Alert: Almost 80% of GitLab Public Repositories are Not Open Source Licensed!

Open Weaver
2 min readDec 21, 2020

--

We discussed different open source licenses and their implications for your development needs and the state of licenses in GitHub public repositories in our previous posts. Do look them up to understand the implications of using or creating “No License” software and projects. Given the state of poor compliance in GitHub, we looked at the next largest public repository, GitLab.

Overall, GitLab fares worse than GitHub in making the public repositories usable through meaningful licenses. GitLab’s default license terms on public repositories are also not clearly stated.

For this analysis, we picked all of GitLab’s public repositories totaling around 905,000. In those, we found around 30 open source license types used. Unfortunately, “No License” was the number one category across all license types.

80% of GitLab public repositories have no license

Top 5 Take-Aways from GitLab public repository analysis:

  1. We found around nine hundred thousand public repositories. It is about 3% of GitHub’s public repository count. We will share a detailed comparison of the state of GitHub and GitLab public repositories in the coming weeks.
  2. Almost 80% of the public repositories have no license making them unusable.
  3. The MIT License Ranked at #2 with 10%, followed by the GNU General Public License v3.0 with 4% and the Apache License 2.0 with 3%. Interestingly we had seen the Apache License 2.0 way ahead of the GNU General Public License v3.0, indicating a tilt towards permissive licenses in the GitHub repositories.
  4. Active software that has more than 10 releases are rare in GitLab. Of the 0.2% that existed, the licensed software ratios improved. “No License” was at 36%, followed by the MIT License at 28%, the GNU General Public License v3.0 at 15%, and the Apache License 2.0 at 15%.
  5. Only 3% of GitLab public repositories were forked, indicating potential reuse. 69% of all software that was forked didn’t have licenses indicating potential copyright violation.

“No License” public repositories are more than a careless situation. They potentially promote copyright and software license violations. While the repository providers are slow in reacting to this clear and present danger, users and creators need to be extra vigilant in dealing with this.

Happy Reuse!

While every effort has been made to provide accurate and updated information, we regret any omission or error.

--

--

Open Weaver
Open Weaver

Written by Open Weaver

Open Weaver is a SaaS tech company, changing the way the world builds digital. Learn more at www.openweaver.com

No responses yet