Edit: just did a bit of digging.
It looks like we have a Retool template that has some fake data in it (https://retool.com/api-generator/). This is an app built in Retool, and has a few thousand rows of hard-coded data.
Most of this fake data is self-generated, but we used the faker.js library (https://github.com/marak/Faker.js/) to generate three datatypes: IP address, avatar, and industry. This MIT licensed library, when used, creates data that links directly to fakercloud (https://cdn.fakercloud.com/avatars/). Here is the code itself: https://github.com/Marak/faker.js/blob/master/lib/internet.j..., and here is a demo that shows the library generating those links: https://rawgit.com/Marak/faker.js/master/examples/browser/in....
I just spoke to the engineers who worked on this project, and we are sorry for including links to fakercloud. This wasn’t intentional, and we just pushed a commit removing all avatars from the template. This is already deployed. I hope you all can understand why we trusted the data generated by the MIT licensed project, and didn’t think it would link to anything proprietary.
I myself am an engineer (and avid HN reader, as evinced by how I found this while reading HN on a Sat night), understand Marak’s frustration, and agree that monetizing OSS is hard. While we’ve already contributed around $10k to various libraries we use (https://opencollective.com/retool), including faker.js, Babel, ESLint, and JSON Schema, I’m going to see if there is more we can do. We’ll be writing a blog post about it this week and I will follow up with more next steps. I wonder whether there is a better way of sponsoring OSS, other than just donating dollars every month? (Maybe we could commit one engineering-day per month for contributing back to OSS libraries we use heavily?) In the meantime, we'll certainly continue sponsoring all the libraries we’re sponsoring already, including faker.js.
(Also: I’m sorry to Marak for not responding to his email re. acquiring Faker. More in this child thread: https://news.ycombinator.com/item?id=27252420)
1) Initial email was sales pitch that did not touch the problem at all. Which retool responded to by the way.
2) CDN is hardcoded into the JS library. Why would you even do that and then shame people? If it’s against the ToS then you need people point to the ToS first. It’s the author’s fault here.
3) MIT license. How many times do we have to go through this. Retool could just fuck off but even before this witch hunt began, they were already donating.
4) Some human communication explaining the problem wouldn’t hurt. Personally I’m more likely to turn down using faker.js now.
It’s worth noting that before the fakercloud.com URLs were hard-coded into the library, the library was hard-coding a different service’s S3 URLs (uifaces.co) and only stopped when they became inaccessible:
So it seems a little unfair to complain that Retool are embedding URLs to your CDN when this library was doing the same thing to UI Faces a few months ago.
people way overreact online
Good luck with this all.
This could be more disruptive than helpful as very few engineers would contribute much one day a month. Would you hire a developer for 1 day per month? They would more likely burden the experienced developers with questions and poor code submissions that need to be reviewed and then forget what they learned a month before.
In an a bit odd way, this time, donating to OSS, resulted in "bad press" at least for a while.
I hope things will end in a good way, somehow, for everyone
I don't think your company did anything wrong. The CDN is hard codes into the library as far as I can tell.
Ultimately there are two separate issues.
1. The CDN thing, of course.
2. The open source monetization never ending problem.
The first can be fixed with a simple change to the library. The second your company is already trying to help in part. Ultimately open source is not easily monetizable...
I believe there is a bias people have of viewing (somewhat ironically) things in terms of a “David vs. Goliath” lens. Everyone loves rooting for the little guy, even when the little guy is objectively incorrect.
Hope your weekend goes better than it has been so far! Retool is an excellent product by the way :)
You promised this last time. Why is a post on Hacker News any different than a private email?
(FWIW, I typically receive 50 - 100 sales emails every day. I do try and reply to the ones that look interesting, but I do forget to follow-up sometimes if we're not interested! This does not excuse my behavior in this particular case, and I’m sorry to Marak for not following up.)
Especially since Faker.js doesn't do anything that much useful which can't be replicated in trivial time. You use it because it's available, like we all do with MIT licensed libraries.
> I do try and reply to the ones that look interesting, but I do forget to follow-up sometimes if we're not interested!
Don't use a license that's more permissive than you're willing to tolerate.
It's absurd to me for a project to publish something with a 100% open source license and then complain when somebody tries to profit off of it.
Doesn't really matter how egregious or large the perpetrator is. If you want exceptions, write it into the license. People want the goodwill that comes with open source, without accepting the consequences.
That being said, I do empathize with the plight of the author. Perhaps they were naive to this possibility.
