![Open Source Policy]](http://data.docslib.org/img/b00e1f1256e3379a6e4eeb27f7997282-1.webp)
[Open Source Policy]
[Internal Policy]
Rev 1.0
Doc #: MLNX-18-xxxx
www.mellanox.com Mellanox Technologies Confidential
Table of Contents Contents 1 Purpose ...... 3 2 Copyrights ...... 3 3 Open Source Software ...... 4 3.1 What is an Open Source Software ...... 4 3.2 Using Open Source Software ...... 4 3.3 Open Source Software Licenses ...... 5 3.4 What TO DO when using Open Source Software ...... 7 4 Patent Guidelines for Open Source Software ...... 8 5 What to do when need to provide Mellanox Source Code to Customers ...... 8 6 Third Party Software ...... 9 7 Appendix A: Application Form ...... 10
2 Mellanox Technologies Confidential Rev 1.0
If you have any question concerning open source and use of open source or regarding this policy please contact: [email protected]
This policy can also be found in the SW page in SharePoint.
1 Purpose
The purpose of this document is to provide guidelines for developers and project managers for managing source code in the following areas: • Source Code Copyright notices • Usage of Open Source Software • Scanning Software • Providing source code to customers • Usage of 3rd party tools
2 Copyrights
Software is copyright protected, meaning the owner of the software decides how, to whom and which rights to give, if any, by a license.
If you, as Mellanox employee, write source code from scratch, or add original source code to existing code of Mellanox, this source code is Mellanox proprietary software.
Each Mellanox proprietary source file must include the following Legal copyright and licensing disclosure text in a commented section at the top of the file:
Copyright (C) Mellanox Technologies, Ltd. ALL RIGHTS RESERVED.
This software product is a proprietary product of Mellanox Technologies, Ltd.(the "Company") and all right, title, and interest in and to the software product, including all associated intellectual property rights, are and shall remain exclusively with the Company. All rights in or to the software product are licensed, not sold. All rights not licensed are reserved.
This software product is governed by the End User License Agreement provided with the software product.
Rev 1.0 Mellanox Technologies Confidential 3
3 Open Source Software
3.1 What is an Open Source Software
Open source software (OSS) is a software available via some licensing mechanism to other developers and end‐users subject to open source software license agreements like: GNU GPL, LGPL, BSD, Artistic, Mozilla, MIT, Apache or other similar OSS licensing mechanisms.
The three main points need to be checked in an OSS Licenses are: 1) Attribution – what happen to the part of code you contribute to this OSS. 2) Exclusion of liability - if exist or not. 3) Distribution of the source code – what are the limitation on distribution if any.
Risks when using OSS: • OSS license’s which when used turn Mellanox' software package or even some Mellanox patents into OSS as well. • Copyright infringement due to careless use of OSS. • Compatibility – using different OSS licenses which cannot be combined = Copyright infringement.
3.2 Using Open Source Software Questions to ask before using OSS: 1. Is the software intended for use internally only or for distribution ✓ Internal use is always permitted. ✓ You must make sure before the Code go to GA that all the folders which were for internal use have been removed! 2. Will the OSS be modified? 3. Is the OSS linked to the propriety software and in what manner (dynamic/static) 4. How important is the open source component for the functionality of our product? How close is it to the core IP? 5. What will be the separation efforts to separate the OSS from the propriety code? 6. Is there a dual license? Why and which? 7. What are the applicable license terms 8. RED LIST/YELLOW LIST/GREEN LIST
4 Mellanox Technologies Confidential Rev 1.0
3.3 Open Source Software Licenses There are several types of OSS licenses each with unique features. The following table compares certain features of each license and is a general guide to the terms and conditions of each license. Permissive (Green) license - means use and distribution of the open source is allowed as long as a copyright notice is included and the terms of the open source license are provided. The terms of the license must be included in the head of the code itself. Intermediate (Yellow) license - requires that any modifications and only the modifications (not all the software that the OSS component is part off) will be provided to all and be published. Restrictive (Red) License means any code/software combined with the OSS component becomes free and must be published and open to all.
Rev 1.0 Mellanox Technologies Confidential 5
OSS well Known Licenses √ =Permissive- don’t need to disclose our code
License Author V. Static Distribute Modify Patent Privat Sublicen GPL Linking Grant e use sing Comp atibili ty Apache Apache 2.0 GPL https://www. Softwar √ √ √ √ √ √ V3 apache.org/lic e enses/LICENS Foundat E-2.0 ion BSD license Regents 3.0 Not https://opens of the √ √ √ provide √ √ ource.org/lice Universi d in the nses/BSD-3- ty of CA license Clause
MIT License MIT Not https://opens √ √ √ provide √ √ ource.org/lice d in the nses/MIT license Python Python 2 Not Software softwar √ √ √ provide √ √ Foundation e d in the License Foundat license https://opens ion ource.org/lice nses/Python- 2.0 Common IBM 1.0 Public License √ X X √ √ √ √ http://www.ib m.com/develo perworks/libra ry/os-cpl.html Eclipse Public Eclipse 1.0 √ License Foundat Limited Limited Limited √ √ Limited https://www. ion eclipse.org/le gal/epl- v10.html
GNU LGPL Free 3.0 √ https://www. Softwar √ with X X √ √ X gnu.org/licens e restrictio es/lgpl- Foundat ns 3.0.en.html ion Mozilla Public Mozilla 2.0 √ License Foundat √ X X √ √ X https://www. ion mozilla.org/en -US/MPL/2.0/ GNU GPL Free 3.0 √ https://www. Softwar X X X √ √ X gnu.org/licens e
6 Mellanox Technologies Confidential Rev 1.0
es/gpl- Foundat 3.0.en.html ion GNU GPL Free 2.0 √ https://www. Softwar X X X X X X gnu.org/licens e es/old- Foundat licenses/gpl- ion 2.0.html
3.4 What TO DO when using Open Source Software
Involved the Legal department part of the product development process as early as possible.
