SpiderBasic License Analysis - Distribution Scenarios & Compliance Guide

Executive Summary: LOW RISK

All SpiderBasic components use permissive open-source licenses (MIT, BSD, Apache 2.0) that explicitly allow commercial use, modification, and distribution. There are no copyleft/viral licenses (like GPL) that would require you to open-source your application.

License Types Used

Most Permissive

MIT License

Used by 22 libraries including jQuery, PixiJS, sql.js

Commercial use allowed

Modification allowed

Private use allowed

Must include copyright notice

Permissive

BSD License

Used by Dojo and Forge (cryptography)

Commercial use allowed

Modification allowed

Must include copyright notice

Cannot use names for endorsement

Permissive + Patent

Apache License 2.0

Used by localForage and mouseTrap

Commercial use allowed

Patent grant included

Must state changes made

Include NOTICE file if exists

Distribution Scenarios Comparison

Aspect	Desktop Application	Self-Hosted Web App	SaaS Application
Distribution Method	Binary files distributed to users (via Electron/similar)	Code deployed on customer's servers	Hosted on your servers, accessed via browser
License Trigger	Full Distribution	Full Distribution	Internal Use Only*
Attribution Required	Yes - Include license file with app	Yes - Include in documentation	Recommended - Good practice
Source Code Sharing	Not Required	Not Required	Not Required
Risk Level	LOW	LOW	VERY LOW
Main Obligation	Include license file in app bundle/documentation	Provide license file to customers deploying the app	Keep license file in codebase (internal record)

*SaaS Note: Since SaaS applications run on your servers and users only interact via browser, most permissive licenses (MIT, BSD, Apache) do not consider this "distribution." However, maintaining proper attribution is still recommended as a best practice and may be required if you later distribute source code.

Platform-Specific Analysis

Windows

LOW

No platform-specific license concerns

Obligation: Include SpiderBasic license file in the installation package or "About" section

Note: SpiderBasic compiles to JavaScript/HTML5 which runs identically across all platforms

Linux

LOW

No platform-specific license concerns

Obligation: Same as other platforms - include license file

Server Deployment: When self-hosting on Linux servers, ensure license file is part of your deployment documentation

macOS

LOW

No platform-specific license concerns

Obligation: Include license in .app bundle Resources folder or accessible location

App Store: If distributing via Mac App Store, include attribution in app description or accessible "Legal" section

Key Point: SpiderBasic generates JavaScript/HTML5 applications that run identically across all platforms. The underlying JavaScript libraries have no platform-specific license variations. Your obligations are the same regardless of target platform.

Legal & Financial Risk Assessment

Legal Risks

Copyright Infringement: VERY LOW

All libraries use permissive licenses allowing commercial use. Simply include the provided license file to comply.

Patent Claims: VERY LOW

Apache 2.0 licensed components include explicit patent grants. MIT/BSD libraries rarely have patent issues.

Attribution Failure: LOW

The main risk is forgetting to include the license file. Easy to fix if discovered.

Copyleft Contamination: NONE

No GPL/LGPL/AGPL components. Your application code remains fully proprietary.

Financial Risks

Royalty Payments: NONE

All licenses are royalty-free. No per-copy, per-user, or revenue-based fees for any library.

License Fees: NONE

No additional licensing costs beyond your SpiderBasic IDE purchase.

Usage Restrictions: NONE

No user limits, deployment limits, or commercial use restrictions that could affect pricing.

Potential Litigation Costs: MINIMAL

In worst case (missing attribution), remedy is simply adding the license file. No substantial damages expected.

Risk Matrix by Distribution Type

Risk Category	Desktop	Self-Hosted	SaaS
Missing Attribution	LOW	LOW	MINIMAL
Source Code Exposure	N/A	N/A	N/A
Patent Claim	MINIMAL	MINIMAL	MINIMAL
Financial Liability	NONE	NONE	NONE

Library Impact Analysis

Libraries ranked by potential impact on your application's licensing obligations:

Apache 2.0 Highest Attribution Requirements

localForage

Local storage abstraction library

• Must include license copy
• Must state changes if modified
• Include NOTICE file if present
• Patent grant included (benefit)

mouseTrap

Keyboard shortcut handling

• Same Apache 2.0 requirements
• Patent protection included

BSD Moderate Attribution + Endorsement Restriction

Forge

Cryptography library (TLS, AES, etc.)

• Include copyright notice
• Cannot use "Digital Bazaar" name for endorsement
• Critical for apps with encryption

Dojo

JavaScript toolkit

• Include copyright notice
• Cannot use "JS Foundation" for endorsement

MIT Minimal Obligations (22 Libraries)

Core Libraries

jQuery, jQuery-UI, PixiJS, PaperJS

Data/Storage

sql.js, jDataView, pako

Media/Audio

SoundJS, PreloadJS, FileSaver.js

Crypto/Hash

spark-md5, js-crc, js-sha3

Utilities

xregexp, xdate, Platform.js, seedrandom

UI/Interaction

interact.js, jquery-blockui, jquery-injectCSS

MIT Obligation: Simply include the copyright notice and license text. No other restrictions.

Libraries with Most Potential Impact

1. Forge (BSD) - Cryptography

If your app uses TLS, encryption, or secure communications, Forge is likely involved. The BSD license's endorsement clause means you cannot claim your product is "endorsed by Digital Bazaar."

2. sql.js (MIT) - Database

SQLite in JavaScript. Core for apps with local database features. MIT license is very permissive - just include the notice.

3. jQuery/jQuery-UI (MIT)

Fundamental to most SpiderBasic UIs. Widely used, well-understood MIT license.

4. PixiJS (MIT) - Graphics

2D WebGL renderer. Essential for graphics-intensive applications.

Compliance Checklist

1 Desktop Application Distribution

Include "Licenses for the SpiderBasic applications.pdf" in your installation package Add "Third-Party Licenses" or "Legal" section accessible from Help menu or About dialog Do NOT claim endorsement by library authors (BSD requirement)

2 Self-Hosted Web Application

Include license file in the distributed source code package Document third-party licenses in your installation/deployment guide Ensure customers deploying the app have access to license information

3 SaaS Application

Keep license file in your internal codebase (good practice) (Optional) Add "Open Source Licenses" link in app footer or legal page Document compliance for future audits or due diligence

Conclusion

What You CAN Do:

Sell your application commercially
Keep your application source code proprietary
Distribute as Desktop, Self-Hosted, or SaaS
Charge any price without royalties

What You MUST Do:

Include the license file with distributions
Retain copyright notices
Not claim library author endorsement

Bottom Line: SpiderBasic's library stack is commercially friendly. Include the provided license file with your distribution, and you're fully compliant.