> Open Source and permissive licenses like MIT and Apache bring freedom but don’t protect the business. Companies can try to benefit from it in a predatory way [...]
I get that this post is about choosing a certain non-Free license, but it seems very weird to me to describe businesses leveraging the permissive terms of permissive licenses as "predatory" behavior. Permissive licenses were created in response to hereditary licenses like the GPL specifically to allow the kind of behavior that the author is referring to as "predatory". Blaming anyone but yourself for choosing to license your code with a license designed to enable behavior you don't like seems quite silly.
> Other organizations seek protection by adopting AGPLv3, which many companies have policies against, and selling dual licenses and enterprise features. Those businesses are often referred to as Open Core.
Open core is related to, but not the same as the dual licensing pattern they are describing. Open core is basically the same as dual licensing, but the different licenses actually apply to different sets of software under the Open core model.
Some people release software under a permissive license, people use it according to the terms of that license, and they get mad about it. It’s unreal.
If they want specific behaviors, they should put them in the license or in a contract. Businesses will probably not use it over permissive software, though.
>people use it according to the terms of that license, and they get mad about it
Whenever permissively licensed software is used, is it acceptable to have an expectation that one should be able to use it against the business that originally created it?
If by "use it against the business" you mean "compete with in a proprietary fashion", yes absolutely. As I said in my parent comment, that is the reason permissive licenses exist in the first place. There is no reason to choose a permissive license unless this is the behavior that you desire. If that is not the behavior that you want, you should stop choosing permissive licenses and instead choose a license that aligns with your desires.
If by "use it against the business" you mean in the literal sense, such as using it to access the businesses systems without authorization, using it to harass company employees, etc. then no, it doesn't really matter if they made the software or not.
"Fair Source" strikes me as a great idea, but I see many many people misunderstand the intent, and being mad at the company for not using a FOSS license. However, that was never the choice: The choice was always between "fair source" and "closed source", and I'm glad a reasonably open alternative to closed source exists.
I think it’s a great idea, but I’d love to see a little bit more consideration around labeling one’s licensing scheme as the “fair” one.
Intuitively: if I named my political party “the party without stinky feet,” it’s clear that I’m indirectly saying that other parties do have stinky feet. In a similar manner, labeling yourself the “fair” one indirectly suggests that other licensing schemes, including OSS ones, are somehow unfair.
Open-source licenses absolutely can be unfair. If a company takes your MIT-licensed software and builds a huge enterprise on it and gives you none of the money? That's unfair for you. But with closed-source software, it's unfair for everyone who uses it. So imagine if there were some sort of middle ground. (I'm not currently aware of a good one, lol)
I'm not talking about if someone uses left-pad as part of a billion LOC project, but more like if a company builds its entire stack on top of something like, say, ffmpeg, or ImageMagick, and the original devs never see even a smidgeon of thanks.
Sure, I wouldn't describe that as fair. But that's my point: OSS licenses don't use phrases like "fair": they talk concretely in terms of rights and guarantees, and they leave it up to both parties to determine whether those rights and guarantees are what they want.
I think this can be fair. But I would love to have seen that communicated as "we wrote the license to address the problem of fairness in corporate usage of OSS," not "this is a/the fair license." The latter is a value judgment that isn't universalizable.
I read it at first like the usage of fair was as in quantity, as in a middle ground between fully closed and fully open. But calling it a "medium source license" would probably sound weirder than "fair source".
King Solomon has a thing or two to say about middle grounds :-)[1]
(I agree that "medium source" sounds very weird. Maybe they could have called it the "Availability License" or something similar to emphasize that this is about finding a sweet spot between monetization rights and exposing the source code to the public eye. I don't think that would carry the same baggage as "fair," but it also certainly doesn't have the same marketing flair to it.)
Availability License would probably sound too similar to "source-available" which is often implied to be a lot more restrictive than this model seems to be.
Use without compensation is what an author intentionally signed up for by choosing the MIT license or other FOSS licenses. The marketers are trying to sell this as "unfair", "predatory", etc., as if the authors were too ignorant to understand the implications of their own license choice.
It is perfectly fine to choose Fair Source as a license; that's the prerogative of whoever is writing the code. But don't let these people marketing Fair Source circulate the idea that FOSS licensing is "unfair". It's just another sleazy tactic they're trying after their attempt to redefine open source to include their proprietary Fair Source licensing got rebuffed by the community.
Okay, fine, open source licenses aren't unfair on their own, but making your project open-source can put you in unfair situations. That better?
Now look, I can understand the argument that one should have known what they were signing up for, but so many people just do not consider what they are signing up for, or even do but think that the worst case situation is unlikely, but later find it happening and that they don't actually entirely not care.
I'm sorry but I don't buy that. The arguments between Free Software licenses, open source licenses, proprietary licenses in in all their myriad flavors have been raging in hacker and startup circles for literally decades now. GPL 2 is 33 years old(!). A developer would have to have been living under a rock to be unaware that their license choice directly impacts their ability to monetize their code and, even if they were that negligent, whoever was funding their startup would have warned them.
