The average person likely associates the Mozilla Foundation with its browser, Mozilla Firefox. Open source software contributors, however, may also know Mozilla for its commitment to keeping the internet a free and public resource, a mission that matches the ethos of OSS development. It’s therefore no surprise that the Mozilla Foundation has created its own open source license, the Mozilla Public License.
Version 1.0 of the Mozilla Public License (MPL) was released in 1998, with a slightly modified Version 1.1 introduced the following year. Over a decade later, in 2010, Mozilla Public License 2.0 made its debut, and has remained the MPL of choice ever since.
The MPL 2.0 is neither a permissive license like the MIT License (which allows for use of the licensed code with very few restrictions) nor a strong copyleft license like the GPL v2 License (which places numerous restrictions on use). Often termed a “weak copyleft” license, MPL 2.0 falls somewhere in the middle. So, what makes Mozilla Public License 2.0 distinctive, and why might an OSS user or author like the MPL 2.0? We’ll address these questions and more below.
Mozilla Public License 2.0 Requirements
Open source software licenses fall into two categories: permissive and copyleft. Copyleft licenses, in turn, come in two flavors: strong and weak. The Mozilla Public License 2.0 is in the latter group.
The difference between the two forms of copyleft licenses lies in the scope of source code to be shared. Strong copyleft licenses like GPL v2 and GPL v3 allow modification and redistribution of the original code, but only under the condition that users make the entire program available under the same license. In other words, the updated code must be licensed under the initial copyleft license, where it will be subject to source code disclosure requirements.
Weak copyleft licenses like the Mozilla Public License 2.0 also require users to disclose their changes to the source code, but requires sharing of a narrower set of code. If an author reworks any of the original files, they have to release those updates when distributing the code and license them under the MPL.
However, if the author keeps the MPL’d code in separate files, they can combine that code with closed-source code to create an aggregate work. The new code files can be kept proprietary or released under a different license. This is sometimes referred to as file-based copyleft.
In addition to the requirement that developers disclose updates to the original project’s source code, users must also include the original copyright notice. In addition, the MPL 2.0 obligates users to state that the code is under the MPL license and share where they can find the license. Including the full license text is not necessary.
Using the Licensed Code
Users of MPL 2.0-licensed code may:
- Use the code in commercial applications. MPL’d code can be included in software that’s sold commercially.
- Change the code. Authors can alter or modify the licensed code.
- Distribute the code. An individual or company can make their reworked version(s) of the code available to others.
- Use patent claims. Contributors to the licensed code provide an explicit grant of patent rights to users.
- Place warranty. The license terms permit users of the open source code to place a warranty on the licensed software.
- Sublicense binaries. A developer may place binaries under a different license in the context of an aggregate work.
This license does not grant trademark rights, meaning that users of MPL 2.0-licensed code cannot use the trademarks, names, logos, etc. of the original project or its contributors. Also, the license states that it does not provide a warranty, nor does it allow contributors to be held liable for any legal issues that may arise from software incorporating the code.
Mozilla Public License 2.0 vs. Other Weak Copyleft Licenses
Other weak copyleft licenses include the GNU Lesser Public License (LGPL), the Eclipse Public License (EPL), and the Common Development and Distribution License (CDDL). In this section, we’ll compare both with the Mozilla Public License 2.0.
Mozilla Public License 2.0 vs. GNU Lesser Public License (LGPL)
The LGPL License is the only weak copyleft member of the GPL license family. The LGPL is generally applied to libraries — in fact, it was originally named the “Library” General Public License. Any larger work that modifies or statically links to the library can only be distributed under the LGPL, and users must list and disclose any code changes. However, an application that simply makes use of the library does not need to be licensed under the LGPL, and the source code need not be disclosed.
Unlike the MPL, the LGPL does not allow users to sublicense the code. It also requires anyone who includes the code as part of a consumer device to include any installation information necessary to update and reinstall the software.
Mozilla Public License 2.0 vs. Eclipse Public License 2.0 (EPL)
The latest version of the Eclipse Public License was released by the Eclipse Foundation in August of 2017. These two licenses have a fair amount in common, including that both allow for aggregate works to be sublicensed. One key difference is that the EPL offers additional legal protections to contributors. Namely, any company that uses EPL’d code in commercial software must defend the code’s contributors should any lawsuits or damages arise regarding that software. Both licenses contain an explicit grant of patent rights.
Mozilla Public License 2.0 vs. Common Development and Distribution License (CDDL)
The CDDL was drafted based the MPL 1.1, so there are many similarities between it and the MPL 2.0. A few notable differences are:
Effect of new versions: The CDDL gives the initial developer the right to ensure that a derivative work is published under the current version of the license. In other words, if the initial developer publishes their code under the CDDL 1.1, they can require any derivative works to be licensed only under 1.1 — not any future versions. In contrast, the MPL allows derivative works to be licensed under the same — or any future version — of the license.
License compatibility: The MPL 2.0 is compatible with GPL v2 or later, LGPL 2.1 or later, and/or AGPL 3.0 or later. The CDDL (and earlier versions of the MPL) are not.
Mozilla Public License 2.0 Use Cases
Weak copyleft licenses like the Mozilla Public License 2.0 fill a niche between strong copyleft licenses, such as the GPLs, and permissive ones like MIT or Apache License 2.0. As a result, it serves specific use cases for both authors and companies that rely on open source software.
For Authors
As a weak copyleft license, the Mozilla Public License 2.0 allows OSS authors to both protect their contributions to a piece of OSS and have the opportunity for their work to be incorporated into well-known and successful pieces of proprietary software. The license can offer the “best of both worlds” for developers seeking to balance these two goals. MPL 2.0 works particularly well for programs that can use proprietary plug-ins (like some plug-ins to the Firefox browser).
Mozilla Public License 2.0 contains an express patent license, but also some terms to clarify the scope of the license. It contains a disclaimer of implied licenses and also a strong defensive termination provision. Unlike Apache License 2.0, where the defensive termination provision only terminates patent rights, Mozilla 2.0 provides a strong incentive against patent claims by terminating the copyright license as well.
For Users
The Mozilla Public License 2.0 provides a number of benefits for users of the licensed code.
For example, the express grant of patent rights protects users against certain patent lawsuits from contributors. An additional benefit is the ability to combine MPL’d code with proprietary works. The license encourages companies to be part of and give back to the OSS community without completely sacrificing the competitive advantages that come with closed-source software.
Well-Known Uses of the Mozilla Public License 2.0
Unsurprisingly, popular web browser Firefox uses the MPL 2.0, as does Mozilla’s email client, Mozilla Thunderbird. Other notable examples include LibreOffice, a free productivity software suite that includes word processing and spreadsheets, and the Apache Flex software development kit (SDK).
The Future of the Mozilla Public License 2.0
One recent examination of projects on GitHub found that approximately 1.4% of works on the platform used the Mozilla Public License 2.0. It was the only weak copyleft license present in any significant number of projects.
Couple this fact with its positioning as a “bridge” between GPL-like licenses and permissive ones, and it’s clear MPL 2.0 presents a unique option for OSS project(s).