Great product, but trust is everything when it comes to such a core part of a company. They fucked up, real bad.
I'll use this while we transition away, unless there is a community fork which is sustainable and is firewalled from the morons at mattermost org who fouled this all up
https://github.com/mattermost/mattermost/blob/master/LICENSE...
This means that you can totally fork and patch any restrictions out of the publicly available source code, and there's not a bloody thing they can do to stop it.
Also, from a legal standpoint the "subject to the exceptions" part is bogus, because it is AGPL -- no exceptions can be made to that license, else it would not be copyleft anymore.
Haven't there been CVEs in the product since they forked it in 2024?
/? CVE mattermost https://www.google.com/search?q=cve+mattermost :
https://www.cvedetails.com/vulnerability-list/vendor_id-2145...
There's also Mattermost-LDAP, though it doesn't look like there's a support contract for when compliance is important: https://github.com/Crivaledaz/Mattermost-LDAP
IIRC there are also 3rd party SSO/LDAP/AD adapters for GitLab?
giancarlostoro•1mo ago
trueismywork•1mo ago
giancarlostoro•1mo ago
I love open source software but I also understand the need for proprietary software at the same time. It keeps your lights on and your family fed.
trueismywork•1mo ago
So if a AGPL DB is exposed over intranet only to a closed customer baseclosed customer base need to have the source code.
Like what RedHat is doing.