> A developer would have to have been living under a rock to be unaware that their license choice directly impacts their ability to monetize their code
That's basically exactly what I'm trying to point out though. Many developers make the determination that they don't want or need to monetize their code. Then someone else does it and then they feel it is unfair.
I consider this a perfectly valid way to feel and I don't really consider it a skill issue at the time of choosing the license.
We're still in the hangover period from when VCs would shovel money into open-source startups that had no business model. Fair source feels like a step down from that.
Does is require a CLA? That's the deal breaker for me as distributed license ownership is one of the most important ways free software is kept free. Changing the license of a large free software project should be hard/impossible.
The FSL and other licenses are not special when it comes to how the contributions are managed. In theory every contribution needs a CLA or something similar regardless of where you contribute it accept contributions.
That most projects don’t require that is typically a result of “it doesn’t matter until it matters”.
Not requiring a CLA doesn't necessarily mean you just didn't think of it... you can not require a CLA on purpose. To spread ownership around to enough people to make it much, much harder to change the license. To make the license as sticky as possible.
I think a big reason that CLAs are less common nowadays is Github's TOS which explicitly require you to acknowledge that you contribute under the same license:
> Whenever you add Content to a repository containing notice of a license, you license that Content under the same terms, and you agree that you have the right to license that Content under those terms. If you have a separate agreement to license that Content under different terms, such as a contributor license agreement, that agreement will supersede.
While one can argue that even in the absence of that notice, that might be how it works, there is no real legal agreement to that. You could legally walk back on your contribution and claim that you never gave a license to it. I have seen that happen once indirectly when a contributor informed me that the company that they worked for did not allow the person to contribute.
Having a CLA like this would seem to cover your ass better legaly-speaking, but I'm not sure if either case has been tested in court and so am not sure if it really does help or not.
I've never personally seen a CLA where you weren't signing away ownership, where you were just stipulating that your contributions were under the same license as the rest of the code. Do you know of any cases of this? I'd be curious to see them.
I think the users of these licenses would either have to have a CLA, or have the license explicitly name the company that gets the special rights to make commercial products from it. Otherwise contributors might be able to claim the company isn't complying with its own license.
Perhaps one day we will have a way to monetize software development that works for true Free Software and doesn't require these bullshit openwashing licenses.
This entire proposal is extremely clearly yet another attempt to promote a non-Open Source license in the same spaces, which is why it mentions open source licenses so much. I don't see how anyone could make out that it isn't.
Source-available has a very misleading nature, and as such is commonly used for openwashing. You can read the source, but you can't really do anything with it. That's not how it usually is when you are given access to the source code. Companies such as Anytype market their source-available product as "Open Code" or similar. They are carefully avoiding the term "Open Source", but they still make many ambiguous claims of openness. Tuist is doing the same thing:
> As you might know, we aim to make Tuist a fully open project.
> So I think a fully open Tuist platform could unfold this way: [...]
The intention is clearly to NOT be fully open.
> We can only build the best in class productivity platform if we embrace openness.
They are not embracing openness. They are trying to reap the benefits that come with being open, such as code contributions and a higher level of trust, while not actually being open.
Is source-available more open than closed source? Yes.
Is fair source more open than source-available? Yes.
Is open source more open than fair source? Yes.
I don't see any attempt at communicating otherwise. Nobody is claiming fair source is as open as open source. Fair source is very clearly defined as not being open source, but it is closer to open source than the alternatives, and even becomes open source, and that's a good thing. We should all be happy about that. But people still find fault...
The OSI doesn't have a monopoly on the word "open." It has meaning, and in these cases it's being used appropriately. It's not an attempt at openwashing.
When it's presented as an alternative to being properly open source - as it is here - then it absolutely is open-washing.
> and that doesn't make any sense.
It makes sense to quite a lot of other commenters here. I'm afraid you're coming across as trying a bit hard not to understand the issues being raised.
If you're starting a project with the intent of eventually making it into a business, you use this license and AWS doesn't touch it. If you're starting a project with the intent of always keeping it FOSS, you use MIT and don't care what AWS does.
Sentry's license is a fantastic alternative to just never opening up the source, and that's how we should be thinking about it.
While I'm not quite sure what my opinion on this license is yet, it does appear to try to at least partially address that.
Whether or not you are offering the software itself as a service, the license does not allow it to be commercially offered as a service directly at all.
For services using the software, it prohibits the user making the software available to others as part of a commercial product or service that "substitutes for any other product or service we offer using the Software that exists as of the date we make the Software available", with the "Software" being "each version of the software".
That would seem to mean, for simply using the software, that AWS could continue offering the service, but after that point, would not be able to update to the next version of the software. It seems like the other prohibitions would prevent them from forking it, but possibly not from working around the old version in other code.
In practice, it would likely mean no one would use the software commercially for two years, or would simply use two-year-outdated versions, perhaps with patches.
The Functional Source License says "A Competing Use means making the Software available to others in a commercial product or service that:
1) substitutes for the Software;
2) substitutes for any other product or service we offer using the Software that exists as of the date we make the Software available;
3) or offers the same or substantially similar functionality as the Software."
So if you haven't started your business yet when you make the release, the second criteria wouldn't have any effect. Once you start your business, any release you make after that point would have that restriction. If you change your business, only releases made after you change your business would be restricted in regards tot he new business, and releases made prior would be restricted in regards to your prior business.
Honestly, its a lot to keep track of for a user, and a lot of risk, I would always prefer open source alternatives.
What's the risk for businesses in a dual-license situation? The public can use the AGPL, or the business can get a private license with no viral stipulations at all. Is it just the FUD around a GPL-like license?
(Serious question, as this is the business model I'm pursuing.)
I wouldn't really say there's a risk. It's just inferior to an open core model in most cases. The private license deters independent contributions, the AGPL license prevents small businesses who can't yet afford your system from using it, and large corporations don't care at all that your full source code is publicly available.
I would argue that fair core is, in a lot of cases (not all ofc), superior in the long run to open core, because under fair core, the entire code base eventually becomes open source, unlike open core where commercial features remain proprietary/closed indefinitely. There are pros and cons of both that need to be weighed ofc, but I personally really like fair core.
I like the idea in principle after reading through it - it lines up with a lot of conventional wisdom about how fast software becomes commoditized. But there's a lot of practical aspects of commercial development that I'm not sure really work when your commits go out to the public. How would an FCL codebase, for example:
* Merge a bad change which makes the project worse, because it'll unblock a contract that stands to make your company a lot of money.
* Iterate on support for a proprietary workload from one of your customers, who has not licensed that workload publicly and indeed may consider it a trade secret.
I think the idea that businesses can't use GPL- or AGPL-licensed code is absolutely ridiculous. This false premise seems to be omnipresent in every license discussion.
Part of the problem is: “what can I do with the commercial source?”
The open-source code lets you modify and distribute. There’s either no risk (permissive) or well-understood. Proprietary licenses often don’t allow freedoms like that. So, some of the new licenses are addressing modification and redistribution of source-available, proprietary code.
Far as AGPL, it’s very unpopular even among FOSS users. Just using it almost guarantees less adoption of your code. Whether that’s fair or not, I’m just saying it’s a reality that you might be limiting the impact of FOSS code if it’s AGPL.
> Far as AGPL, it’s very unpopular even among FOSS users
Citation, please. I would say this is very untrue but would like to see the sources of this claim. I hope you are not calling Big tech employees "FOSS users".
So you are talking bullocks as I suspected. Thanks. What I see is the opposite, actually: FOSS users (aka free software developers) prefer the GPL family of licenses and the ones that know and understand AGPL also prefer it.
I don't see why you couldn't use it for non SaaS, the Fair Source License (FSL) [1] they're using here doesn't say anything about hosting, only competition in the form of:
> - substitutes for the Software;
> - substitutes for any other product or service we offer using the Software that exists as of the date we make the Software available; or
> - offers the same or substantially similar functionality as the Software.
I'm not sure what you'd target with B2C, these licenses exist explicitly to allow end users to run their own versions for private use.
Because I am selling to thinkerers so if the license allows redistribution of modified software that say removes limitations of pricing tiers then it is not good.
There's the Fair Core License [0] for projects that monetize self-hosting with commercial features e.g. an "open core"-style project. Is that what you're thinking? Or what's the difference between B2B and B2C in your case?
That's technically correct from a certain point of view. However, that's the debate they're throwing this into, and it's extremely clear that is. It is not reasonable to assume they've said magic words that make this proposal not just another entry in that precise debate. This is 100% an attempt at openwashing.
Fair Source seems great and a really good move forward.
2 years is constant pressure on the creator to be innovative, maintained and secure. Then two years ~public domain compared to Disney's 95 years or patents 20 years.
GPL is somewhat broken, AGPL is so broken it's not fit for purpose, it's un-enforceable.
MIT is amazing, but people need money.
The only concern is if people start forking licenses and making it all a mess. MIT (or freer) matters, a short time period also matters. People need to stick together on one license.
I get that this post is about choosing a certain non-Free license, but it seems very weird to me to describe businesses leveraging the permissive terms of permissive licenses as "predatory" behavior. Permissive licenses were created in response to hereditary licenses like the GPL specifically to allow the kind of behavior that the author is referring to as "predatory". Blaming anyone but yourself for choosing to license your code with a license designed to enable behavior you don't like seems quite silly.
> Other organizations seek protection by adopting AGPLv3, which many companies have policies against, and selling dual licenses and enterprise features. Those businesses are often referred to as Open Core.
Open core is related to, but not the same as the dual licensing pattern they are describing. Open core is basically the same as dual licensing, but the different licenses actually apply to different sets of software under the Open core model.