Open Source Policy

NodeByte embraces open source software as a fundamental part of our technology strategy. We believe that:

• Open source promotes innovation through knowledge sharing and collaboration
• Community-driven development leads to more robust, secure, and feature-rich software
• Open source accelerates technological advancement and broadens access to technology
• Contributing to open source is both a responsibility and an opportunity

We use open source software under a variety of licenses. Our primary considerations when evaluating an open source license include:

• Compatibility with our business model and products
• Obligations for derivative works and distribution
• Patent grant and reciprocity provisions
• Compliance requirements and feasibility

We generally approve the use of open source software under the following licenses:

• MIT License
• Apache License 2.0
• BSD License (2-clause and 3-clause)
• GNU Lesser General Public License (LGPL)
• Mozilla Public License 2.0

Software under other licenses may be used after internal review and approval.

Before incorporating open source components into our projects, we conduct due diligence to:

• Verify license terms and compliance requirements
• Assess security vulnerabilities and maintenance status
• Evaluate community health and long-term viability
• Determine compatibility with other components

We are committed to complying with the terms of all open source licenses for software we use. This includes:

• Maintaining accurate records of all open source components
• Preserving copyright notices and attribution
• Providing license texts and notices as required
• Making source code available when required by license terms
• Adhering to any additional obligations specific to each license

We encourage our team members to contribute to open source projects, particularly those that we use in our products and services. Contributing helps us:

• Build expertise and deepen understanding of the technologies we use
• Fix bugs and add features that benefit our products
• Give back to the communities that support our work
• Enhance our reputation and attract talent

When our team members contribute to external open source projects, they should:

• Follow the project's contribution guidelines and code of conduct
• Respect the project's governance model and decision-making process
• Maintain high standards of code quality and documentation
• Not contribute proprietary code or confidential information
• Be transparent about their affiliation with NodeByte

When contributing to open source projects:

• Contributions made within the scope of employment are made on behalf of the company
• We carefully review Contributor License Agreements (CLAs) and Developer Certificates of Origin (DCOs)
• We ensure contributions do not include patented technology unless intentionally licensed
• We may seek approval for significant contributions that could affect our intellectual property strategy

We may release software as open source when:

• It provides general infrastructure or utility functionality
• It addresses common technical challenges faced by the community
• Community collaboration would significantly improve the software
• It aligns with our business strategy and goals

We typically do not open source software that:

• Contains core proprietary technology that differentiates our products
• Includes trade secrets or sensitive security implementations
• Is specifically developed for a client unless agreed otherwise

When releasing our own open source software, we generally prefer:

• MIT License: For libraries, tools, and smaller projects where we want to maximize adoption with minimal restrictions
• Apache License 2.0: For larger projects that may include patentable technology, as it includes an express patent license
• Other licenses: May be considered based on specific project requirements and strategic goals

For projects we release as open source, we establish:

• Clear contribution guidelines and code of conduct
• Transparent governance model and decision-making process
• Defined maintenance expectations and support policy
• Documented security vulnerability reporting process

Our products and services use numerous open source libraries and dependencies. A non-exhaustive list of major components includes:

• React and Next.js for front-end development
• Node.js and Express for back-end services
• PostgreSQL and MongoDB for data storage
• Redis for caching and message queuing
• Various npm packages and utilities

We maintain a more comprehensive list of all open source components used in our products, which is available upon request.

Beyond code contributions, we engage with the open source community through:

• Sponsoring open source projects and foundations
• Organizing and participating in meetups, conferences, and hackathons
• Providing educational resources and documentation
• Offering mentorship and support to new contributors

You can find our open source projects on our GitHub Page