Few open source developers have migrated to licensing their software using the controversial General Public Licence version 3 (GPLv3), and most have no compelling reason to do so, according to industry experts.

GPLv3 was defined in June this year by the Free Software Foundation (FSF) following two years of consultation with the open source developer community.

It replaces the 15-year-old GPLv2 and represents a more sustained attempt to address software patents, hardware restrictions on software modification (“tivoisation”), compatibility with other free software licences, and internationalisation. It also includes changes that address issues such as how licence violations are handled and how additional permissions can be granted by the copyright holder.

GPLv3 has been well received in some quarters. But its inclusion of a so-called grandfather clause has upset others because it is perceived to legitimise the controversial agreement between Novell and Microsoft on intellectual property rights, whereby the two companies agreed not to sue each other over any patent disputes.
For many in the open source community, such private alliances, and even the very idea of intellectual property in software, are the antithesis of open source.

Nor did it help GPLv3 when Linus Torvalds, the originator of Linux, publicly voiced his dissatisfaction with it and said he intended to stick with GPLv2.

It is unclear how widespread this dissatisfaction in the open source community is, or to what extent it has deterred some developers from converting to the new licence. But what is certain is that the number of GPLv3 subscribers so far remains limited.

According to Doug Levin, president and chief executive of software asset and licence management firm Black Duck Software, only 506 projects had migrated from GPLv2 or Lesser GPLv2 as of 14 September.

“These are projects deployed with v3 licences,” Levin said. “It is an im portant distinction because other estimates are based on what people write in their blogs about an intention to migrate. We only count v3 code and licences.”

Levin estimated that most commercial projects behind the migration were based on SugarCRM and Samba, as well as FSF-related projects like the GSS compiler, which immediately converted to GPLv3.

Black Duck’s assessment was backed up by the results of a US survey published last month by Evans Data, which found that only six per cent of open source developers had adopted GPLv3.

Two-thirds of the developers surveyed by Evans Data said they would not adopt GPLv3 in the next 12 months, and 43 per cent said they would never implement the new licence. Of nearly 400 developers polled, almost twice as many said they would be less likely to join a project that implemented GPLv3 than more likely to join.

“GPLv3 is controversial because it imposes restrictions on what you can do with programs implemented under it,” said John Andrews, president and chief executive of Evans Data. “Developers are confused and divided about those restrictions.”
US-based code audit consultancy Palamida also monitors GPLv3 uptake. It put the figure for pure conversion – where projects drop GPLv2 in favour of GPLv3 – at 679 as of 20 September.

Levin suggested that most projects that have converted to using GPLv3 so far are the smaller ones.

“I would say anything between 25 and 50 per cent [of those using GPLv3] are pure FSF supporters and the rest are independent open source projects,” Levin said. “We do not yet appear to have a major wave of commercial solutions going over to GPLv3 at this point, probably because larger projects need more time to rewrite the code or wait for the next rev to sync with v3.”

Some changes introduced in GPLv3 will almost certainly appeal to larger software publishers, such as the ability to add jurisdictional variations of the limitations of liability and exclusions of warranty while still being GPLv3.

Even so, most expect larger software publishers to be slower to convert because they have more to lose, and their processes for diligently assessing the licence are likely to take a lot longer.
‘ http://gpl3.palamida.com:8080/index.jspj

Expert comment: True extent of uptake will not show for some time
Rowan Wilson of open source software advisory service OSS Watch warns against writing off GPL version 3.

The Palamida figure is just the tip of the iceberg in terms of potential GPLv3 usage, as all projects that declare themselves as licensed under ‘GPLv2 or later’ can now be used, adapted and distributed under the GPLv3 at the licensee’s discretion.

Many projects may retain this take-your-pick method of licensing and so not show up in the pure conversion figures. Palamida reported that 5,464 projects were licensed in this way. The pure conversion figure is only a small part of the story, and the real extent of GPLv3 uptake may take a long time to determine.

Many projects will still be consulting their communities about the issue. This is an entirely redrafted licence, and the legal implications of changing will need time to evaluate.

Certainly the reticence of Linus Torvalds over the anti-tivoisation measures will have had an effect on uptake, although it is difficult to gauge how much that is due to the community agreeing with the details of his reservations, or simply respecting his position as a leader.

Also, if we are talking about the totality of free and open source developers, many never liked or used the GPLv2 in the first place. For them, the GPLv3 is unlikely to be significantly more appealing.

Overall, I do not see many compelling reasons for larger publishers to be in the vanguard of GPLv3 adoption. If a large pool of indispensable GPLv3-licensed components and utilities develops, that would change the situation considerably.

The Microsoft/Novell deal upset a lot of people inside and outside the FSF/GPL community because it can be seen as an implied threat of litigation against the larger community. When Microsoft cited 235 patent violations, it was referring to all free and open source software, not just GPL software.

Most public statements by the larger community have been directed at the supposed iniquities of Microsoft rather than GPLv3. I would expect those who do not like the FSF to recognise that GPLv3 is attempting to counter a wide-ranging threat, even if they do not like its approach.