The cost of using GPL licences is that any changes you make to it everybody gets to have and anything you create with it has to be licensed under that licence. It was designed to create a viral effect so that free software remained free and that people could make money from those who didn't like free.
The MIT licence says "I have tenure in some organisation that is getting its money from something else and which can pay me to spend time on this".
Does GPL ever work this way? In practice, GPL discourages corporate (=widespread) adoption, driving down the quality of open-source software, and creating the market for paid closed-source software (which is often worse than open-source software, but packaged better). I'd love to see cases where a GPL-dev successfully negotiates a reasonable "cost-plus" arrangement with a company for a non-free license.
Your analysis of the MIT license is spot-on, btw.
So at least in my experience, yes dual-licensing can work
On the contrary, GPL tends to be associated with software from the era that predates the new "social coding" phenomenon. The tendency of folks whose first contact with OSS was GitHub and who are most likely to choose the MIT License usually give us brittle, highly niche devops boondoggle that is the byproduct of their responsibilities at their dayjob and that gets abandoned a couple years after being pushed out to GitHub (when the creator realizes the futility of trying to convince other programmers churning out corporate boondoggle that they or their company should pay the creator for their contribution to the mudpie).
isn't that a contradiction? How can it be worse, but packaged better, if the packaging is what people are paying for?
> GPL discourages corporate (=widespread) adoption
and i believe this is because most GPL software doesn't provide enough value over the cost. But for MIT style licenses, there is zero cost, and thus, adoption must be high by the laws of supply/demand!
In other words, the excess value provided by the software under an MIT license is extracted and kept by the corporations using it. GPL licenses forces some sort of non-monetary compensation in the form of contributions, and thus, the corp cannot extract and retain the full value of the software (and hence, they correctly decide to make a cost/benefit analysis, and choose the most profitable decision).
No, this is false.
- You can use a GPL library without making changes and contributing anything upstream
- You can use a GPL library internally and make changes without contributing anything upstream
- You can use a GPL library, make changes and distribute it to 3rd parties and, only in that case, you simply have to share the changes with the 3rd parties. [Not with upstream]
which is fine - your usage of GPL software doesn't affect anyone else. If you decide to charge for it, that's OK too - since if the market exists for such software, the price would equalize to the break-even point of the cost of production.
> You can use a GPL library internally and make changes without contributing anything upstream
If it's "internal", aka, not visible to the outside world, then that's fine too. There's no effect from anyone else's perspective.
> You can use a GPL library, make changes ... share the changes with the 3rd parties
This is the point i was trying to make - in this case, where you make changes, you have to share it. Even tho it's just the 3rd party, this 3rd party has the right to distribute these changes. And anyone that has access to the software is also the 3r party.
So, in other words, if you have visible effects to the outside world with your (changed) GPL software, you are effectively bound to contribute those changes for free, or relicense with the owner to hide those changes.
it works very well for Qt
I have never worked at an organization that does not use GPL software in some way. It discourages shipping GPL components/dependencies in binaries which is the whole point of the license.
Here's another opinion I've been mulling - the emphasis on FOSS is actively damaging to our community and we need to take steps to end it. We're highly trained professionals who often sacraficed a lot to get to where we are. Having this culture of giving away our professional work for free - often to people and organizations who can readily afford to pay for it - borders on masochism.
Instead of constantly singing the praises of open source, we should be encouraging a deep level of self-esteem in younger engineers by encouraging them to "know their worth".
There are of course clear and obvious benefits to FOSS - like no licensing friction and better security - but we have to find a sustainable way to reward the developers. Little donations here and there aren't going to do it either.
i would differ in my opinion, because it's not the 'singing praises' that's the root cause, but that the creator of said FOSS library expecting money in some form for having provided value up front (either contributions or donations etc).
That's an expectation that will never live up to reality.
> we have to find a sustainable way to reward the developers
this exists already - charging for the software you develop. Or, develop a business model around the software - aka, the software is free, but is just the bait for consulting business.
To be specific - I think a good argument could be made for free development in the service of the underprivileged or other altruistic causes. However, a large portion or most development ends up benefitting large public corporations who make large profits. But because, as a culture, we encourage this work, we have basically set ourselves up to be exploited.
I recognize that this is an unpopular opinion and is difficult to make well, in a thread, without being downvoted. But I think there is always value at questioning our underlying cultural assumptions.
All this "it's not real OSS" bullshit needs to end. People who make libraries like this gotta eat.
