
Re-Licensing Sentry - troydavis
https://blog.sentry.io/2019/11/06/relicensing-sentry
======
troydavis
> The BSL lets us hit our goals in a clean and low-impact way: it won’t change
> anyone’s ability to run Sentry at their company, but it will ensure that we
> are protected from our work being used in an anti-competitive fashion

I don't think this is accurate. It will ensure that Sentry is protected from
its work being used in a _competitive_ fashion. While the issues pointed out
in the blog post are real, competing isn't "anti-competitive." The intent and
the effect here is to reduce competition, not increase it.

~~~
toomuchtodo
This ignores the nuance. It is to level the playing field. Sentry would not be
able to compete against Amazon hosting their service and reaping the financial
benefits, and nor should they have to (and to do so with Amazon's resources
available to them would be a Herculean task). If you're not a fan of the
model, roll your own codebase.

~~~
troydavis
> Sentry would not be able to compete against Amazon hosting their service,
> and nor should they have to.

If that's Sentry's opinion (and it seems like it is), that's fine, but that's
not what "anti-competitive" means. The word for that is "competitive."

(The specifics depend on the jurisdiction, but the behavior described by the
FTC is what's widely considered "anti-competitive":
[https://www.ftc.gov/enforcement/anticompetitive-
practices](https://www.ftc.gov/enforcement/anticompetitive-practices))

~~~
xyzzy123
So you're inverting a word here, poorly. Competitive and anti-competitive are
not antonyms, the latter has a more specialized meaning.

The opposite of being anti-competitive is not simply competing, it's competing
_fairly_.

It is pretty clearly free riding to take the creative output of another
company, repackage it for money and contribute little or nothing in return.

The world is poorer when this happens because free-riders can freely have
business models that "kill the host", that is, don't capture enough value to
keep people working on the underlying product.

Perhaps the answer is "well it shouldn't have been an open source product
then?" and then we all miss out.

Meanwhile Amazon celebrates turning off all their Oracle databases. Great! And
they make a lot of money off the back of Postgres too. But try asking them for
the code that bundles Postgres into a reliable managed database offering. Of
course they won't share it. That's _their_ IP.

~~~
troydavis
> It is pretty clearly free riding to take the creative output of another
> company, repackage it for money and release nothing in return.

I completely agree and I think you found the perfect word for it: free-riding.
As you note, anti-competitive has a specialized meaning. My comment was simply
that free-riding is not, on its own, considered an anti-competitive business
practice.

~~~
grumpydba
Oracle has been free riding red hat with unbreakable Linux, for years. Then
red hat got bought for 30 billions. When you are confident about you ability
to outsmart the competition and keep your customers, you don't have to use
those new semi-open licenses. They are a legal risk for anyone who copies or
reuses the code.

------
nathancahill
We're huge fans of Sentry and have it deeply integrated in our products. The
fully open source nature has helped us a ton with these advanced integrations,
being able to look at the code to see _exactly_ what is happening instead of
relying on docs (which are great as well, not faulting them).

At the same time, I remember seeing a new startup that had completely ripped
off Sentry + docs and had just done a find and replace for the company name. I
thought I had read about it on HN but I can't find the link. It's clear we
need a license that allows software to be developed in the open but prevents
this type abuse.

I don't know if this license is the solution. It clearly isn't open source and
should not be construed as such (they are very clear about this in the post),
but I haven't seen other better proposals either. Armchair criticism is easy,
and this seems like a reasonable middle-ground. We'll keep using Sentry and
continue to be customers. Outside of their Sentry.io product, they have
released and contributed to _a ton_ of other Open Source libraries. As I
understand it, that will continue. For me, this passes the sniff test.

~~~
sangnoir
> It's clear we need a license that allows software to be developed in the
> open but prevents this type abuse.

