Intermediate Guide

Apache License 2.0 Compatible Licenses Guide

Complete guide to licenses compatible with Apache 2.0. Understand compatibility rules, patent grants, and how to combine Apache licensed code with other licenses.

6 min read
Last updated: Jan 5, 2024
Apache 2.0 [license compatibility](https://licensecheck.io/compatibility-matrix) Patent Protection

Table of Contents

Understanding Apache 2.0 License

The Apache License 2.0 is one of the most business-friendly open source licenses, providing explicit patent protection and clear terms for contribution. Understanding its compatibility with other licenses is crucial for building legally sound software.

Apache 2.0 Key Features

Core Provisions

  • Permissive license - allows proprietary use
  • Patent grant - explicit patent protection
  • Patent retaliation - terminates patent rights for patent litigation
  • Attribution - requires preservation of notices
  • Disclaimer - no warranty provided
  • Contribution licensing - contributions under same license

The Patent Grant Advantage

Apache 2.0 includes an express patent grant that other permissive licenses lack:

"Each Contributor hereby grants to You a perpetual, worldwide, 
non-exclusive, no-charge, royalty-free, irrevocable patent license 
to make, use, sell, offer for sale, import, and otherwise transfer 
the Work."

This protects users from patent lawsuits by contributors.

License Compatibility Matrix

Fully Compatible Licenses (Can Combine Freely)

LicenseCan Include in Apache ProjectCan Use Apache CodeNotes
MIT✅ Yes✅ YesSimple attribution required
BSD-2-Clause✅ Yes✅ YesMinimal requirements
BSD-3-Clause✅ Yes✅ YesNo endorsement clause
ISC✅ Yes✅ YesMIT-equivalent
Unlicense✅ Yes✅ YesPublic domain
CC0✅ Yes✅ YesPublic domain dedication

Conditionally Compatible Licenses

LicenseCompatibilityConditions
LGPL 2.1⚠️ LimitedCan link dynamically, not statically
LGPL 3.0⚠️ LimitedDynamic linking only
MPL 2.0✅ YesFile-level copyleft maintained
EPL 2.0⚠️ ComplexSecondary license option needed
CDDL⚠️ LimitedFile-level copyleft

Incompatible Licenses

LicenseWhy IncompatibleWorkaround
GPL 2.0Additional restrictions clauseNone - fundamentally incompatible
GPL 3.0One-way compatible onlyApache → GPL works, not reverse
AGPL 3.0Network copyleft requirementSeparate processes/services
CC-BY-SAShare-alike requirementUse different Creative Commons

Practical Combination Scenarios

Scenario 1: MIT + Apache 2.0

// package.json
{
  "dependencies": {
    "mit-library": "^1.0.0",      // MIT licensed
    "apache-framework": "^2.0.0"   // Apache 2.0 licensed
  }
}

// Your code - can be Apache 2.0
import { MITComponent } from 'mit-library';
import { ApacheService } from 'apache-framework';

// Perfectly compatible combination
export class YourApp extends ApacheService {
  constructor() {
    super();
    this.component = new MITComponent();
  }
}

Result: Your project can be Apache 2.0 licensed

Scenario 2: Apache 2.0 + LGPL

# Dynamic linking - COMPATIBLE
import ctypes

# Load LGPL library dynamically
lgpl_lib = ctypes.CDLL('./liblgpl.so')

# Your Apache 2.0 licensed code
class ApacheApp:
    def use_lgpl_function(self):
        return lgpl_lib.some_function()

# Static linking - INCOMPATIBLE
from lgpl_module import LGPLClass  # Direct import

class ApacheApp(LGPLClass):  # Creates derivative work
    pass  # This would violate Apache 2.0 terms

Scenario 3: Apache 2.0 → GPL 3.0 Migration

# One-way compatibility
Apache 2.0 Project → Can become → GPL 3.0 Project ✅
GPL 3.0 Project → Cannot become → Apache 2.0 Project ❌

# Valid migration
git checkout -b gpl-version
sed -i 's/Apache-2.0/GPL-3.0/g' LICENSE
git commit -m "Relicense under GPL 3.0 (Apache 2.0 compatible)"

Handling Multi-License Dependencies

Creating a License Inventory

// license-check.js
const licenseChecker = require('license-checker');

function checkApacheCompatibility() {
  const incompatible = ['GPL-2.0', 'GPL-2.0+', 'AGPL-3.0'];
  const needsReview = ['LGPL-2.1', 'LGPL-3.0', 'EPL-2.0'];

  licenseChecker.init({
    start: '.',
    production: true
  }, (err, packages) => {
    for (const [name, info] of Object.entries(packages)) {
      if (incompatible.includes(info.licenses)) {
        console.error(`❌ Incompatible: ${name} (${info.licenses})`);
      } else if (needsReview.includes(info.licenses)) {
        console.warn(`⚠️ Review needed: ${name} (${info.licenses})`);
      } else {
        console.log(`✅ Compatible: ${name} (${info.licenses})`);
      }
    }
  });
}

License Notice Management

Create a NOTICE file for Apache 2.0 projects: 

Apache [Your Project Name]
Copyright 2024 [Your Name/Organization]

This product includes software developed at
[Your Organization] (http://www.example.org/).

