First, what is a "user"? It is not defined anywhere in the license.
I did not look at the source code, because of the potential IP issues. What would happen if you looked at the source code and then later worked on another open source project and implemented a bit of code that looks similar? The worst case scenario if you did this and the "upstream" was open source is that you'd have to do a bit of re-licensing, the worst case scenario here is that every user of the "downstream" project gets sued by SourceGraph.
Asking for contributions is also problematic, as you're asking for employers to authorize free contributions including a blanket license and patent grant to a proprietary commercial project. And even after that the contributor doesn't have the right to freely use and distribute the software they modified.
I'm all for publishing source code of proprietary projects, but dressing it up as an open source project is not great. I'd suggest adding a license clickwall to avoid accidental IP contamination.
They aren't claiming to be open source. It's similar in certain ways to open source, but different.
They are claiming to be essentially identical for small organizations: "The Fair Source License works just like an open-source license when the usage is below the Use Limitation."
This is, however, false given the lack of ability to redistribute modified copies (even under the same license). Its not "just like an open-source license", even before considering the Usage Limitation.
Could this also be an issue with the GPL? What happens if I look at GPL source code and then author similar code under a non-GPL license? I wonder if a precedent has been set that could be applied to this Fair Source license.
In that case it could be argued that your similar code is a "derived work", and hence you are violating the copyright of the original.
Whether that original is GPL'd or not doesn't actually matter from a legal point of view; it could be under a different FOSS licence, or proprietary, the result is the same: if you breach the terms, you're in violation. That's the point of copyleft: it's power comes from exactly the same source as that of proprietary licenses.
In the particular case that your "non-GPL" license just so happens to be similar to the GPL, e.g. it's FOSS, possibly copyleft, etc. then the original author might be feeling generous and be willing to come to some arrangement, e.g. by retroactively granting you permission for your derived work, or by negotiating a licence change with you (changing the license of either your code, theirs or both). Note that this would be orthogonal to the legalities; it's a matter of whether the owner is willing to cooperate. This might be difficult if there are many owners though (e.g. imagine trying to negotiate a license change for the Linux kernel!)
To the extent it is defined, it seems to be defined exclusively as internal users (including commonly-controlled organizations), which might have...interesting...implications if the licensee chose to use their (potentially modified) software in SaaS, rather than internally.
The fact that the source is publicly available (with a license that, I think, is just as evolutionary in that space as their product is in its space) is the cherry on top of a really tasty sundae.
(Full disclosure: I invested in their team as soon as I was able to. So I have a financial interest in the company doing well, although my primary interest is in seeing products of this sort continue to evolve and develop in a direction that will give greater leverage to developers everywhere. I am also a total fanboy, but that follows from the above. ;-0)
 Actual instance on mozilla code https://dxr.mozilla.org/mozilla-central/source/
Feedback is much appreciated!
More info at the announcement blog post (https://sourcegraph.com/blog/133554180524/announcing-the-sou...) and at https://sourcegraph.com.
As for asking for your email address, we want to be able to know who is signing up so we can collect better feedback.
As for gogs, it is already coming along nicely. It has support for LDAP authentication and has some other nice features.
The last picture shows the commit activity between the various branches. Not sure what the "git" branch, which started to deviate in October, is for though.
Just my opinion. Code Intelligence and smart search are just too vague and a bit buzz sounding so my in-brain buzz-blocker ignored it.
Once you see the video, all is clear. This looks awesome.
I understand that Go and Java are currently supported - that's great, two of my favourite languages. Is there any planned support for a dynamically-typed language like Python in the future?
Thanks again, best wishes for your company/product/service.
I tried using it on a project I contribute to (https://sourcegraph.com/github.com/mattermost/platform) and it seems to fail to work.
Sourcegraph.com is currently a demo of the product on open-source repositories, and our public code analysis workers are bit backlogged right now due to increased load, though it looks like your project was successfully processed now and it's picking up the Go code: https://sourcegraph.com/github.com/mattermost/platform.
I’m all for (ethical) innovations that enable companies to be built more efficiently... Ideology aside, it’s often practical matters that attract users and developers to open source software. They've chosen a different point along in the “how much to give away and under what restrictions” space to try out.
Thoughtful experimentation = good. That doesn't mean it will succeed. But failing to try new things will lead to less efficient innovation in the long run for our industry.
But the (un)Fair Source License is not an Open Source license.
I'm not sure that that is the case: its clearly not Free, but it might be that rare example of a license that meets the OSI Open Source definition but not the FSF Free Software definition. (It clearly violates the spirit of Open Source, and if OSI were to review it, the Open Source definition might be explicitly amended to preclude the kind of use limitation it imposes.)
It seems they've completely prohibited forks effectively by prohibiting redistribution of modified versions. I'm not sure about the OSI definitions, but that definitely doesn't fit with any idea of open source I have at least.
At best, I view it as a proprietary product, their source release is no more useful than say, JIRA's. At worst, it seems strangely dishonest to try to promote your product as open source using this sort of license but twist it so far that it doesn't resemble open source at all.
The only part of the definition that seems to be close to being violated is criteria 7 on license distribution (since the license is not sublicensable, but allows redistribution), but since the license from the original copyright holder applies to every recipient of the software, including recipients by redistribution, it seems to be met.
EDIT: Actually, I think I may have misread; its not clear that the "Fair Source License" allows redistribution of modified versions (it allows modification and redistribution, but not clearly distribution of modified versions. So that would be fatal.)
We believe developers deserve to have a hackable, extensible platform for their code, so it can be more deeply integrated with the best other dev tools. That's why we built Sourcegraph and released Sourcegraph's source code. It's also why we're making it easy to build deep integrations into Sourcegraph (see, e.g., https://src.sourcegraph.com/sourcegraph@master/.tree/platfor...).
We released Sourcegraph under the Fair Source License (https://fair.io/), which we worked with a well-known open-source lawyer to draft.
TLDR is that it lets us create the best product for developers by having a sustainable business.
Full info at https://fair.io:
> Fair Source allows companies to both share a product’s source code and charge for that product. Releasing a product’s source code makes it more valuable to customers by enhancing extensibility and building trust. With open source, releasing the full source code and charging for the product is virtually impossible. Fair Source makes doing both possible.
Elaborated briefly on my goal here with an old example:
Your license appears to meet many of those requirements. Curious about several things, though, that I figure you could give some straight, English answers to. ;)
How did you come to letting it depend on a user count rather than some other criteria? That's unusual and even reminds me of commercial licenses.
Does the license create a specific amount at that point or allow extortion where locked-in clients are hit with large amounts later?
Is the author able to terminate the project in a way where users are left with a dependency they no longer have access to?
I know you accept modifications under a CLA or something. Let's say, though, you didn't want to distribute some substantial changes. Basically, a fork is in order. How does that work? Do they just assign the whole fork to you where you can optionally offer it to others? Do they keep it onsite? Does it not happen at all? Prior discussions taught me forking is something that should have definitive answers in new OSS licenses.
The ability to make things disappear, get overpriced, or turn to shit arbitrarily are among the largest risks in proprietary OSS projects. So, interested in seeing your company's take on those.
Is there a separate link or some dividing line to the Core source? Or how does one build or access just the core features to abide by the licensing terms if you're a team larger than 15 and want to evaluate Core Sourcegraph?
Sourcegraph Enterprise includes the additional features mentioned in the pricing section on https://sourcegraph.com that are specific to very large companies.
Sorry about the confusion. Anything we can do to make that clearer?
Inside https://src.sourcegraph.com/sourcegraph@master/.tree/LICENSE it has a line that says:
"Use Limitation: 15 users"
The LICENSE file starts:
Fair Source License, version 0.9
Copyright (c) 2015 Sourcegraph Inc.
Licensor: Sourcegraph Inc.
Software: Sourcegraph Core
Use Limitation: 15 users
But I think "Sourcegraph Core" is described as teams of any size on the website.
The difference being, of course, that one would redistribute the original code under the FSL and so the work as a whole would remain licensed under it.
Strange how much negativity proprietary OSS gets on HN vs cool, proprietary, closed tech.
"Proprietary OSS" is an oxymoron, like "four-sided triangle".
I think you miss that the biggest and most important benefits of open source are tied to the freedom to fork, which is both the source of the greatest security against divergence in interest between the original copyright holder and the user community and the enabler of community-driven innovation.
Put simply, shared-source does not have "OSS-like benefits".
> If they were reacting to that, then it still stands if they don't do similar for cool, closed-source stuff here.
Unlike shared-source stuff like the Fair Source License here, simple closed-source proprietary software generally doesn't try to pretend to be Open Source-like (and, when it does, it is attacked in the same way.)
I agree that's a major benefit. It's why a form of it is on my list. :P
A non-profit maintaining a shared-source software requiring a mere $1 a year wherever it was used would have enough for a full-time developer plus the website by time it hit 20-20k users whether in original or forked form. Plus could take contributions from others while giving them credit and/or a pass on the money. Whereas many OSS projects get used all over the place with about nothing in return and depend on goodwill of occasional volunteers or sponsored developers. So, there's definitely a benefit here with similar innovation, even community driven if a membership fee model.
"Unlike shared-source stuff like the Fair Source License here, simple closed-source proprietary software generally doesn't try to pretend to be Open Source-like (and, when it does, it is attacked in the same way.)"
Nah, shared-source stuff gets attacked more than proprietary or even shoddy OSS when it shows up. I was happy to see some exceptions considering the license a nice evolution in OSS direction from a proprietary angle or just better than most proprietary licenses.
It's made by them as well. It most certainly is not libre/free software. I'm guessing it has minimal legal ability to stand up in court. It is a bastardization of what open source is about... really it's more of a disclosed source setup.
I might go even further, and suggest that if one had to parcel the value created by open source software into two buckets, the one being value created by reason of transparent source code, and the other being value created by reason of no-cost source, the majority of the marginal value creation will have been because of the former, not the latter.
A glance at fair.io shows an interesting attempt to provide OSS under a proprietary model. Many businesses are fine with whatever gets the job done with main benefits of OSS being reviewing, extending, or just fixing things. A proprietary license allowing that has real value.
Curious, do you write comments like this whenever Google, Amazon, deep learning, etc closed-source tech with benefits are mentioned on HN? How they're insanity and not worth further discussion because the whole stack isn't FOSS?
> We invite the entire coding community to adopt our simple, standardized, proprietary license.
> No. Unlike open source, Fair Source has a Use Limitation built into the license
I contend that open-source has always been a mix of philosophies which originally included commercial variants. The reason those disappeared probably had a lot to due with the greed of the dominant companies in IT. More utilitarian owners or charters might have had different results. However, there's still companies doing proprietary w/ source code and dual-licensing of proprietary + OSS.
This is all wrong. One: Stallman only advocates Free Software, not Open Source, and not "Free and open source". Open Source Software and Free Software are defined very similar in substance (by the OSI and FSF, respectively), what differs most substantially between the respective organization is the philosophy of why they think those definitions are desirable, not the substance of the definition. Virtually all licenses that have been considered by both the FSF and OSI have either been recognized as meeting both definitions, or have been found to be outside of both; there's almost no inconsistency.
"Free and open source software" is a collective term for the common category of software described by the FSF and OSI definitions, typically used by people who are not interested in (when using it) diverting things into a philosophical debate over preferred terminology between "Free Software" and "Open Source".
The license type sometimes described as "viral" espoused by the Stallman and the FSF is copyleft license, which is a kind of Free Software (and/or Open Source) license which has clauses to assure derivative works are licensed under a similar license; the GPL and AGPL are well-known copyleft licenses.
Any suggestion for what to call (a) software with source included in general that doesn't meet OSI & FSF definitions or (b) paid software w/ key benefits of OSI?
"Source disclosed" or "Shared source".
> paid software w/ key benefits of OSI?
Since Open Source (and, for that matter, Free -- which means libre, but not necessarily gratis) software can be paid, if paid software actually has the "key benefits" of Open Source, it is probably because it is Open Source.
It's a start.
"if paid software actually has the "key benefits" of Open Source, it is probably because it is Open Source."
You got me thinking on it enough to consult the opensource.org requirements. :) Two jumped out at me immediately:
" Free Redistribution"
"License Must Not Be Specific to a Product"
Many forms of paid software with open-source benefits don't allow this or not for all parties. A license might have to be paid on a per-user, per-product, or per-project basis. Other benefits of OSS can remain. So, it's not traditional definition of OSS but still respects freedoms of paying users to various degrees.
I think most people who believe that open source has benefits would disagree that there is software that provides "open-source benefits" without providing this. What specific examples can you point to of these "many forms" of paid software, and what "open-source benefits" do they provide without these?
To get more specific, you can read the source, you can modify it to suit your needs, you can submit modifications for redistribution by owner, you can fix problems, port to new hardware, often include it in your proprietary software, optional component of OSS software, and optionally fork it as GPL. (optional used to denote some paid, source-shared don't do this) That's really close to OSS software while still being proprietary to support active development and maintenance by full-time people. The dollar amount w/ associated benefits can be as large or small as one likes, even fixed. Provisions can be made for it to go BSD etc if abandoned or unsupported by original owner.
I'm just curious how far a proprietary model can go into increased OSS-style benefits and reduced proprietary-style risks. I'm sure it's way closer than people think with the dual-licensed stuff being most obvious indicators that hybrid models w/ licensing revenue are achievable.
Uh.. I actually often do. I would more, but it generally isn't appreciated and is off topic of the main thread. Here, the software license is a key component of the release seeing as it is a unique component of it.
>Open source is about the source being open plus certain benefits.
It's more than that. The key intent of OSS is the right to study, change, and distribute the software to anyone and for any purpose. The source code is just a prereq for that ability.
I did initially use stallman-esque language, since it's terminology most people are familiar with in this field, but I'll approach it from a different point since I personally have problems with strong copy-left licenses.
The primary thing this license doesn't do is allow distribution in the OSS spirit. This is really just a pervasive license, actually in some ways similar to the Stallman-esque virality except with a corporate intent. It simply masquerades as OSS.
No, the key intent of open-sourcing software is to let one see the source. That's it. Additional intents are added with licensing terms. This goes back to academic and even proprietary (eg Burrough's 1960's MCP) examples that did this. Many models of it formed with examples ranging from permissive BSD to proprietary OSS like LISP machines (esp Genera) letting customers use the source of OS & supporting libs in applications.
So, OSS is a broader thing than you are describing which supports many models. There is no "spirit" so much as many different ideologies competing and pushing their own licensing schemes with various perceived benefits. Now there's one more.
So, your rendering of open-source history is false both in academia and commercial sector. It's always been a mix with proprietary favoring closed source due to financial incentives, especially lock-in. Nothing precluded more paid OSS strategies aside from culture of organizations involved. As dual-licensed projects and proprietary w/ OSS benefits like this one show.
I'd be up for considering a new term to avoid confusion. Paid, non-profit or for-profit, models allow for most benefits of OSS if structured correctly. So, the new phrase must allow for that. I've been calling it "proprietary OSS" or "paid OSS."
You can't just change the meaning of the term and expect everyone to know you mean this alternate definition. "Open Source" is as defined by the OSI, and not whatever loose definition that you use that includes proprietary software.
>I've been calling it "proprietary OSS" or "paid OSS."
"Proprietary OSS" does not make sense given the definition of OSS! The phrase you should be using is "proprietary software."
I've already agreed with you and dragonwriter on that. dragonwriter suggested "shared source" as a start. Might go with that temporarily.
""Proprietary OSS" does not make sense given the definition of OSS! The phrase you should be using is "proprietary software.""
Starting now. Proprietary, shared-source software would make sense and can have most benefits of OSS. Just calling it proprietary software, though, instantly conveys the image of something closed source, for money, not allowing modifications, and with tons of risk. So, I can't just call an OSS-like, but paid, model proprietary due to public perception much like I apparently can't use "proprietary OSS" for same reason.
Hence, need for new terms. Especially one that captures the spirit of OSS with change that distribution/use is paid to some degree in some way, either money or code/doc contributions. Will re-write my old essay, though, as you two got to the bottom of one of its problems.
This illustrates yet another confusion about FOSS. There's nothing in either the Free Software or Open Source definitions that says that a fee cannot be charged for software. You can charge money for free software!
The payment has to be mandatory, done with licensing, and increase with use somehow to maintain few advantages of proprietary software. Open to any models that can leave off one or more of these with consistent effectiveness as my goal is exploration.
Copyleft is not a virus. I'm pretty damn tired of this meme.
The image fits the behavior of the code, though. Hence the meme. More accurate description is like an agreement many parties participate in with copyright used to seal the deal for current and future distributions. So, control-freaks enforcing ideology on improvements to what they create rather than virus. ;)
No, it doesn't.
> This is true even of distributing a large amount of non-free code while someone in organization unknowingly included a tiny amount of copyleft code.
If a single work is distributed that is based on copyleft code (not a mere aggregation that includes copyleft code and other code), then not licensing the resulting work as specified in the copyleft license is a violation of the license of the copyleft code. But the license doesn't attach on its own to the work.
To be clear, your saying that my worry was inaccurate and one person including GPL code into a new, released version of a proprietary app doesn't require the whole, linked source of that app be released under GPL? That happening is very virus-like but if it can't then it wouldn't be virus-like.
If the inclusion suffices to make the app as a whole a derivative work under copyright law (the FSF has a particular opinion on linking, but that opinion is not included in the license), then it would require you to offer the app under the GPL, failure to do so would be a violation of the GPL.
There is nothing "virus-like" here. The license doesn't attach without your knowledge. You may face consequences for the breach if you don't comply with the GPL terms, and releasing the whole work under the GPL may be the most convenient way of dealing with that -- then again, it may not.
It does if one person on a large team did it without others' knowledge. This doesn't occur for most, non-copyleft code. At that point, if it's a derivative work, then your codebase looses its value as it gets GPL'd just because GPL'd code touched it. Preventing that outcome would require both preventative methods and constant vigilance.
Kind of like avoiding getting sick from a virus and spreading it everywhere.
Note: A former Microsoft employee told me in a prior discussion they identified this exact risk and took steps to prevent it. I never knew if it was paranoia or what could legally happen. Interesting to find last year that my hypothetical scenario actually played out to a degree in FOSS's arch-rival of that period.
> It does if one person on a large team did it without others' knowledge.
No, the license never attaches to your code without a positive decision on your part to offer your code under the license.
Now, if someone does something that makes the code legally a derivative work of GPL code without knowledge of the person releasing the code, the obligation to release the code under the GPL or not at all may be created and breached without knowledge of the person doing the release, but the license still has not attached to your code.
When the breach is detected, you may decide that the best way to deal with the breach is to offer the code under the GPL.
> This doesn't occur for most, non-copyleft code.
Any code, under any license with any obligations attached to redistribution of derivative works -- or which simply prohibits redistributing such works -- can create unexpected breaches when someone includes them in a work without knowledge of the person responsible for the release; copyleft licenses are not at all special in this regard.
> At that point, if it's a derivative work, then your codebase looses its value as it gets GPL'd just because GPL'd code touched it.
No, again, your code base only becomes GPL because you choose to offer it under the GPL. IIRC, the few GPL violation cases (in the US, at least) that have gone to court and not been settled have resulted in fines and injunctions on distributing the GPL-dependent software.
> Note: A former Microsoft employee told me in a prior discussion they identified this exact risk and took steps to prevent it. I never knew if it was paranoia or what could legally happen. Interesting to find last year that my hypothetical scenario actually played out to a degree in FOSS's arch-rival of that period.
The description of the GPL as "viral" was central to Microsoft's PR effort against Free Software in general and Linux in particular.
So, its not really surprising to hear that from that source.
This is the specific concern. The name of the license isn't what people call a virus: it's the obligation it attaches to things.
"copyleft licenses are not at all special in this regard."
Damage to most copyright violations is usually a fine/settlement, publishing source of the component (not app), removal, and so on. Not an obligation to loose one's own I.P. entirely. How many common licenses that cut/pasted code or included libraries might be affected by require redistribution of the application's source in full once it gets in a release? I thought it was a non-zero amount that was pretty low for most sources. Whereas, bumbling around on a site with GPL stuff drives it up singificantly specifically due to copyleft.
" the few GPL violation cases (in the US, at least) that have gone to court and not been settled have resulted in fines and injunctions on distributing the GPL-dependent software."
Now we're talking the actual results. The virus metaphor could be dropped if it was clear that this was the worst thing that could happen and that component would just have to be dropped/replaced with non-GPL stuff. Them doing it that way is certainly reassuring. Trick is, could they instead force app using it to go GPL? Guess it hinges on enforceability of that obligation.
"The description of the GPL as "viral" was central to Microsoft's PR effort against Free Software in general and Linux in particular. So, its not really surprising to hear that from that source."
From an ex-employee mocking that source's stance on GPL as paranoid, to be clear. Not surprising, though.
Legal damage from GPL violations is generally fine and injunction against further release of the software with the GPL-bound components; release of application code under the GPL is typically something that happens, if at all, in a settlement, because the copyright owner would rather do that than pay damages and restructure the software not to depend on the GPL-bound component.
Makes me a bit sad in the wake of MS liberating a lot of stuff lately, like Visual Studio.
Of course not many other companies have the benefit of collecting an OS tax on hardware - I still think I'd prefer eg the AGPL to this.
"GNU OSS" is not a thing. GNU is a project of the Free Software Foundation (FSF), which publishes (and applies) the Free Software Definition.
The Open Source Definition is created (and applied) by the Open Source Initiative (OSI). "GNU OSS" is kind of like "Catholic Protestantism".
reply to undisclosed comment: hey dude, maybe you should disclose that you work on X project in that post where you critize the competitors.
self: "disclosure I work for X company"
Example, show me variables that are incremented, not validated (ie. don't appear in an if statement), and used in an allocation?
One thing that you should know is that your 'appdash' trace links are publicly available. You can see a screenshot here https://www.dropbox.com/s/vfu2sbz2ctlxwsx/Screenshot%202015-...
What if I, as an individual, fork the project to add some breaking features that not all users may want? Who gets the money from those corporate licensors? Am I even allowed to do so? The fair.io site doesn't make it clear and based on what they do say, I'd be extremely hesitant to make anything more than casual use of software under this license.
It seems to me, based on the information on fair.io that I can simply fork the project, offer enterprise licenses for $0.01, or heck, make a fork for my company which is identical to the original but has my logo on it and charge my company $0 for licensing... is there any prevention of this that I'm missing? IANAL but this legal portion here looks flimsy and lacks important definitions, especially with regards to protections from stuff like that.
We have had it reviewed thoroughly by multiple lawyers in several countries, and it was drafted by Heather Meeker, who is extremely well respected. I am not a lawyer myself, but the "hypothetical loophole" scenario you described would involve you making a derivative work of our code—kind of like photocopying Harry Potter and adding some doodles in the margins, and reselling that. That would not circumvent any license or copyright situation.
So you're comparing someone who forked your project to add what could be major features, to someone doodling in the margins of Harry Potter? That's a really optimistic view of the open source community there. But I understand what you're saying, I'm just used to forks being a common practice in the FOSS community, so I expected them to be better accounted for.
You still haven't made it clear what would happen in the case of a fork. Even if they kept it under your license, who gets the money? How do they get paid? How are terms agreed to? Can it not be forked at all?
EDIT: This really applies to any modifications, essentially, say I make some modifications to your code, under what terms am I allowed to distribute them? Is the only way I can go to license them back to you without seeing any of this "fair" profit myself? What if you don't like them and decide not to use them can I redistribute them for free or fee on my own? Is there any way to make the forking and distribution of modifications as casual as it is with so many open source projects under other licenses today?
> Fair Source License functions just like an open-source license
with the only restriction being that I can't use it with over X employees in my company.
If what you're saying is true then I'd highly suggest you reword that, in reality it functions just like a proprietary license except that I can look at the source and maybe send patches to you.
More similar to that of the proprietary JIRA (which will give you source when you buy it) than the open source Gitlab.
Fair Source never works like an Open Source license. It works like (because it is) a source-available proprietary license which allows local (but not redistributed) modifications. Below the use limitation, it is also a free-of-cost license. But it never works like an Open Source license, and it doesn't even work more like an Open Source license below the Use Limitation.
GPL benefits humanity, unfair source license benefits your bank account. Got it.
I've created an issue so I can fix this soon; it's just a link to the trace served by Appdash and the instance isn't actually public so it's not a security issue (just a broken link). Certainly shouldn't be visible to non-devs who can't access it, though. Really appreciate the feedback, let me know if you have more! :)
As it stands, your comment may successfully describe your opinion but it doesn't attempt to contribute to a healthy discourse.