-m/.github - the licences with a strong copyleft are defined there, which we want to avoid.
As "false positives" can occur during licence detection, these can be placed on an ignore list.
The compatibility of the licences used can be checked with the JLA - Compatibility Checker.