Most Fortune 500s are using Faker in some capacity. The scope of the Faker project is not small... Who pays for Faker development? No one... Most of these donations are from fellow developers, and not enterprises or corporations.
I don't think there's a single OSS license that'd force corps to pony up. Too restrictive terms and they'll simply go looking elsewhere.
Google does OSS right. Open source to commoditize your competitor's advantages, not to strengthen your own.
I guess the lesson is don't be that guy whose business plan is
1. Write FOSS
There is no such license, and there can't be. Just as a license that prohibits use by the military can't be open source, neither can a license that prohibits use by, or requires payment from, corporations.
Dual licensing under GPL (or AGPL) and a commercial license is the closest you'll get, and it relies on the aversion many corporations have to the GPL, rather than adding restrictions per-se.
Redis and Elastic tried something Frankenstein by mixing Apache and custom license code in the same repo, which spooked them and the community for good measure, with Elastic, later, notoriously doubling-down on "open" with SSPL.
Of all the source-available licenses, I like BSL by MariaDB, better.
"If you can't see the image, Retool's new service is using images hosted from fakercloud.com"
There's a difference between using someone's software and using someone's servers.
But it seems very similar in concept to automated web scraping, which has been deemed legal in the US.
Writing restrictions into the license makes sense in theory. Actually enforcing that license against an uncooperative company will take far more time, money and effort than most people are willing to spend.
Certainly an individual dev could pull in a library with a non permissive license without the broader business being aware. Or, I do agree, there may be particularly corrupt companies that knowingly violate terms of a license... But that's going to be less common than not.
Having worked for big tech, I can assure you they are very strict with licensing.
In this case it's a fast and loose startup, so I agree that it may have happened regardless. But at a certain scale these kind of things will be caught.
But you're not going to get AWS cloning your project if your license doesn't permit it.
That being said, AFAIU violating the GPL of the Linux kernel is very common in the embedded world. A lot of that is made in places largely out of reach of Western IP laws, and by the time anybody gets around to do something, the fly by night company responsible has ceased existing, replaced by a new company currently working on a device five generations ahead, again committing GPL violations.
which means either the market they serve don't care, or don't have enforcement within reach of the western courts. But then, them "stealing" GPL nor not won't really affect the owner of the GPL software, since the world would've been the same to them whether the fly-by-night company violated them, or did not exist in the first place.
We need something like this in spirit but which uses a legal mechanism thats more reliable.
I'm not aware of widely used templates for this kind of license, but definitely needs to become more common.
There should be a non-profit-software Linux distribution that is only for non-leeches. But as it is, the OSS landscape favors corporations.
I'm beginning to wonder how much that software-needs-to-be-free propaganda has been spread in the 90s and early 00s by the beneficiaries (corporations and foundations).
Not so much an issue with them using faker.JS, though honestly companies should do more to pay for development of these kinds of libraries that they depend on, it isn’t the core issue here
Which by the way is a great service if you are in the market and would fully managed fake data api
If faker.js, an open source library, creates links to fakercloud.com - a for-profit offering, then someone who is merely using faker.js isn't falling afoul of the fakercloud.com TOS since they were never even presented with it in the first place.
But if so, then definitely a problem. They would then have a valid legal case against the company, I assume.
Please nobody hear listen to this guy. I don't want to live in that world.
There are simply those who choose to accept it and those who don't!
If you don't want people to make money off your software, or use it a certain way, don't put it under a license that says it's fine to do so.
Recognizing this fact and operating with that as an assumption is important.
E.g., if the author is obviously asking for sponsorship to maintain the project, as a major user/customer, you should consider a donation. Otherwise, you should be stripped of the benefit of the doubt, regarding the question, whether you are a civil person or not. Likewise, you shouldn't engage in actions, which are prone to doom (economically or otherwise) the project you're profiting from.
1. If you wanted Retool to stop using your service, you should have said it up front instead of beating around the bush. From what I can gather from your emails, you sent their CEO a random sales pitch and he ignored it. Hard to fault him for that.
2. I love faker.js. I have used it in the past, and I'm sure several teams in my company use it today. I would, however, never ever pay for your cloud service, simply because taking a dependency on a third party hosted website to run unit tests is madness. The old school corporate software licensing model might be losing favor, but that does not mean it isn't apt for any use case. If faker.js was still downloadable but needed a license key to run I'm sure people would pay for it. It would probably be the easiest thing in the world to bypass, but the same Fortune 500 companies you mention would gladly break our their checkbooks rather than risk getting sued.
