GPLv3 Celebrates Two Years, GPLv2 Still in Front
In June of 2007, after many months delay, the Free Software Software Foundation released GPLv3. Since that time, the license has been gaining an increased following, but without much threat to GPLv2 in first place.
Open source knowledge base provider Black Duck Software confirms in a study of most commonly used open source licenses that GNU General PUblic License (GPL) 3.0 is in fifth place overall, with a little over five percent usage.
Unchallenged in first place, with half of all licenses, is still its predecessor GPL 2.0 that reigned alone for 16 years. The Lesser PGL (LPGL) 2.1 is in second place with around 10%. Chances are it will take GPLv3 a few more years to move up the ranks, but has already positioned itself just after BSD 2.0 at six percent.
The adoption rate of GPLv3 in software and projects increased from the 90 initial licenses in 2007 to 3,725 in June, 2008, to 9,755 in June, 2009, according to Black Duck calculations.
Re: Missing DataI want to correct a misperception. In Davide Prina's comment he suggests that in creating Black Duck's KnowledgeBase of open source project information that we track only major sites such as Sourceforge and Codeplex. In fact we track over 4300 sites, many of which are single-project sites such as Asterix. See: http://www.blackducksoftware.com/oss
Davide correctly points out an issue with the project descriptions on many sites, i.e., in mnay cases the project description refers to the wrong license. To correct this, Black Duck employs both people and analytical tools to review projects to determine the correct license, much as Davida did in his example. A better approach would be for OSS projects to employ more discipline in referencing the correct license.
Missing dataMost of the GPL 2.0 (and also LGPL 2.1) is in reality "GPL 2.0 or any later version".
So all this are also GPL 3.0 compatible or can be converted into strict GPL 3.0 by anyone.
Sometime ago I have make some test and found that site like blackducksoftware do not consider a lot of tiny site like sourceforge but with few projects, also there are a lot of site with one single free software project that is not counted. I have found that there are project in sourceforge or similar site that are not considered with the real license they use. Also some project are counted more than once.
I make an example of this mistakes: I take the project "A set of linguistics tools" on sourceforge (http://linguistico.sf.net)
47 Dizionario cognomi italiani 03_01__2009_06_26 Affero General Public License 3.0
not correct it is AGPL >= 3.0
48 Dizionario italiano Mozilla 2_4_2007_09_01 GNU General Public License V3 or later
49 Dizionario italiano per OOo 2_4_2007_09_01 GNU General Public License V3 or later
But 48 and 49 are the same project packed into two different format
50 Strumenti Linguistici DicOOo OOo2-pack_01_07__2008_11_29 GNU General Public License V3 or later
But 50 is 49 + 51 (AGPL) + hypenator (LGPL)
51 Thesaurus OOo 2.x.x 02_09_l_2008_11_29 GNU General Public License V3 or later
wrong it is AGPL >= 3.0
Also is missing a tool that let you extract wrong words from a text file and you can use some filter. I used it principally for finding Italian dictionary missing word, test heavy modification on Italian dictionary, ... but it can be used to check type mistake into a text in few seconds.
This project is released as AGPL >= 3.0
HP's annual Cyber Risk report offers a bleak look at the state of IT.
But what do the big numbers really mean?
.NET Core execution engine is the basis for cross-platform .NET implementations.
The Xnote trojan hides itself on the target system and will launch a variety of attacks on command.
Spammers go low-volume, and 90% of IE browsers are unpatched.
Adobe scrambles to release patches for vulnerable Flash Player.
Four-inch-long computer on a stick lets you boot a full Linux system from any HDMI display device.
New statute would require companies to report break-ins to consumers.
Weird data transfer technique avoids all standard security measures.
FIDO alliance declares the beginning of the end for old-style login authentication.