How to read and choose an open source license
MIT license, Apache 2.0, GPL copyleft, license compatibility, SPDX identifiers, choosing a license for your project, patent clauses
Why Licenses Matter
Every open source project has a license. Without one, the default is copyright -- no one can legally use or modify the code. Reading the license before contributing tells you what you can do with the project and what obligations you take on.
The Three License Families
Permissive (MIT, BSD, Apache 2.0): Do almost anything. MIT is one sentence. Apache adds a patent grant -- useful when the project involves patentable technology. These are the safest for commercial use.
Copyleft (GPL, LGPL, AGPL): You can use and modify freely, but any distribution of modified code must use the same license. AGPL extends this to networked use -- if you run GPL-licensed code as a web service, users get the source.
Creative Commons: Used for content, not code. Do not apply CC to software.
Checking a License
Look for a LICENSE file in the repo root. GitHub also displays the license badge on the repo page. If you are contributing to a company-sponsored project, they may ask you to sign a Contributor License Agreement (CLA) that transfers IP rights to them while keeping the code open.
SPDX identifiers (e.g., SPDX-License-Identifier: MIT) are the machine-readable standard used in package metadata. You will see them in package.json, pyproject.toml, and similar files.