I.e. not first finding out if it's something people want to pay for, before building the SaaS.
A mistake that's easy to do
A limited defense. I've only ever seen browsers respect CORS.
The server can inspect the Origin header, and if the maintainer doesn't want to support the domain, then don't send the CORS Access-Control-Allow-Origin response header.
It isn't hard to figure out what he really wanted: Some compensation for a product that has been used in a parasitical (but legal) manner.
"Hi X, I'm so and so of Faker (link to some info) and you guys are violating our TOS by reselling our API and hosting the generated content on our CDN. I assume this is a misunderstanding and I notice you've sponsored us in the past, so I was thinking there is a mutually beneficial way for us to resolve the issue. <insert the pitch he already sent> If this sounds like a good way forward let's set up a meeting."
Instead of like a random sales pitch, without the concerning context that he kind of got lucky he even got a first response e-mail to, that doesn't even mention the issue. And then if he wasn't satisfied with the response then he could have sent a follow up demand, asking Retool to resolve the situation and fly within the TOS.
Instead Marak was completely indirect and then when the completely predictable situation of Retool's CEO not reading any more into the situation happened went on full blast in public of Retool.
This is an example of how not to solve issues with other human beings and organizations.
They aren't tho.
So let's review the title:
> Retool is reselling our API...
According to TFA, they are not selling it.
> ...without permission
Except that your MIT license is permission.
I noticed the CEO has shown up here to say he's looking into it. I genuinely feel bad for him. Imagine that conversation.
"Guys I hear we are using this open source project and people say we shouldn't"
"....yeah? It's open source. It has an MIT license. What's the issue?"
"Apparently that person didn't REALLY mean for it to be open source, and now a bunch of people on an internet forum are upset."
"Do any of them pay us?"
"A couple I think? Two said they might stop paying us."
"....I'm confused boss, what did we do wrong?"
Now imagine that conversation having to happen and this worry happening every time someone decided they want to use a FOSS library or API for their work.
Can't imagine why OSS is having trouble.
(Since Retool is a YC co, I initially hesitated to do that because of the principle described here: https://hn.algolia.com/?dateRange=all&page=0&prefix=false&qu.... But since the submitted title doesn't appear anywhere in the OP, I ended up going with standard HN moderation in this case.)
So, they are not Amazon blatantly ripping off some oss company, infringing on a brand name, and offering a me too service. This is a very simple case of a company using an oss library licensed to them under the MIT license in good faith. They even paid for it, which they are not required to do. Companies doing the right thing here is something positive and it should not be expected just received graciously.
Now as for OSS being hard to monetize; some of it is. Some of it does pretty well and some companies have raised hundreds of millions, IPOed or been around for many years selling, supporting, and providing OSS. Most OSS is not like that. By design OSS software is about taking low value commodities and doing a great job of them and providing it for free so we can all focus on adding value elsewhere and solving more valuable problems.
Retool are a great example of a company that figured out a way to add value that their customers are willing to pay for and investors are willing to back. They of course use OSS, just like just about any commercial entity developing software. They probably have numerous dependencies on all sorts of things. Name me a software company that does not do this. This is completely normal in our industry. There is absolutely nothing amoral about it. Faker.js is basically considering themselves more special than all the other packages Retool no doubt also depends on. Why?
Most OSS developers have no illusions or expectations of revenue. I know, because I'm one of them. It's my way of saying thank you for all the OSS I depend on myself. I actually once wrote a little Java library called inbot test fixtures, which is a very simple test data generator not unlike faker.js (in the small): https://github.com/jillesvangurp/inbot-testfixtures. A tiny amount of people got some value out of that over the years. Good for them. The original account for that is long gone (the startup failed) and I moved the code base to my private account and it's technically one of my less popular efforts. However, it's code I wrote because I needed it and I recognized it as non core, non differentiating for our product. So, I put it out there as OSS. The backbone for the library is actually somebody data provided by another github project. I actually reused the library in my latest startup and it saved me time not having to reinvent that wheel.
I've done that with other stuff over the years as well. My philosophy is that most software is low value and hard to monetize like that and therefore is best served as OSS so that you maximize its potential.
It doesn't stop the needy from having the food just because Olive Garden also benefited.
Retool is using faker.js in their app, which is MIT. It also looks like the URLs to fakercloud.com CDN are hardcoded in the library  so I doubt this was intentional from the Retool dev.
They even have a shout out for faker.js in the “How we built this” box 
Clear communication that hasn't happened yet.
Copyright 2004-2005 Jason Kohles, GPL-1/Artistic --- https://metacpan.org/source/JASONK/Data-Faker-0.07/lib/Data/...
Copyright 2010 Marak Squires, MIT --- https://github.com/Marak/faker.js/blob/a9f98046c7d5eeaabe12f...
Looks too me like you are really butt-hurt about other people ripping you off, but have no problem doing the same yourself.
The enterprise plan for Faker Cloud is $500/month . Retool donate $500/month to Marak . I understand that the donation is not the same as paying for the service. But it seems pretty shitty and greedy for Marak to complain about this, _even if_ Retool were in the wrong (Marak could have tried to resolve the issue with them properly, first, before starting a witch hunt).
Don't bite the hand that feeds you. This sort of thing really disincentivises me from wanting to donate to or use this project. Personally, I would completely support Retool stopping using faker.js and pulling their donation - but of course they can't do that since it'd be a PR nightmare.
EDIT: I see that Open Collective reports that Retool's donation to faker.js has been cancelled. I assume that it will be reinstated per David's comment . But as I said above I wouldn't blame them for cancelling it.
 "In the meantime, we'll certainly continue sponsoring all the libraries we’re sponsoring already, including faker.js." https://news.ycombinator.com/item?id=27252331
I am a user of retool but for companies with access to your data you expect a bit of integrity. Would be really interested to know what retools response is.
You should follow up a couple of weeks from now on HN if nothing happens.
But everything else is.
You don’t want startups using your IP? Don’t license it to them for free with no restrictions. Duh.
1) Write open source code
1. Have paid service.
2. Have free MIT software that violates the TOS of your own paid service.
3. Comes along a company, uses your MIT software as is.
4. Whine for money, because your TOS is violated.
Using images from Faker's CDN is scummy and potentially illegal, but fairly minor overall.
Would it be a good option to relicense the project under the AGPL/SSPL or whatever licenses (how MongoDB/Elastic/Anaconda have done) to get credit?
What's amazing to me is that they're using his CDN. Does this company have such terrible code review that they forgot to use their own CDN? Definitely makes me think twice about the quality of Retool's software.
Still something Retool should have caught, but a poor choice on Marak's end too
Better to be direct. I think it's very possible the CEO did not fully internalize what you were implying by stating they're using your CDN, etc, and instead it just seemed like a sales email.
For serverside software I want to monetize (so maintaining the software is sustainable, and so I can support myself) I'm increasingly leaning towards things like the Business Source License. I like that it allows pretty much everything e.g. Apache 2 does without allowing other companies to just rob me of my monetization strategy. Yes, it is not open source. But it allows others to self host my software and paves a way for the software to be _eventually_ open source.
Honestly, it's time for people to realize that companies are the primary beneficiaries of open source, for server side software, and react accordingly. For me, software is about allowing others see my code and use it for their own purposes. I don't make software so for profit companies can screw me over.
The idealism of open source in the server side space only serves large corporations. Go extreme copy left or go source-available or enjoy working for free.
If Retool sees that their customers don't care enough to leave because of this, then why would they bother making things right?
Always amazes me how intent people are at trying to frame comments in the least charitable way possible. We all support this person getting paid for their work. End of story.
Also I noticed that the tool that is referenced in the blog post no longer contains the "Avatar" field.
No more free work from Marak - Pay Me or Fork This
Monetizing open source code is normally not problematic at all.
Actually it sounds like you gave them permission, then regretted it.
This is probably retool using faker assets for testing and forgetting this in production.
How many other OSS libraries are they using? If Retool should get 10x that amount, how much should they be paying out to every other library author that published an open source/free-as-in-freedom library?
Can't blame Retool for deciding $500 is adequate, when the author's advertised price for Faker is $0.
It's like something out of Curb Your Enthusiasm: "I don't want money" means "I want money". And "anything helps" means "actually anything below UNSPECIFIED AMOUNT is insulting". Like, how the F do you deal with such people? It's just bait and switch blackmail.
And I’m not charitable to retool. They’re opportunists. But they were provided with a screaming opportunity here.
It’s like getting naked, rubbing some condiments on yourself, going to the woods and screaming EAT ME. Eventually something will start chewing on you, and then you start whining about how unfair life is? Please.
If so, do your TOS prohibit reselling?
