Introduction
You are probably reading this because you want to use some code from GitHub, but you have questions about its license. This document provides some background information to consider.
We assume the perspective of U.S. law, but it's mostly the same everywhere. We won't cover jurisdictional differences like moral rights.
Copyright is a bundle of rights
Copyright is a bundle of statutory rights created by Congress.
Copyright protection can subsist in original works of authorship fixed in any tangible medium of expression. When someone makes code publicly available in any form, including GitHub, that code may be protected by copyright.
Generally, you should use code under licenses which explicitly give you relevant permissions. Ambiguity about what you can do with code can cause unwanted confusion and make open source difficult to use.
Three rights to consider
Three important rights for an open source license to address are:
the right to make copies (also known as reproduction),
the right to modify and adapt (also known as the right to make derivative works),
the right to distribute the original and modifications.
Open source projects function best when there is no ambiguity over the rights to the code.
OSI-approved open source licenses
The OSI collects a set of licenses which grant the relevant rights for open source projects. They also maintain a widely-accepted document which outlines what makes a license open source.
Examples of unambiguous permissions are:
Section 2 of the Apache License, which grants an "irrevocable copyright license to reproduce, prepare Derivative Works of, publicly display, publicly perform, sublicense, and distribute".
The MIT license grants "the rights to use, copy, modify, merge, publish, distribute, sublicense".
The GPL v.3 gives you "legal permission to copy, distribute and/or modify".
It's best practice to have an unambiguous LICENSE or COPYING file which lays out these rights.
It's okay if the license imposes obligations in exchange for these three rights. We have a classification system to keep track of different licenses and a review system to ensure we stay in compliance.
What if the permissions to use code are unclear?
If you want to use some code on GitHub, but the license is not clear, you may want to consider the following:
Try contacting the authors and asking them to use an OSI-approved license like the MIT or the Apache License, or other licensing options that grant you unambiguous rights to use, modify, and redistribute the code. You may also try opening a bug against the project to fix licensing issues.