From AI-powered language learning software to a smart TV's user interface, open-source libraries power much more of the technological landscape than many are aware of.
This glossary page explains open-source libraries, how they work, their benefits, and best practices, and explores some of today's most popular libraries.
What Is an Open-Source Library?
Open-source libraries are collections of pre-written code that are free for developers to use and redistribute, although the extent to which they can will depend on their license.
The "open-source" part refers to software with open-source code that's free and redistributable, like the WebRTC protocol. The Open Source Initiative adds some further requirements for software to be fully open source, such as allowing derived works and not discriminating against people or groups.
Libraries are typically built around the same focus area. They might include functions, methods, classes, objects, scripts, and more. Libraries save programmers time by eliminating the need to build these elements in-house.
How Do Open-Source Libraries Work?
How a library works depends on factors such as the language, the user's operating system, the library's setup requirements, and its contents.
There are often multiple ways to install a given library. For example, pandas, a data analysis library for Python, can be installed via different sources, including Anaconda and the Python Package Index (PyPI).
If using PyPI, you would open your OS's command line and enter:
- For Windows: py -m pip install pandas
- For Mac, Linux, and Unix: python3 -m pip install pandas
After installation, you would include an import statement in your code, like so:
import pandas as pd
Now, you'd be able to use pandas in your Python project.
How a library's individual functions, methods, objects, and such work will differ greatly. The beauty of open source is that we can inspect the code to find exactly how each element works.
Let's try this with another library.
Voca.js is an open-source JavaScript library that contains functions for things like splitting, querying, chopping, and changing the case of strings.
Instead of needing to build your own function to convert a string into kebab case, Voca enables you to simply call the function to do it for you, entering the string you wish to convert into the parameters like this:
v.kebabCase('I like bubble tea');
The function above will return the string as 'i-like-bubble-tea'. To do this with vanilla JavaScript, you'd need to write something more complex using a method like replace() or match().
By looking at the source code for Voca.js's kebab case function, we can learn how 'I like bubble tea' becomes 'i-like-bubble-tea', starting with the first three lines:
The author imports their own coerceToString, lowerCase, and words functions from elsewhere in the library to help with a new kebab case function, created and exported on lines 25-33:
As shown above, the kebabCase function takes the 'I like bubble tea' argument, turns it into a string (if it hadn't been one already) via coerceToString, and then runs a conditional.
If we had entered nothing, it would return an empty string. We entered a string containing a sentence, so it returned 'i-like-bubble-tea' after splitting 'I like bubble tea' into an array of words via the words function, mapping each word to lowercase, and joining the array with hyphens.
What Are Some Popular Open-Source Libraries?
Let's look at just a tiny sampling of some popular libraries.
React is a Frontend JavaScript library for designing user interfaces based around a virtual Document Object Model (DOM) that enables faster performance in larger use cases compared to vanilla JavaScript. Developers can create websites with React and desktop apps and mobile apps with React Native.
Meta uses React and React Native for web and app versions of Facebook, Instagram, and WhatsApp. Some other big names that use React include Netflix, Khan Academy, Yahoo Mail, BBC, and the New York Times.
Meta also developed PyTorch, which is used by companies and organizations such as NASA, Duolingo, John Deere, Disney, AstraZeneca, and Airbnb.
PyTorch is a machine learning (ML) and deep learning Python library for building neural networks and tensor computation. It's accelerated using graphical processing units (GPUs), which allows it to compute faster than NumPy, another popular open-source Python library for higher-level math.
OpenCV is a computer vision and ML library developed by Intel for C++, Python, JavaScript, Java, and MatLab. It has use cases such as motion tracking, augmented reality, and facial and object recognition. For example, an IoT smart camera that uses the MQTT protocol might also use OpenCV to tell the difference between familiar and unfamiliar faces.
Notable users of OpenCV include Google, IBM, Honda, Sony, MathWorks, and Intel themselves.
What Are the Benefits of Using Open-Source Libraries?
Using open-source libraries brings many benefits to solo devs and large teams alike, like they:
- Time and cost savings: Devs don't need to build the library's functionality in-house, saving hours of labor. Additionally, projects are cheaper to build when using free, open-source software instead of something proprietary and costly.
- Transparency: Being able to inspect the code helps developers make sure there is nothing exploitable or incompatible before importing it into projects.
- Community of developers: Many libraries come with large communities of other developers, which means there's likely solid documentation. Many basic questions have already been answered on platforms like Stack Overflow and Reddit. Developers may be able to interact directly with the library's creators. Furthermore, there are open-source and library-specific conferences and meetups.
- Learning and development: Students and early career developers can learn much by working with open-source libraries. They can explore the code, play with it in personal projects, join communities, and eventually become open-source contributors themselves.
Best Practices for Using Open-Source Libraries
Many new developers learn to code with popular libraries like React without fully understanding open-source licenses or knowing they can join open-source communities and help contribute to projects themselves.
Although each library will have its own best practices, here are some general practices you should stick to for a smoother time using open-source libraries.
Know How Open-Source Licenses Work
There are two categories of open-source licenses: copyleft and permissive. Copyleft licenses require that any works made with the library be open source and use the same license. Permissive licenses allow users to make open-source or closed-source proprietary software with the library.
The most prominent examples of copyleft licenses are the multiple versions of the GNU General Public License (GPL). For permissive licenses, two of the most common are the MIT license and the Apache license 2.0, which differ on patent rights and attribution requirements.
React is released under the MIT license, and OpenCV 4.5.0 and up use the Apache license 2.0.
Copyleft licenses are less prominent with major open-source libraries, but some well-known projects that use the GNU GPL include MySQL, WordPress, and the Git version control system.
Read Official Documentation Thoroughly
Prior to starting a project with a new library, dig into the docs and familiarize yourself with the basics and best practices of the person or team that developed it. You can also see how to import it and examples of its syntax for reference.
Depending on how detailed the documentation is, you may also see release notes, beginner's guides, and tutorials.
Vet Your Libraries
Choose your libraries wisely and make sure they're safe to use before importing them into your projects. Libraries with larger communities, regular updates, and active maintenance will likely be the safest choices.
For larger projects, maintain a Software Bill of Materials (SBOM) as recommended by the Cybersecurity and Infrastructure Security Agency (CISA). This will help keep track of libraries, other dependencies, and components, along with their source and version numbers, to make it easier to address issues as they come up.
Follow other security best practices, like testing in a secure environment, using vulnerability scanners, and removing unused libraries from your code.
Frequently Asked Questions
Are Open-Source Libraries Free?
Generally speaking, open-source libraries are free to use. However, you should always check the specific license to see if there are any restrictions around using them for commercial software.
How Do You Check If a Library Is Open Source or Not?
You can check its license to determine whether it’s open or closed source. The license may be included in the source code or in a text file.
You can also search the web to see if the library has an official site or a GitHub page with its license or if someone else has already answered this question on a community site.
Are Python Libraries Free?
Since the language itself is open source, it has many users who are passionate about the open-source ecosystem. Python has many free, open-source libraries, like NumPy, TensorFlow, and Pandas. However, there are libraries with paid licenses, including OpenEye.
Do Real Companies Use Open-Source Libraries to Develop Their Products?
Yes, many companies use open-source libraries and other software for their own products.
Some of the largest tech companies even create and maintain their own open-source libraries. For example, Meta created React and PyTorch, and Google made TensorFlow and Guava.