Licensing: Using 3rd Party/FOSS software or images in your commercial product.

DISCLAIMER: I am not a lawyer, solicitor or trained in any legal profession. If you act on anything in this article, it is at your own risk. You should consult your own legal counsel before exposing your company to risks & liabilities.

Now to the article…

Most Software Developers just want to use free, software libraries, code or graphics to quickly get over a hurdle and sprint away from the problem. We typically just want to embed a small piece of it in products we’ve been asked to make. What we don’t want is complex licensing terms, restrictions, impositions and uncertainty. We’d rather find a less optimal component with lesser licencing issues if it meant we could get beyond our current impasse.

There is no single thing as an Open Source Licence. To me, Open Source is a paradigm where one develops software or other content such as images or documents with community help, feedback, and some kind of public use ideology. That is completely distinct from the way in which that content can be consumed, adapted and redistributed by companies or individuals; which is where we enter the licencing minefield. There is no one “Open Source Licence”, but many licences that Open Source Software is available under. Each has quirks, legacy, purpose and definitions.

To help that, I’ve compiled a list of software licences encountered in my travels, and provided my personal interpretation of those. Use at your own risk.


Here is a selection of popular licences I believe to be entirely compatible with “embedding software/images under those licences into a larger commercial product”. Typically that means you aren’t just bare-face selling what’s already been made by the OSS community, but creating an app that needs (for example) a bit of code for authentication, or some graphics for your buttons.

I typically look for a licence that:

  • Is relatively simple to understand
  • Allows you to make modifications to the source code/image with little impact on your processes
  • Allows royalty free redistribution of the code/image (particularly when embedded in a larger application)
  • Does not impose licence terms on the work you have created
  • At most, requires you to attribute or reproduce licences ‘somewhere’.
  • Does not require you to expose modifications of source code available back to the community.

Complexity is a subjective viewpoint of how much text to read and/or how complex the terms and conditions and caveats are.




BSD 2 Clause

Reproduce entire copyright ,licence and disclaimer in documentation or other materials.


BSD 3 Clause

As the 2 clause, but you are not allowed to use the technology or names to endorse or promote your product without permission.



The copyright notice and the permission notice need to be included
in all copies or substantial portions of the Software. ‘The software’ doesn’t mean ‘your software’, but the
original work.I would, however, attribute to be polite.


Apache 2.0

Include/attribute the original licence in the installation media/documentation, typically this is as simple as reproducing the NOTICE file for that component in your documentation.


Has a lot of text to go through compared to BSD 3 clause.

Microsoft Public Licence (MS-PL)

You’re not allowed to use trademarks/name of the

You (pretty much) have to include the licence as attribution.

Distribution requires your licence to comply with MS-PL’s
licence, but doesn’t mean your licence has to be MS-PL, it just has to not
infringe on the original terms.


Creative Commons PD (CC0)

Do not imply endorsement of the originator.

No attribution required.


Creative Commons CC BY 3.0

Attribute the originator & link to the licence.

Do not use the originator as an endorsement.

Clearly state if modifications of the original works have
been made.

“Work” means the original work, not your work – your work
is the “Adaptation”.

High – purely on word count and inappropriate / unclear
consideration for use in software products.

Licences which didn’t make the list

Mozilla Public Licence 2.0

This licence is just too wordy and in it’s own words “copy-left”. Be warned. It requires you to do more than you’d like to distribute a program that includes code from MPL. Yes, in the simplest case where the original is unmodified, all you have to do is make sure that the source code is available from the link you provide, or on request and made available in a reasonable time frame/by reasonable means. But to me, the extra conditions place on it, and the slightly scary ‘copy-left’ statement makes me walk away.

LGPL 3.0

You may wonder why the Lesser Gnu Public Licence hasn’t even made my list. Apart from doing its best to not use relevant technical terminology, it adds conditions to distribution (aka “convey”) of your end product “a combined work” that uses the library you’ve downloaded from the web.

The most alarming condition is 4d – that you have to allow end users to drop in replacement libraries and/or allow end users to relink your product to them – that could present s significant security and support issue. Clause 4b and 4c also elevate the licence to GPL instead of LGPL which is viral.

There is another GPL licence – the Gnu Public Licence. That’s definitely not compatible with a commercial software product unless all you’re selling is support & training and you don’t mind your competitors building and selling your software too without any kickback.

SIL OpenFont Licence

This was nearly in my list, but you have to be careful with naming any icons you’ve modified (derivative works) as there are conditions on the use of names.

The basic SIL font licence FAQ page indicates at the bottom that it is Share-A-Like, which makes my hair stand on end – and typically means (to me) you’d have to include the original font as a separate file for your end users to be able to use.

CC  BY SA 3.0

Share-a-like –  “ If you remix, transform, or build upon the material, you must distribute your contributions under the same license as the original.” – scared me off. I don’t want my product or even a tiny part of it to suddenly become ‘Open’ because I’ve tweaked your broken icon.

Icon packs and existing trademark images

Typically your app will want to present a login button for using social media accounts, or buttons to share and tweet. But when it comes to using trademark or copyright images to represent these, alarm bells need to ring in your head.

Even if the icon pack licence file claims the icons are free to use or modify, you are not usually free to do so on such images. You need to check with the owner of the trademark image, and investigate what restrictions of use they impose on it. Typically this means not altering the colours or image.

Facebook’s DOs & DON’Ts

Twitter’s brand asset guidelines.

(Thanks to @IPWright for reminding me to add this section)


One thought on “Licensing: Using 3rd Party/FOSS software or images in your commercial product.

  1. Pingback: TapPhrase – the lowdown | @GilesDMiddleton

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )


Connecting to %s