The ability to fork is _the_ point of open source, because it assures
continuity. The price of this is the non-zero probability of hostile forks
(which I would not classify as 'abuse'). I think there's a section of
technologist who license their software for pragmatic (traction, fixing bugs)
and not ideological reasons and get surprised when someone forks the project
in a way they don't like.

~~~
simplyinfinity
You can fork it, you can mod it. But you cannot sell forked sentry as a
service to companies. If companies want sentry they can host it themselves and
you can provide customization/support services for that.

~~~
Spivak
> But you cannot sell forked sentry as a service to companies?

But why not? That seems like such an arbitrary distinction if it weren't for
the fact that the company is trying to profit on being the exclusive hosted
provider of the software. Why wouldn't I want to pay a company that's better
at ops to host sentry for me?

~~~
SparkyMcUnicorn
Better at ops? do they have issues?

The options are: Use Sentry.io, host it yourself, or use something else.

------
JoshTriplett
So, Sentry is no longer Open Source at all, though people might potentially be
able to collaborate on three-year-old versions (or, hopefully, use whatever
unified fork pops up from the last Open Source release).

That's disappointing. Unfortunately, the more companies use such licenses, the
more others see it as "safety in numbers" for them to do the same.

~~~
the_mitsuhiko
> Sentry is no longer Open Source at all

I just want to clarify that in addition to BSL converting into an Open Source
license after the conversion date, we also did not BSL license everything.
Client libraries are completely unaffected and so is a lot that is going on
behind the scenes. We're firmly committed to being good Open Source citizens.
For instance a lot of the work that is going on behind the scenes is separated
into independent reusable libraries that retain their original licenses.

~~~
tedivm
Why should we trust you not to change that in the future?

~~~
rndgermandude
You shouldn't. Then again, they have no obligation to give you anything in the
first place. And yet, they do.

If you really don't like what they are doing, you could fork them right now.
But my guess is that you won't because then you'd have to do the work you're
getting for free now.

~~~
tedivm
Sentry also got work for free from people who assumed the open source project
would stay that way. That's the thing about open source- it does have
benefits, otherwise people would never choose it.

Right now there's this trend where companies take the benefits of open source
for themselves, then toss aside the open source community when it looks like
it might make them a buck. Ultimately I think that is bad for the community,
and that the corporations that do this are putting their profit above the
community that helped them grow. I don't think it's unreasonable to point this
out.

~~~
belorn
> Sentry also got work for free from people who assumed the open source
> project would stay that way

The BSD license is very clear that you can not assume that. A developer who
contribute patches under BSD license should have no expectation for what other
developers will license code in the future. Licenses is all about defining
expectations.

~~~
smichel17
Exactly. If you want an expectation of continued openness, choose copyleft.

------
atonse
Wishing you guys well.

Over time we're seeing there needed to be this sort-of middle ground license
for companies, which is essentially, "anyone can use it as a dependency, but
you can't use this product, slap a different label on it and then compete
directly with us" and it seems that this and related licenses are going to
accomplish that.

------
alrs
This is the old Aladdin Ghostscript model, where the software is proprietary
for one year after release and is then reverts to GPL. I think Ghostscript
ditched this scheme 10-15 years ago.

[https://books.google.com/books?id=xBANKuFJWtUC&pg=PA306&lpg=...](https://books.google.com/books?id=xBANKuFJWtUC&pg=PA306&lpg=PA306&dq=aladdin+ghostscript+one+year&source=bl&ots=_sbDEU6GB5&sig=ACfU3U3EWBanfpdRKtHZQuwo21ijs76ebQ&hl=en&sa=X&ved=2ahUKEwjrz8acwtblAhXqFTQIHbwfDW0Q6AEwFXoECAkQAQ#v=onepage&q=aladdin%20ghostscript%20one%20year&f=false)

------
vortico
Why not GPLv3+? Under that license, it's possible for someone to offer a
commercial fork, but it requires that the source is released under the same
license, which makes third-party commercial forks 1) not a good business plan
and 2) not contain code that the original author can't merge to the original
branch, which are both aspects desired by the author. The GPL is a free/open-
source license as defined by FSF/OSI. If additional permissions are needed,
they can be added as allowed by section 7 of the GPLv3. In my opinion, the GPL
fosters the best free software community because contributers can be certain
that their code is not used in "anti-free-software" ways.

EDIT: s/GPL/AGPL

~~~
Hallucinaut
But it doesn't necessarily have to be a fork. It can be the raw unadulterated
software that Amazon wraps a service layer around and then who would trust the
a small player against one of the largest companies in the world?