a) Make sure that Mellanox is allowed to use the OSS for its intended scope of use;
b) Make sure that Mellanox can develop and distribute commercial and noncommercial applications and services with the OSS if desired;
For avoidance of doubt, any use of GNU GPL or LGPL software or source code in connection with Mellanox proprietary software and products is strictly prohibited and any proposed use of such licensed software or source code must be submitted for approval prior to any use of such software or source code.
Every open source used in a project requires the following approval cycle: 1. Approval by project manager before it is used and meet the following criterias: a. The OSS must have a measurable benefit. b. There is no equivalent Mellanox software or solution already deployed or easily available. 2. Approval of relevant VP. 3. OSS Application form (see Appendix A) must be completed by the applicant and submitted by email to the address [email protected] for approval. 4. Review and approval of the legal department, after a Black Duck scan Documentation Each project manager should manage a list of open source codes used in the project and packages with their corresponding version for each software release. All instances of OSS in Mellanox products must be documented within the source code itself for easy future identification with a simple search. This includes the name of the OSS, where it was downloaded from, when it was first incorporated into the software, how it is licensed and whether it was modified or enhanced in any way (including sufficient details). An identifier of “Open Source Usage” must also be included in this embedded documentation for easy search.
Rev 1.0 Mellanox Technologies Confidential 7
DO NOT COPY AND PASTE CODE TO MELLANOX CODE WITHOUT APPROVAL! DO NOT USE ANY OSS CODES WITHOUT APPROVAL!
4 Patent Guidelines for Open Source Software
OSS licenses are not created equal when it comes to patents. Some licenses, such as APACHE and GNU GPL 3.0, include a royalty-free patent license of patents owned by the contributor that would be infringed if the OSS is used. Other licenses, such as BSD, MIT and PYTHON, are “patent-friendly” and include no obligation to provide a royalty-free license upon distribution of the code in open source.
Thus, it is always preferable for Mellanox to distribute OSS under one of the patent-friendly licenses listed above. If distribution of the OSS is intended to be provided under one of these licenses, or under a dual license that includes one of these licenses, the inventor/s shall strive to file patent applications directed to the subject matter included in that OSS. Prior to distribution of OSS under any one of these licenses, the Project Manager will review new functionalities included in the OSS and suggest patent candidates to the IP Manager for filing as patent applications.
However, if distribution of the OSS is intended to be provided only under any one of the licenses that require the contributor to grant royalty-free patent licenses, specifically any one of Apache, Common Public License, Common Public License, GNU LGPL, Mozilla Public License, or GNU GPL 3.0, we will typically not invest in patent applications directed to the subject matter included in that OSS.
5 What to do when need to provide Mellanox Source Code to Customers
8 Mellanox Technologies Confidential Rev 1.0
When you wish to provide Mellanox' source code to customer you need to follow the following steps: • Identify the need of the customer for receiving Mellanox Source Code. • Approach the legal department ([email protected] ) in order to get the suitable license agreement. • Get an approval in advance by the relevant VP software.
Note: The License agreement should be updated upon release of every new version of Mellanox' software. The code must be scanned by the Black Duck system to see if new OSS components have been used. It is suggested that all source code be provided via a password controlled, company- hosted web site.
6 Third Party Software
Third party software that is bundled with Mellanox solutions may have an impact on the licensing of our software. Any use of third party software must be approved by the relevant VP software, product manager and the legal department (Hila Cherny: [email protected] ). Each product manager must maintain a list of third party software with their corresponding version for each software release.
Rev 1.0 Mellanox Technologies Confidential 9
7 Appendix A: Application Form
This Form will be in the service now and SW SharePoint page.
This application form is used to submit the open‐ source application request to Legal. Submit completed forms electronically to [email protected]. 1. Date of application:
2. Name of applicant:
3. Name of Open Source Software (include version # and a URL to the site where the Open Source Software can be downloaded):
4. Name of the Open Source License including version #. (Please attach a copy of the Open Source License and list a URL to the site where the license resides).
5. Are there any copyright notices or attribution requirements that accompany the use of the Open Source Software? If so, please list these notices/requirements.
6. What functions does the Open Source Software perform?
7. How will Mellanox use, and benefit from, the functions of the Open Source Software?
8. Is there an alternative method to achieve these functions without the use of the Open Source Software?
9. Will the Open Source Software be used only internally? If so, please describe the intended use.
10. Will the Open Source Software be incorporated into Mellanox software or products? If so, in which software or product?
11. Will the Open Source Software be modified in any way by Mellanox? Please provide a detailed description and confirm the Open Source License allows for the proposed modification(s).
12. If the Open Source Software is to be used with Mellanox software or products, will the Open Source Software be distributed in source code form or in an executable form?
13. Will the software (which the OSS is part off) be distribute as Open Source as well or under a Mellanox EULA?
10 Mellanox Technologies Confidential Rev 1.0