================================================
THIRD-PARTY DEPENDENCIES
================================================

This project includes:

- MIT-licensed component (https://github.com/example/mit)
  Copyright (c) 2024 MIT Author

- BSD-licensed library (https://github.com/example/bsd)
  Copyright (c) 2024 BSD Author

- Apache-licensed framework (https://github.com/example/apache)
  Copyright (c) 2024 Apache Author

Patent Considerations

Apache 2.0 Patent Protection

Patent Grant Coverage:
  Scope: "Essential Patent Claims"
  From: All Contributors
  To: All Users
  Territory: Worldwide
  Duration: Perpetual
  Cost: Royalty-free

Patent Retaliation:
  Trigger: Patent litigation against any user
  Effect: Terminates patent license
  Scope: Only for litigating party

Comparing Patent Provisions

LicensePatent GrantPatent RetaliationSafe for Patents
Apache 2.0✅ Explicit✅ Yes✅ Excellent
MIT❌ None❌ No⚠️ Limited
BSD❌ None❌ No⚠️ Limited
GPL 3.0✅ Explicit✅ Yes✅ Good
MPL 2.0✅ Explicit✅ Yes✅ Good

Compliance Requirements

When Using Apache 2.0 Code

  1. Include License Text

cp apache-dependency/LICENSE LICENSE-APACHE
echo "This project uses Apache 2.0 licensed components" >> README.md

  1. Preserve NOTICE Files

cat apache-dependency/NOTICE >> NOTICE

  1. State Changes

/**
 * Modified from original Apache 2.0 licensed code
 * Changes: Added caching mechanism
 * Date: 2024-01-05
 * Modified by: Your Name
 */

  1. Maintain Attribution

<!-- In your UI/Documentation -->
<div class="attributions">
  This software includes code from Apache Project
  Copyright 2024 Apache Software Foundation
</div>

Common Integration Patterns

Microservices Architecture

# [Docker](/guides/docker)-compose.yml
services:
  apache-service:
    image: apache-licensed-service
    license: Apache-2.0

  mit-service:
    image: mit-licensed-service
    license: MIT

  gpl-service:
    # Keep GPL service isolated
    image: gpl-licensed-service
    license: GPL-3.0
    networks:
      - isolated-network

Plugin Architecture

# plugin_interface.py (Apache 2.0)
class PluginInterface:
    """Apache 2.0 licensed plugin interface"""
    def execute(self):
        raise NotImplementedError

# mit_plugin.py (MIT)
from plugin_interface import PluginInterface

class MITPlugin(PluginInterface):
    """MIT licensed - compatible"""
    def execute(self):
        return "MIT plugin result"

# gpl_plugin.py (GPL - Problematic)
# GPL plugin would need separate process

Troubleshooting Compatibility Issues

Issue: GPL Dependency in Apache Project

Problem: Found GPL-licensed dependency Solutions:
  1. Find Apache/MIT/BSD alternative
  2. Implement functionality independently
  3. Move to microservice architecture
  4. Request dual licensing from author

Issue: Patent Concerns

Problem: Need patent protection but using MIT code Solutions:
  1. Add Apache 2.0 wrapper with patent grants
  2. Get patent licenses separately
  3. Migrate to Apache 2.0 if possible
  4. Use Apache 2.0 alternatives

Issue: LGPL Static Linking

Problem: Need to statically link LGPL library Solutions:
  1. Use dynamic linking instead
  2. Find Apache 2.0 alternative
  3. Negotiate commercial license
  4. Isolate in separate service

Best Practices

1. Document Everything

## License Compatibility

| Component | License | Usage | Compatible |
|-----------|---------|-------|------------|
| Framework | Apache 2.0 | Core | ✅ |
| UI Library | MIT | Frontend | ✅ |
| Database Driver | PostgreSQL | Dynamic Link | ✅ |
| GPL Tool | GPL 3.0 | Subprocess | ✅ (Isolated) |

2. Automate Compliance Checks

{
  "scripts": {
    "license-check": "license-checker --onlyAllow 'MIT;BSD;Apache-2.0;ISC'",
    "license-report": "license-checker --csv > licenses.csv",
    "compliance": "npm run license-check && npm run license-report"
  }
}

3. Clear Contribution Policy

## Contributing

By contributing to this Apache 2.0 licensed project, you agree:
1. Your contributions are licensed under Apache 2.0
2. You have the right to license your contributions
3. You provide patent grants per Apache 2.0 terms

Tools for License Compatibility

Scanning Tools

# Check compatibility
npx license-checker --onlyAllow "Apache-2.0;MIT;BSD"

# Generate compatibility report
pip install pip-licenses
pip-licenses --with-license-file --format=json

# Validate Apache compliance
apache-rat --dir ./src

Compatibility Databases

  • SPDX License List: Official license identifiers
  • TLDRLegal: Plain English explanations
  • Choose a License: Compatibility checker
  • FOSSA: Automated compliance platform

Conclusion

Apache 2.0's compatibility with most permissive licenses, combined with its patent protection, makes it an excellent choice for enterprise and open source projects. Key takeaways:

  1. Compatible with: MIT, BSD, ISC, and most permissive licenses
  2. Incompatible with: GPL 2.0 (bidirectionally)
  3. One-way compatible: Can convert to GPL 3.0
  4. Patent protection: Unique advantage over MIT/BSD
  5. LGPL caution: Dynamic linking only

Always verify specific version compatibility and consider patent implications when choosing Apache 2.0 for your project.