If Amazon needs to make changes and opem source it, they can and without risk
to their market because its value is in scale, balance sheet protection, name
recognition for management buy in, and the integration on their AWS platform.

------
awinder
“Previous licensing models – the “open core” model, GPL, and permissive
licenses like BSD and Apache-2.0 – are not sufficient for the way OSS is
distributed and used today.”

This line _really_ bugged me. These licenses are still a perfect fit and more
than sufficient for how OSS is distributed & used today. What they’re maybe
not perfect for is starting an open source, VC funded business, but they never
have been. And the companies that face “existential threat” are a small
minority of the total activity going on under these licenses, so maybe, ya
know, the problem is the small collection of companies trying to operate this
way and not the license.

------
softwaredoug
> Protection from other companies selling our work

I'm not against these sorts of licenses. But we should all be aware that
companies like this (and Mongo, Elastic, etc) are a step away from the OSI
model of "open source". Which is more about many orgs collaborating on a
shared solution so we don't need a vendor, rather than what this is - a vendor
opening up code and allowing contributions.

------
MFLoon
I think this is great; if I ever start a SaaS business I'll happily follow
Sentry's example and use the BSL if I want to develop in the open.

To the open source fundamentalists expressing disdain: why is the ability to
commercialize a piece of code such an important part of the OSS ethos to you?
Why are proprietary protections, even when the code itself is still freely
visible, usable and modifiable, such a step backwards? What about the very
real threat of a business 1000x your size just deciding to fork your code and
eat your lunch? Are businesses with open source products supposed to just
accept that risk in the name of being good OSS citizens? I'd still much rather
see a business with source available code, which will still benefit their
users and the community at large - would you rather it be OSI approved open
source or nothing?

------
rectang
> _But if we move to an “open core” model that better protects our IP, in our
> eyes, that means we’re no longer an open-source company._

"Open core" products have an open source core. Sentry won't any more.

> _Enter The Business Source License (BSL)_

This license is NOT open source. Don't call it that. Actual open source
advocates like me will keep hectoring you until you stop.

~~~
xyzzyz
_Although we’ve come to refer to the BSL as eventually open-source since it
converts to an OSI-approved license at the conversion date, due to the grant
restriction, it is formally not an open-source license._

Yes, they don't call it that. Seems like the actual open source advocates will
hector them before they even start.

~~~
rectang
Wrong. They call it an "OSS" license:

> _It’s a brave new world, but we believe this licensing change will best
> ensure the future of Sentry and that protections-oriented OSS licenses like
> the BSL will become increasingly common as time goes on._

~~~
Aeolun
Probably because the _source_ is still open. This whole discussion strongly
reminds me that open-source and free software are not the same.

~~~
rectang
This sort of confusion is exactly why this battle is worth fighting.

