
Choosing a License for GoatCounter - mplanchard
https://www.arp242.net/license.html
======
comex
The EUPL has network protection, but it can be circumvented pretty easily.
That’s because the EUPL also has a clause which lets you convert EUPL code to
any of a long list of “Compatible Licenses”, including GPLv2, GPLv3, and many
others. So you can just convert to a license without network protection and
use the software under those terms.

(Technically you can only convert when distributing a derivative work “based
upon both the Work and another work licensed under a Compatible Licence”, but
you can just find some GPL-licensed function which can be put somewhere in the
codebase. Oh, and you may need multiple people to pull this off.)

------
JoshTriplett
> some companies avoid AGPL due to its extremely “viral” nature

This is a feature, if you're trying to make sure that people either share
changes or pay you. If some companies avoid it, that means it's doing its job.

(This seems related to classic advice on pricing: if nobody _ever_ thinks your
product is too expensive, then your product is too cheap.)

> I don’t like that it imposes restrictions on non-commercial users. If you’re
> running a private GoatCounter for your personal weblog with some hacks you
> clobbered together then go for it! No need to send me your ugly hacks.
> Again, I may investigate some dual-licensing options in the future.

This doesn't need dual-licensing, just a license exception that allows certain
groups of people (e.g. personal websites below a certain scale) to ignore
certain clauses of the license.

~~~
Carpetsmoker
The problem is that it will also affect code that's only tangibly related to
the AGPL'd code. See e.g. the Google page:
[https://opensource.google/docs/using/agpl-
policy](https://opensource.google/docs/using/agpl-policy)

As mentioned, I'm only really interested in preventing people from "leeching"
off my work by setting up a competing service with their (unpublished)
changes.

I'm not so sure if this is a real issue with end-user program like
GoatCounter, but in general I'm not a fan of "viral" licenses.

> This doesn't need dual-licensing, just a license exception that allows
> certain groups of people (e.g. personal websites below a certain scale) to
> ignore certain clauses of the license.

The AGPL can't be changed though, it's explicitly mentioned at the top. So as
I understand it, the only way is to offer it under two licenses (if personal
then this license, else other one). I'm not really sure how this works legally
(didn't research).

~~~
JoshTriplett
I'm familiar with Google's AGPL policy. Google doesn't have a policy against
paying for an alternative license, though; the bottom of the page you linked
to says "In some cases, we may have alternative licenses available for AGPL
licensed code.". Offering your code under a copyleft license and selling an
alternative license is a long-standing successful business model.

>> This doesn't need dual-licensing, just a license exception that allows
certain groups of people (e.g. personal websites below a certain scale) to
ignore certain clauses of the license.

> The AGPL can't be changed though, it's explicitly mentioned at the top. So
> as I understand it, the only way is to offer it under two licenses (if
> personal then this license, else other one). I'm not really sure how this
> works legally (didn't research).

You can't modify the text of the AGPL, but you can offer exceptions to it, and
the GPLv3 and AGPLv3 make that even easier than the GPLv2 did. Many pieces of
software are available under licenses that consist of the GPL or AGPL plus an
exception. This is not at all uncommon. The LGPLv3 itself actually consists of
the GPLv3 plus an exception.

As an example, you could write something like "Licensed under the GNU Affero
General Public License, version 3 or later. As an exception, if you are using
an unmodified version of the software solely for your own individual use on a
personal (non-business) site with less than X active users, and not offering
the software as a part of a service provided to others, you are not required
to provide the source of the software as would be otherwise required by clause
13 of the AGPL."

(Also worth noting: technically you _can_ modify the text of the GPL or AGPL
if you omit the preamble and modify the instructions, but the result will not
be an OSI-approved license, and if you're not careful it also likely won't be
GPL-compatible. See [https://www.gnu.org/licenses/gpl-
faq.html#ModifyGPL](https://www.gnu.org/licenses/gpl-faq.html#ModifyGPL) .)

------
kemitchell
This kind of post always makes me happy and sad.

On the one hand, devs should feel empowered to read licenses, get their hands
dirty, and choose for themselves. I like seeing more of that.

On the other hand, this is way too complicated. This author's needs and goals
aren't rare. They're exceedingly common.

------
runxel
Already stumbled on the first paragraph:

> Choosing a license has always been easy: MIT. It’s the best-known “do what
> you want” plain language license. Arguably ISC is slightly better [...]

Umh, how exactly? ISC and MIT are functionally equivalent, which really means
there are no differences.

Anyway, I agree that choosing a license is often very hard for reasons stated
in this post. I'm wondering why nobody ever made a license Martin would
describe as perfect.

(But I am aware it's really hard to make a water-tight license, since nowadays
it has to work worlwide, which will need some ugly language since the European
and Anglo-American laws are so different.)

~~~
tzs
> ISC and MIT are functionally equivalent, which really means there are no
> differences.

ISC> [...] use, copy, modify, and/or distribute this software [...]

MIT> [...] use, copy, modify, merge, publish, distribute, sublicense, and/or
sell copies of the Software [...]

Note that MIT includes "sublicense". ISC does not. This is a big difference.
See page 87 in chapter 5 of Rosen's "Open Source Licensing" book [1] for a
discussion of the importance of this.

[1]
[https://www.rosenlaw.com/oslbook.htm](https://www.rosenlaw.com/oslbook.htm)

------
zzzcpan
There are very few real copyleft licenses in the age of SaaS. Basically just
Parity [1] and API Copyleft [2] licenses. The rest allow corporations to build
proprietary services on top of such software without releasing any of that
proprietary code.

The landscape is pretty sad these days. FSF is subverted by corporate
interests. OSI is even worth, their entire existence is to serve corporate
interests.

[1] [https://paritylicense.com/](https://paritylicense.com/)

[2] [https://apicopyleft.com/](https://apicopyleft.com/)

~~~
gnulinux
I'm not an expert on licenses, but from my own understanding of AGPL, I'm not
sure why Parity and/or API Copyleft would give better protection against SaaS
corporations. Would you be able to explain why AGPL is not as good as the two
licenses you named?

~~~
kemitchell
How do you understand AGPL?

------
t0astbread
Do the (A)GPL or the EUPL really require the publication of hacks for private
use? I thought that was always linked to redistribution of the software, not
use.

Also, doesn't the Parity Public License violate the OSI definition of "Open
Source" by requiring users to “Contribute software you develop, operate, or
analyze with this software”. This kinda reminds me of MongoDB's SSPL which (I
think?) violated the "license can not restrict other software" rule:
[https://opensource.org/osd](https://opensource.org/osd)

~~~
JoshTriplett
> Also, doesn't the Parity Public License violate the OSI definition of "Open
> Source" by requiring users to “Contribute software you develop, operate, or
> analyze with this software”.

Yes, it does. It's a license that pretends to be open, but isn't, much like
MongoDB, or the Redis "Commons Clause".

The whole rant linked from this article, about the OSI, is very much a case
study for why you _should_ ignore any license that claims to be open or uses
terminology that vaguely sounds open but isn't actually OSI-approved. (With a
dose of "and you should be scared of copyleft" FUD thrown in.)

~~~
Carpetsmoker
Different people have different meanings for "open". Right now there seems to
be something of a crisis of terminology, where "open source" originally just
meant "the source is available". The the OSI stepped in and gave it a specific
definition with the OSD, but some people _still_ continue to use it in the
original "source is available"-way, whereas others use it only to mean OSD-
compatible or OSI-approved.

I'm not sure if inventing more terms will be successful or useful, so the only
way forward I see is to relax and assume good intent from everyone, use "OSI-
approved" or "compatible with OSD", and "open source" as a very broad umbrella
term for anything where the source is available. This is already how many
people use the term, especially those not intimately familiar with software
dev/open source. I've never seen a single instance where telling people that
"you're technically using that commonly used term wrong" is successful.

~~~
cxr
The central thesis of your comment, which also mirrors an oblique side remark
from the article, is a total fabrication.

OSI did not commandeer the phrase "open source". OSI _coined_ "open source".

~~~
paulddraper
But the English language already had definitions for "open" and "source".

English-speakers combining those two to produce the intuitive way ("you can
see the source code") gives us our present situation.

~~~
cxr
Regardless of how valid anyone sees your "but", it's not the extent of claim
made in the comment I replied to.

Both the comment and the article make a very specific claim about the term
"open source": the (frequently encountered) falsehood that the term "open
source" preceded OSI, and that the OSI made it their prerogative to wrench it
from the mouths (keyboards) of programmers so as to suit the OSI's desires.
Not only is that not true, it doesn't seem to be accompanied by any
appreciation of the irony involved here, considering that the _exact opposite_
thing is what's actually going on—by the folks who are complaining about
retconning language!

~~~
kemitchell
"Open" was a high-froth marketing term in computing long before OSI came
around. "Open source" itself was and is commonly used in intelligence.

Christine Patterson, who proposed "open source" at the freeware summit, has
written that she mentioned it to a friend in marketing at the time, and the
friend advised against. "Open" was too played out, meant everything and
nothing.

~~~
cxr
This sounds like a retort to OSI's "open source", but it isn't. It contradicts
nothing and does much less to support the "other" side than it seems to.

How many times are the goalposts going to move in this conversation?

> Christine Patterson

Peterson.

~~~
kemitchell
Thanks for the typo correction.

On "open", see:

[https://en.wikipedia.org/wiki/Open_Software_Foundation](https://en.wikipedia.org/wiki/Open_Software_Foundation)

[https://opensource.org/pressreleases/certified-open-
source.p...](https://opensource.org/pressreleases/certified-open-source.php)

"Open" wasn't greenfield. "Open" was a marketing buzzword in computing all
through the eighties.

~~~
cxr
> This sounds like a retort to OSI's "open source", but it isn't.

~~~
kemitchell
That's not an argument, it's a naked conclusion about an argument.

If you'd like to send a counter-argument, I'd be happy to read it. If you'd
prefer to play referee, I've no interest.

~~~
cxr
Here's a breakdown of this particular bait-and-switch:

The first, strong-but-indefensible claim is made—the one that argues "open
source" was in play and that there was some "original" meaning that predates
OSI and their attempt to co-opt the term.

This is disputed.

We then see a retreat from out of the bailey into the motte, where we appeal
to the "intuitive" understanding (presumably first mover now doesn't matter).
Later we're back somewhere in between, except this time musing that perhaps
"open" _didn 't_ mean _anything_ at the time the Foresight group decided to
embroider "open source" on their crest.

In summary, the only thing we've seen is a bad argument that was subsequently
vacated, leaving a void in its place plus nothing more substantial than vague
suggestions that some other arguments exist that can quash OSI's stake in the
term "open source".

So you'll have to forgive me if I haven't yet responded with a counter-
argument that requires _guessing_ what claims your mercurial stance is going
to have you calling for me to take down next without you actually going
through the effort of arguing them in the first place—and thus pinning them
down into a form that can actually be squared. Are you able to commit to
laying out what you actually believe here and your rationale for why it's
valid line of thought?

In other words, if you want to hear a counter argument, you're going to first
need to articulate the initial argument that you expect to be
countered—preferably in the form of complete sentences that can be read as a
deductive play-by-play, each point following from the last, rather than non-
sequiturs appealing to incompatible values and adhering to no common goal
besides opposition to OSI.

------
stock_toaster
I was expecting the BSL would be chosen, as that seems to be gaining a bit
more popularity lately (mariadb, sentry, cockroachdb, etc). I wasn't very
familiar with the EUPL. Interesting reading more about it.

~~~
Carpetsmoker
The thing with the BSL is that it's not OSI approved, and never will be as it
doesn't fit the OSD, which was one of my requirements (for pragmatical
reasons, not ideological ones). I should perhaps include it in the comparison.

~~~
stock_toaster
Makes sense. Thanks for the reply!

------
dmm
> the term was around for a long time before the OSI was started

Is this actually true? It was my understanding that the term "open-source" was
invented by or around esr, one of the founders of OSI.

~~~
lliamander
ESR didn't invent it (nor does he claim to) just popularized it. The credit
goes to Christine Peterson[1].

[1][https://en.m.wikipedia.org/wiki/Christine_Peterson](https://en.m.wikipedia.org/wiki/Christine_Peterson)

~~~
dmm
Thanks for that source. She claims to have come up with the term on Feb. 3rd,
1998 and the OSI was formed the same year. That suggests the term wasn't used
long before the OSI.

~~~
kemitchell
"Open" was a marketing buzzword in computing long before that. Christine has
written that she ran "open source" by a friend in marketing at the time and
they told her it was vague and played out.

------
enriquto
the AGPL is clearly the best free software license nowadays. It could
supersede the plain GPL, as it inherits the same spirit in the cloud context.

~~~
gnulinux
I agree, I re-licensed my own GPL projects to AGPL recently.

------
ebg13
I always feel weird when reading long explanations about why someone chooses a
copyleft free software license for nihilistic capitalist reasons (I don't care
about the four freedoms, and I want money).

~~~
Carpetsmoker
I work on this full-time; it's my only source of income. I don't think it's
especially capitalist or nihilist to shield yourself from potential abuse by
_actual_ nihilist capitalist who will stop at nothing to make a buck. _Not_
doing so would be naïve.

Being called a "nihilist capitalist" for quitting your day job for working on
open source software is certainly a rather ... curious ... experience.

------
lidHanteyk
What about WTFPL?