If so, call a lawyer. If not, rewrite your TOS, then call a lawyer.
Serving shock images or other rude content is just the particular mitigation that makes me giggle.
> We need some sort of open source software developer's union
Maybe "union" isn't the right word, but I feel it could be a powerful force if a group created a github app for solidarity amongst maintainers, that hundreds of FOSS maintainers could authorize to submit license-related PRs against their projects. It could collectivize and streamline the effort of swapping or amending licenses, and seeking permission from contributors for such changes.
How impactful might it be if the "union" could exercise the threat of a banhammer of sorts, so that (at least in theory) in one fell swoop, it could initiate a license clause that targeted very specific conditions (e.g., "Fortune 500 companies no longer get free license"), or maybe even singling out very specific companies in particularly egregious situations.
I wonder if the threat of solidarity amongst FOSS maintainers and consequences would lead to companies starting to play it safe and simply start being better stewards
Even just the threat of the infrastructure for such a thing existing might have an effect, even if it's very rarely engaged.
Retool is paying a fakercloud subscription and using it to power their product which does not sounds like an issue at all?
Now I have launched https://currents.dev, which is based on (MIT-licensed) sorry-cypress, which resembles (paid) Cypress Dashboard, that monetizes (MIT-licensed) cypress tests runner.
You use a hammer to set a nail in wood, you don't use a feather. If you try and fail to set a nail in wood with a feather, then the problem isn't failure to set the nail, the problem is you chose a feather for the job.
If you want to make money with software, then offer/license it in a way that requires payment - problem solved.
 Open Source Doesn’t Make Money Because It Isn’t Designed to Make Money | Hacker News, 2019. https://news.ycombinator.com/item?id=19431444
There needs to be some way to balance these interests that do not end up with someone working their ass off for absolutely nothing. Particularly enterprise users of FOSS can afford to pay up. In my experience, developers in those companies want that to happen too, but it simply can't be justified to business.
This will keep going for a few years until every single person willing to put in the work is either burned out or has changed to a more copyleft license. We're starting to see that with less trivial projects already (Databases going BSL, Grafana Labs switching to AGPL)
Developers: think long and hard about the license that's right for your project before you push out to the world. I can't help but feel that free/open source software has become a lot less altruistic in the era of Github. We gained quantity and quality, but lost something else that's difficult to express: innocence? Not every project needs to be a job/startup/foundation (cue Left-Pad LLC). I daresay, not all projects ought to be monetized, period.
Well there's the first problem. For cloud stuff you should be looking at AGPL if you dont want this to happen
You are going through exactly what Elastic went through but on a bigger scale.
I hope the community is kinder to you then Elastic which was broadly ripped apart for changing their licence to stop this kind of (ab)use by AWS.
I on the other hand would fully support it if you did decide to do that.
If anyone is interested I've written more in more detail about that here: https://ognjen.io/turns-out-elastic-arent-the-bad-guys/
However, as many have said - Marak's email to David is salesy.
And the blog is perhaps a way of mild marketing of fakercloud.com (reminds of hey.com)
What were they thinking?
This needs attention though that's for sure. I'm sure at least one of the Retool engineers read Hacker News so hopefully that will help get traction.
I happen to be in the market for this service and it cropped up when I was doing research and felt it prudent to share with the rest of the industry
We are quickly made aware that we are reading an article made by the author of faker.js. The facts are laid out, mostly without embellishment. Though we understand the author is biased, they leave it to the reader to form their own conclusion. Overall, I appreciated how I was treated as a reader while reading this piece.
As for the matter at hand: despite the MIT license's permissive attitude in this case, it just speaks to the company being complicit somehow in... I don't know what to call it? Shady-ness? I hope you find a worthwhile resolution.
Note that in the initial email spurned on by the actions of the company, the concern with them using the paid service to generate a free service is not mentioned at all. Just a sales pitch for a product. He is lucky he even got a response.
A proper email would have directly addressed the concern the author actually had. But he didn't do that. He didn't say "you guys are using my service to provide it to others for free" he said "hey I see you guys use my product, want to buy it?" And then when they didn't he wrote an article about how they're basically stealing from him.
Thanks for the write-up, Marak. We've been using Faker for years (?) and will look into supporting you via GitHub ASAP.
Now I have launched https://currents.dev, which is based on (MIT-licensed) sorry-cypress, which resembles (paid) Cypress Dashboard, that monetizes (MIT-licensed cypress tests runner.