The proper term for licenses like the BSL is "source available". You can view
the source, but you cannot use it under terms which conform to the Open Source
Definition.

~~~
BYK
This now has been rectified. Apologies for the misrepresentation, wasn't
intentional.

------
mcescalante
I have run the self-hosted version of Sentry for a couple years at my job now
and it has worked fantastically, and I also use the SaaS product during
freelance. The self-hosted releases take time to appear after launching on
SaaS, but this is understandable as it takes time to coordinate things making
it downstream to the public repo from internal stuff. And the self-hosted
version is rock-solid once running, I never worry about it.

Of course it would be great if everything could remain truly open source, but
I can understand the IP concerns as Sentry grows, and I am appreciative of the
communication and commitment to offering the same product for self-hosting as
your SaaS product. I'll be continuing to use and support Sentry and am
interested to see how the BSL model goes here compared to something like open-
core.

------
errantspark
I'm really confused at the vitriol in the comments, does this license not
become a true OSS license after the change period? IANAL but that seems to be
the case to me. It's so confusing what part of this is frustrating? I think
keeping a 36 month buffer of features to maintain an a commercially viable
edge to fund work on a project is extremely reasonable. It seems like a really
good and virtuous model.

Patents and Copyrights are more than an order of magnitude more temporally
restrictive. This is great stuff, I hope it proves to be commercially viable
and sees broader adoption.

~~~
heyoni
It’s a “vocal minority”. Seriously, it’s just a handful of people replying to
every single comment. Sentry is being perfectly reasonable here.

------
stingraycharles
This seems fairly reasonable. It’s understandable that you don’t want others
to offer commercial offerings of Sentry.

I’m happy as a Sentry user, and while we’re using the cloud offering right now
in our early stages, it’s good to know that if we would crumble under the
costs, we can always host our own instance. (Which of course is unlikely to
happen, what I expect to be a part of the strategy)

------
ryan_lane
The BSL is a "have your cake and eat it too" license. It allows a company to
accept contributions from third parties, without those third parties being
able to use the changes commercially. It's immoral.

The moral equivalent of the BSL is to close-source the software, and to offer
free-for-use licenses of the closed-source version. They can continue having a
fully open-source release, but the release would be changes from 3 years ago.

Sentry isn't doing this because they want the contributions. They want the
benefits of open source, without any of the costs associated with it.

~~~
bradrydzewski
I respectfully disagree with the suggestion that this is immoral.

Sentry is granting you a license, for free, to do anything you want with the
software except provide a commercial competitor to their hosted service.
People using the software for free may still decide to contribute code. This
is not a one-sided relationship here. Both parties are getting something of
value.

~~~
pritambaral
> People using the software for free may still decide to contribute code. This
> is not a one-sided relationship here.

If the contributor is not allowed to do something with their work that the
receiver is allowed to, is that not one-sided?

~~~
bradrydzewski
One-sided would imply that only one party benefits. You clearly benefit from
being able to use and improve software, for free, for practically any purpose.

~~~
pritambaral
> You clearly benefit from ...

The benefit you speak of is available to both parties. The benefit I speak of
is available to only one.

In Open Source, every party gets all the benefits, all the time.

------
I_am_tiberius
Armin Ronacher's blog post concerning this topic:
[http://lucumr.pocoo.org/2019/11/4/open-source-and-
saas/](http://lucumr.pocoo.org/2019/11/4/open-source-and-saas/)

~~~
tedivm
I find the distinction between libraries and applications to be rather self
serving. It's basically saying "I want to use these open source libraries to
bootstrap my business, but I don't believe others should be able to use my
code in an open source way because apps should have profit".

Now, I'm not disagreeing that one of the goals many people have for building
code is to make money. But this line between apps and libraries is completely
artificial and seems to exist for no reason other than justifying their
closing a previously open source project.

~~~
the_mitsuhiko
> I find the distinction between libraries and applications to be rather self
> serving. It's basically saying "I want to use these open source libraries to
> bootstrap my business, but I don't believe others should be able to use my
> code in an open source way because apps should have profit".

I generally believe that people should get a reward for the work they do. For
me personally the rewards I got for my work on Flask, Jinja and many of my
Open Source libraries was non monetary but awesome on many other levels. I got
to travel to many countries, speak at conference, and I got a lot of
experience and exposure through it. I am content. However I know from many
people that they wish they could also make a living from Open Source libraries
and I do not have an answer to that — yet?

