Top Open Source Licenses Explained

Mend.io Team October 9, 2025 6 min read

What is an open source license?

An open-source license is a legal agreement between a software author and its users. It defines how the software can be used, modified, and redistributed. This license is what turns regular software into open source, granting developers the right to build on top of others’ work—as long as they comply with specific conditions.

Open-source licenses play a vital role in both community-driven and commercial software development. They dictate how companies can integrate open-source components into proprietary products without facing legal or compliance risks.

Today, there are over 200 open-source licenses, but in practice, most open-source projects fall under a small number of popular ones. Let’s unpack how these licenses differ and what they mean for your codebase.

Learn more about open source.

Types of software license: Copyleft and permissive

Open-source licenses generally fall into two broad categories:

Copyleft licenses

A copyleft license requires that any derivative work built from the original open-source code remains open source. If you use or modify code under one of these licenses and distribute your software, you must make your source code available under the same terms.

For example, the GNU General Public License (GPL) enforces this rule strictly, ensuring that open-source code—and everything derived from it—stays open.

However, copyleft licenses vary in strength:

Strong copyleft (e.g., GPL): Any combined or derivative work must remain open source.
Weak copyleft (e.g., LGPL, EPL): Only modified files must remain open source, while the rest of your application can use another license.

Learn more about the nuances in our guide on Open Source Copyleft Licenses.

Permissive licenses

Permissive licenses are far more flexible. They allow you to use, modify, and redistribute open-source code—even within proprietary software—without the obligation to open source your own code.

The MIT License, BSD Licenses, and Apache License are the most popular examples. They’re designed for ease of adoption, minimal legal risk, and commercial compatibility.

Open source license comparison: Main differences

Below is a visual comparison of how common open-source licenses differ in terms of freedom, reciprocity, and restrictions.

Top open source licenses explained

There’s no single “best” open-source license—only the one that fits your project’s goals and compliance needs. The Open Source Initiative (OSI) currently approves around 80 licenses, but only a handful dominate modern software development.

Here’s a breakdown of the major ones you’ll encounter:

GNU general public license (GPL)

The GPL is the most widely used strong copyleft license. Created by Richard Stallman, it ensures that software using GPL components must also be released under the GPL.

This extends even to linked libraries—meaning you generally can’t mix GPL code with code under other restrictive licenses. However, there’s a key nuance: the copyleft obligation is triggered only upon distribution.

That’s why SaaS providers can use GPL software without releasing their source code—a loophole addressed by the Affero GPL (AGPL), which considers network access a form of distribution.

Weaker variants include:

Lesser GPL (LGPL): Allows linking with proprietary code.
GPL with Classpath Exception: Clarifies use of unmodified libraries without enforcing copyleft.

The Apache license (version 2.0)

The Apache License is one of the most permissive open-source licenses. It allows modification, redistribution, and even commercial use, provided you:

Include a copy of the license and attribution,
Note any modifications made,
Avoid implying endorsement by the Apache Software Foundation.

Apache 2.0 stands out because it includes explicit patent rights, protecting developers and users alike. This balance of openness and legal clarity makes it a favorite for enterprise use.

Microsoft public license (Ms-PL)

The Ms-PL is a simple, permissive license from Microsoft. It allows free use, modification, and distribution—with a few caveats:

You cannot use contributors’ names, logos, or trademarks.
The software comes without warranties.
If distributing in source form, it must remain under the Ms-PL.

Berkeley software distribution (BSD) licenses

The BSD family includes several permissive variants:

4-clause BSD: Requires attribution in advertising (rare today).
3-clause BSD: Removes the advertising clause.
2-clause BSD (FreeBSD): Removes both advertising and non-endorsement clauses.

BSD licenses are minimalistic and highly business-friendly, allowing virtually unrestricted reuse.

Common development and distribution license (CDDL)

Created by Sun Microsystems, the CDDL is a weak copyleft license modeled after the MPL. It requires that source code files containing CDDL-licensed code remain open source, but other files in the same project can be under different licenses.

You must:

Retain copyright and attribution notices,
Identify yourself as a modifier, and
Include the license in all redistributions.

This structure enables collaborative reuse without forcing full project openness.

Eclipse public license (EPL)

The EPL is another weak copyleft license that applies per file.

If you modify EPL code and distribute it, that modified file must stay under EPL. However, your proprietary code can remain closed if kept separate.

Version 2.0 clarified this per-file rule and added an explicit patent grant. The EPL is popular in enterprise software ecosystems, such as the Eclipse IDE.

MIT license

The MIT License is one of the most popular and permissive licenses in existence. It allows almost total freedom:

Use, modify, and distribute freely,
Include the license text in copies or substantial portions,
No warranty or liability from the author.

At under 200 words, the MIT License is concise, legally sound, and perfect for proprietary integration. It accounts for nearly one-third of all open-source license usage worldwide.

Know your open source licenses, or explain it to the judge

Nearly all modern applications rely on open-source components. Ignoring license compliance isn’t just risky—it’s reckless. The wrong license choice (or the wrong use of it) can expose your organization to legal, financial, and reputational damage.

That’s why open-source license management tools are essential. They:

Identify and track licenses in your codebase,
Ensure compliance across dependencies,
Reduce legal exposure for your organization,
Reinforce trust and security in your software supply chain.

Learn more about evolving license trends in our analysis of Open Source Licenses: Trends and Predictions and how dual licensing can offer flexibility for developers and enterprises alike.

Additional guides on open source topics

Together with our content partners, we have authored in-depth guides on several other topics that can also be useful as you explore the world of open source: