Hacker News new | comments | ask | show | jobs | submit login
Tandem – Decentralized, cross-editor, collaborative editing (github.com)
110 points by geoffxy 10 months ago | hide | past | web | favorite | 21 comments

"Licensed under the "Lightly-Modified Apache License", a variant of the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License."

So... the additional term is understandable, and sane. You don't want bad forks to break your server. Though it could've been largely left out of this: You could've simply stated that forks are not authorized to use the central server as terms of the server itself, and left the code under an approved open source license.

But the weird bit here is that the license file can only be used in accordance with obeying this software's license... does that mean that the "Lightly-Modified" Apache license is not, in itself, open source? Like, is this meant to read as "Nobody else may release their own software under this license"?

This license is most definitely not Open Source.

The right place for this term is in the terms and conditions for using the hosted server provided by the project, rather than in a software license.

The particular topic I find interesting is whether or not they are trying to claim the license they're using can't be used by other software projects, which would be super weird. As if the license itself was the intellectual property they felt needed to be protected.

"you may not use this file except in compliance with the license" is part of the Apache License boilerplate: https://www.apache.org/licenses/LICENSE-2.0#apply

Interesting. Did not know/notice that. ...Now I kinda wonder why that is.

It took me a few times of reading carefully to understand their intent. The wording itself is absolutely atrocious and far reaching in comparison.

Honestly, just leave out the default config and have a ToS on the hosted server instance itself. Or just ask for a few donations to pay for direct costs and disable relaying.

Hey everyone - thanks for bringing this up!

As some of you have deduced, the reason we added the extra clause was because we were concerned about supporting modified clients on our rendezvous server. We want to provide a good user experience for everyone using Tandem, and it would be difficult to do that by supporting modified clients as well. Like you pointed out, we don't want potentially bad forks to cause problems for others. The spirit of the license was not to stifle the abilities of others to contribute to or distribute Tandem.

With that said, we’ve heard your feedback and agree that this kind of stipulation is better suited for a terms of service on the server we host. So we’ll be switching to the unmodified Apache 2.0 license and adding a terms of service to request users of modified versions of Tandem to use their own hosted server.

From my point of view the term holds another problem. It sounds like you can't use/host the provided "Rendezvous Server" at all and must also write your own to connect the people.

I definitely don't read it that way. But I suppose that's part of the problem with writing your own license modifications: They may be open to interpretation, whereas most common licenses are already well-understood.

Very cool! It’s awesome to see such a clean design of the separate parts here. I have high hopes and will try this out tonight.

Similar projects in this space:

- Floobits, a similar multi-editor plug-in: https://floobits.com/

- Visual Studio Code Live Share, which also shares all your autocompletion stuff too: https://code.visualstudio.com/visual-studio-live-share

Libinfinity already does application-independent collaborative editing and it's not crippled by the license and it's also free from node.js


Would it be possible to implement a plugin to Intellij which uses this and achieves sth. similar to Floobits?

I hope that somebody will build an emacs plugin and that Linux will be officially supported. Thumb up for self hosting the server. It might be more difficult to get started but there is no real need to have dozens of third parties look into our code.

I'm wondering how this works.

At what level does it interact with the editor?

How does it ensure that the state of the editor is eventually consistent across users?

Does it maintain a copy of the state of the editor?

Is it somehow able to peek into the state of the editor?

It's not in any way a problem for this project, but that name has an interesting history in computers:


"Decentralized" is always an anti-feature in products like these. It always ends up as a lot of cost for little user benefit. A centralized server always works better and is easier to deploy and support.

Sandstorm.io (and similar decentralized app platforms) was literally made for when you have a niche little app you want to self-host, without all the effort of self-hosting that app. :) Probably a good example use case here.

That being said, it looks like it attempts to go peer to peer and only uses the server if it has to?

Is it peer-to-peer as in a direct connection between me and my colleague, or is it a mesh that includes strangers? If it can work between just me and my colleague, that feels more likely to be secure. I have no idea how sniffable or spoofable their protocol is, but it's a lot harder to man-in-the-middle if there's no middle.

It’s a direct connection, but you can have a secure central server on your own hardware. It may not be secure against the NSA or whatever but it’s a lot more usable than trying to punch through NAT and whatnot.

Looks neat, the only thing putting me off is that it requires nodejs and there’s no way I’m installing that pig of a thing on my workstation.


Guidelines | FAQ | Support | API | Security | Lists | Bookmarklet | Legal | Apply to YC | Contact