I believe the BSL is an answer for applications, I don't think it works for
libraries because of the reasons mentioned. I wish I had an answer however for
people that want to live off their Open Source work.

The line might be arbitrary for some, but it's not arbitrary for me.

~~~
UncleEntity
I see it as the same as the art school graduates who really, really want to
make a living out of making art and finding in the real world a really, really
small minority of artists can live off the art they produce.

Then they get a job teaching art to the next generation of people who really,
really want to live off of making art.

------
martey
I think it's interesting that one of the reasons Sentry gives for re-licensing
their code (most/all of the major contributors work for Sentry) is also one of
the reasons they gave 3 years ago on this site when asked why copycat services
did not concern them:
[https://news.ycombinator.com/item?id=12800539](https://news.ycombinator.com/item?id=12800539)

------
gridspy
Seems a fair compromise.

Almost all users of Sentry.io benefit from the sort of freedom that FOSS is
built on. They can control and modify the source that they are working with -
sentry.io doesn't take away their rights.

At the same time, sentry.io does not have to compete against clones which are
using sentry's own R&D against them.

I much prefer this over more restrictive alternatives.

------
machbio
Elasticsearch and MongoDB has really started an interesting debate on Open
Source Licensing..More Power to Opensource Software Providers that need to
reap the benefits of their work.

~~~
JoshTriplett
They haven't started a debate. The debate of "should we be open or not" has
been going on for as long as Open Source has existed. And we've had licenses
that attempt to sound open without being open for a long time as well, under
names like "shared source".

------
Aeolun
On the whole, while sad that it happened (it feels like a loss somehow), I
think this is probably one of the better licenses they could have gone with.

As far as I understand there’s still nothing preventing me from forking their
code, just from selling it for 3 years.

------
bbanyc
I don't blame Sentry. FOSS is a fine ideal for hobby and academic projects,
but it doesn't pay the bills. 36 years on and the most successful business
model for FOSS is to convince someone rich to lose money on it. (Cf. Gilmore
at Cygnus, Shuttleworth at Canonical.)

I do wish more companies would use these kinds of "Doom clauses" and
contribute old software to the commons once it's no longer commercially
viable.

~~~
tedivm
That's the only business model as long as you ignore Automattic, Chef,
CloudBees, Cloudera, Confluent, Databricks, DataStax, Gradle, Hashicorp,
nginx, Puppet, RedHat, and many others.

~~~
pnako
Some of those companies make money by selling proprietary software. They are
thus proprietary software companies, and bad examples of open source software
business models.

~~~
moritzplassnig
What are good examples?

~~~
pnako
Red Hat. They work with the community upstream, and they open source all their
stuff.

------
greggman2
I expect to see a lot more of this with GitHub Sponsors coming online. As it
is now you can take any BSD, MIT, ISC, GPL open source project and start
collecting money from it, not using it in another project, just by asking for
money period. The licenses above all allow this. It's only going to take a few
bad actors for the actual devs to start wanting a new license that somehow
keeps the project open source but only let's them collect the donations. I
have no idea how that will work but it seems a likely outcome.

I don't mind when my open source library is one tiny part in a larger project
that is commercial and making money. But I'd be upset if someone forked my
library, changed the name (or not), and started trying to collect donations.
Even if they changed the library I don't know at how much they'd have to
change it before I'd not feel taken advantage of.

------
naringas
the issue with all these (mongodb, elasticsearch, sentry, redis, etc...) is
that software doesn't work with zero marginal costs, software's creation and
distribution costs are different, the same goes to anything digital.

Selling 1 is the same as selling 2, is the same as 200. If anything,
distribution the costs will go up due to bandwidth (unless the distribution
becomes decentralized).

The problem is that we live in a world economy desgined by and for material
products with (in many cases) marginal costs. Making a single paperclip is
expensive, making one thousand makes every paperclip cheaper, making more
makes them even cheaper. If paperclips were software, the moment anybody makes
a single paperclip, anybody can have one.

Software is (or rather, digital things are) different. The best model of
ownership over software does not get along with the way ownership works in the
market.

------
RcouF1uZ4gsC
A little off topic from the actual post, but I wish that there was an actual
service or program that was a "re-licensing sentry". That is, given some list
of open source projects, it would email me if any of the projects changed
their license.

Many dependency managers just grab the latest release of an open source
project, and you as a software developer may not be aware that one of your
open source dependencies has changed their license in a way that affects what
you can do with your project.

It seems a lot of projects are starting out as true open source projects and
then once they have built up a user base, are changing their license to
something else. It would be nice for me to have a better way to monitor this
for my dependencies than just checking the front page of Hacker News.

------
abrookewood
I can't help but feel that if companies like Amazon, Google etc had been
fairer in their dealings with open source projects (by either contributing
more code or by paying the authors) that we wouldn't be in this situation.

------
ensignavenger
This is a very disappointing development. I was hoping to implement Sentry for
a side project I have been working on, now I will have to find an alternative
or use an old version, as I refuse to rely on closed-source software.

~~~
mythz
Nothing about this announcement makes it closed-source software.

~~~
ensignavenger
Huh? Did you read the announcement? They clearly state that it is no longer
under an open source license.

~~~
mythz
It not being recognized as an official OSI license does not make it "closed
source", their source code is still fully and freely available to customers
who can continue to using and customizing their own modified versions as they
see fit. None of which they could do if it was "closed source".

Their software also converts into Apache-2.0 after their conversion period,
where it by definition also becomes available under a permissive OSI approved
license.

~~~
eeZah7Ux
It is not fitting the requirement widely agreed for defining software Open
Source: it creates a restriction on usage.

~~~
mythz
Which is both clearly spelled out in the article and irrelevant to my original
comment where "Nothing about this announcement makes it closed-source
software."

Being licensed under an OSI approved license (that their software converts to
after their conversion period) makes it "Open Source" by definition, it does
not make it "closed source".

------
gregwebs
Its interesting to see them reason that the BSL is more open source than open
core. Do others think that? It is certainly more free as in beer for most
users.

~~~
sjwright
Having a sustainable funding model for open source isn’t necessarily a bad
thing IMHO. The potential upside here is that Sentry will be able to invest
more into large improvements to the code knowing that their funding is
sustainable. This is to the benefit of everyone who wants to use this software
in the purest sense of open source, which is running the code on your own
systems.

~~~
tedivm
This isn't a sustainable open source model though as the code is not open
source.

~~~
mythz
As they state in their article it's eventually OSS (after 3yrs it converts to
OSS) and you're basically unaffected you're reselling a competing hosted
version, you still have full access to the source code and can continue to run
your own/modified version in house.

Given that Sentry is primarily the sole contributor behind improving and
advancing their own product, making it more sustainable directly translates in
being able to have more resources into making a better product whereas having
their efforts stolen and repurposed by a competitive AWS/Azure hosted solution
would directly make it worse. They'd be pouring their millions into competing
against themselves whilst the cloud providers can use their marketing +
monopoly network effects to reap all the commercial efforts off Sentry's
investments.

The only losers here are the cloud oligopolies and Sentry's hosted
competitors, Sentry ends up with a more sustainable business model they can
invest in making a better product, which benefits their product and all their
customers.

------
jmull
BSL seems pretty decent... it _becomes_ open in a simple, easy-to-understand
way.

But it’s troublesome that they road the open source movement for years to grow
and are now closing the license. Perhaps it’s a business reality. I wonder if
there are any supporters or users or other stakeholders who thought open meant
continuing to be open. They’re getting a slap in the face today.

------
musicale
> Previous licensing models – the “open core” model, GPL, and permissive
> licenses like BSD and Apache-2.0 – are not sufficient for the way OSS is
> distributed and used today.

I think what they meant to say was "open source licenses (including GPL, BSD,
and Apache-2.0) are not sufficient to prevent Google or Amazon from competing
with our hosted service business."

------
dzonga
people's labor should be well compensated. this is a good move from Sentry,
Mongodb and others that will follow. yeah, you've people with freeware or fsf
idealism i.e Stallman ideas.That Sentry and the others betrayed their ideas.
But simply, FU - let them get paid. Sentry is an amazing product. & the people
who work on it should be able to put food on the table & sleep well, without
worrying about Amazon n parasites. I think the greatest misconception is
between open source and open core. & we should start labeling a bunch of
software on Github as such. Now the parasitic cloud providers such as AWS
won't profit via someone's work. when they hardly contribute to open core |
source

~~~
rstupek
Sentry, mongodb, et al. all got as big as they did by promising to be open
source. Do you think they'd be where they are today had they not been open
sourced? I personally do not.

~~~
stock_toaster
> Sentry, mongodb, et al. all got as big as they did by promising to be open
> source.

Do you have any proof to back this assertion?

> It’s important to remember that Sentry “the project” has been developed
> almost exclusively by employees of Sentry “the company”; millions of dollars
> have paid the salaries of engineers, designers, and product people to
> produce the software we know and love today.

I don't have any skin in this game, but they claim that most of the code
contributions were by employees paid for by Sentry. Do you have evidence to
the contrary?

------
api
We recently adopted the BSL too. Here's a blog post that goes into detail
about our rationale.

[https://www.zerotier.com/on-the-gpl-to-bsl-
transition/](https://www.zerotier.com/on-the-gpl-to-bsl-transition/)

~~~
comex
That post states that GPL or AGPL would be adequate for your protection needs
but you opted for BSL instead due to “GPL-phobia”. So why not dual license
under BSL and (A)GPL? That way open source purists (including me) would have a
license they considered acceptable, without it compromising your goals.

~~~
nickpsecurity
It's an interesting idea. The BSL seems like a safer choice given the wording
straight-up blocks SaaS's. They're the real threat to ZeroTier.

On a side note, most people contributing to F/OSS don't like AGPL either.
They'd instead by griping about _that_. Folks be irritated one way or another.
His profit and their jobs are safer with people griping about BSL, though.

------
gregimba
When will there be a 10.0 Open Source Release? It's harder for me to support
this when I saw open source pull requests denied that in hindsight would have
let more users run their own hosted sentry with features such as OpenID
Support.

------
the_common_man
What does this mean for people who have already contributed? Do you have to
get permission of everyone who made a PR merged? Did they have some sort of
CLA that allows them to re-license? Just curious how this works.

~~~
smitop
It doesn't appear they have a CLA. The old license was BSD 3-clause, which
states: > 1\. Redistributions of source code must retain the above copyright
notice, this list of conditions and the following disclaimer. > 2\.
Redistributions in binary form must reproduce the above copyright notice, this
list of conditions and the following disclaimer in the documentation and/or
other materials provided with the distribution.

And nowhere is that list to be found. So it appears Sentry is violating the
license for external contributions.

------
notatoad
content of the blog post aside, this is just completely obnoxious and
distracting:
[https://gfycat.com/sphericalfrailalligatorgar](https://gfycat.com/sphericalfrailalligatorgar)

~~~
nathancahill
Yes, but at least you can submit a PR to fix it.

~~~
tedivm
You say that like it's a good thing, rather than being a way for corporations
to extract value from free labor to line their own pockets.

------
inputmice
Have you considered that SaaS is just a terrible business model?

~~~
comex
Tell that to Amazon, who seem to be making it into an extremely successful
business model.

------
tus88
> Minimal limitations on usage of code; as free as possible

Wait what?

------
draw_down
Seems reasonable.

Easy to be a purist, hard to reconcile that purism with the need to run a
business (and let's not forget, pay engineers and other employees with the
proceeds of that business).

------
tedivm
Yet another company that uses the open source community to grow and then rips
the rug out from under them.

This corporate take over and redefinition of open source needs to stop. The
"Business Source License" is not an open source license, and lying to the
community about it is nothing short of gaslighting. This decision is bad for
the community, and no amount of marketing speak and lying from sentry is going
to change that.

~~~
brianwawok
How do you propose stopping AWS taking the code wholesale and selling with an
upcharge? Is that what open source is?

~~~
latortuga
AWS is emphatically NOT "taking the code", they have a license for it. If you
don't want people to use your work commercially, then don't license it to them
to use it commercially. It's pretty simple. Once you tell people what they can
and can't use your software for, then it is no longer free; you don't get
both.

~~~
marcinzm
>then it is no longer free; you don't get both.

You drew a line in the sand, do not presume that someone else will draw the
line in the same place. For example, some people draw the line at GPL. I,
personally, greatly prefer a BSL license to a fully proprietary license. That
means, from me, they do get both.

~~~
unionpivo
Well yes but open source has well established definition.

If we just let everybody call them self opensource and free, those terms will
loose all of its meaning.

The fact that BSL is better than completely closed source option is different
discussion.

------
mesozoic
Eventually open source LUL I'm sure they'll eventually let you into the open
source conference.

------
niftylettuce
I built Cabin as an alternative to Sentry.

[https://cabinjs.com](https://cabinjs.com)

Less bloat, no vendor lock-in, works with any logger.

------
dkhenry
I was at an open source event hosted by a16z ( a blog post about it is here
[https://a16z.com/2019/10/04/commercializing-open-
source/](https://a16z.com/2019/10/04/commercializing-open-source/) ), and one
of the things that was abundantly clear is there is no reason you can't have
open source and a viable business model. Companies moving to BSL are
effectively saying they can't actually compete so they are trying to shore up
their business by using a license change. At the end of the day the better
product will win out, and companies moving to BSL are tacitly admitting they
don't have the better product so they want to lock in market share before they
get out competed.

~~~
ElKrist
Imagine I create a fantastic new beer: a new taste that most people love. My
recipe is open source.

I have put a lot of time/money perfecting the recipe/brand . I started selling
it to local businesses and have been expanding slowly but steadily. I don't
have big production scales yet so I can sell a bottle for $3.

Now come Big Beer Co., #1 on the beer market world wide. They take my recipe
and can sell it for $1 thanks to their economies of scale. I keep making my
beer better and better whiel Big Beer Co. keeps the original recipe they
"forked".

I start losing customers: yes I keep improving on the recipe but it does not
justify paying $3 instead of $1. Eventually, I die and Big Beer Co. are the
only one remaining selling my recipe.

Is it because they made a better product? Nope.

~~~
yarrel
You can't copyright recipes.*

If you could, that would still be the smallest part of the dynamics of why
people drink craft beer and how the economics of scaling up production of a
recipe work.

* - And trade secrets don't lend themselves to openness.

~~~
ElKrist
"You can't copyright recipes." => I did not say that and my analogy was not
assuming that either. Can you elaborate why you made that point?

Perhaps I could have been more clear: I explicitly share with everyone the
exact process/recipe so it is reproducible without any other research.

------
peterwwillis
If you're wondering "why don't they just close-source the whole thing, and
then they don't have to worry about competitors?", there's two reasons. One,
open source is a good marketing tool to acquire trend-following customers,
gain industry rep, and better hires. Two, if an open-source clone emerges, it
could become a threat to their product, so they need to keep people using some
version of their own product. This is what it means when a business says open
source is a "strategic advantage".

All these "formally-open-source companies" are learning the same lessons we
learned in the early 2000s: competing on software alone only works if you're
licensing a proprietary product, or you're giving it away as a lock-in tool
for a platform you control. The alternative is to compete on service and
support, which works until you compete against a platform. A big player with a
platform will just take ten million dollars and a year and a half and write
their own version of it, and their customers will use it because it integrates
with the platform's products better.

